public function validate(Assertion $assertion, Result $result)
{
$sessionNotOnOrAfterTimestamp = $assertion->getSessionNotOnOrAfter();
$currentTime = Temporal::getTime();
if ($sessionNotOnOrAfterTimestamp && $sessionNotOnOrAfterTimestamp <= $currentTime - 60) {
$result->addError('Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.');
}
}