Our SAML2 service provider (SP) needed metadata without a validUntil attribute, as our server does not provide a MetadataValidDuration. In crewjam/[email protected], the library always emits validUntil (set to TimeNow().Add(DefaultValidDuration)), causing crashes (panic or invalid XML) when MetadataValidDuration is nil. To fix this, I modified the library to allow validUntil to be nil by introducing a constant METADATA_OMIT_VALID_UNTIL = -1, which omits the attribute in the metadata XML. This required changes to use *time.Time for ValidUntil and *time.Duration for CacheDuration, with careful handling to maintain backward compatibility.

According to the SAML 2.0 metadata specification (saml-metadata-2.0-os, §2.3.2), both validUntil and cacheDuration are optional (use="optional" in the XML schema). The spec (§2.3.1) states that a root EntityDescriptor MUST have either validUntil or cacheDuration, but the schema does not enforce this, and many implementations omit both. My fix ensures spec compliance by allowing validUntil to be omitted, preventing crashes in cases like ours.
Additionally, I noticed that crewjam/saml sets validUntil on both EntityDescriptor and SPSSODescriptor. The spec (§2.3.1) recommends placing these attributes only on the root element, though it allows role descriptors for specific cases (e.g., multiple SPSSODescriptors with different expirations). Is there a specific reason for including validUntil on SPSSODescriptor? If not, it might be worth aligning with the recommendation.

Proposed Fix:
Changed ValidUntil to *time.Time and CacheDuration to *time.Duration in EntityDescriptor and related structs.

Added METADATA_OMIT_VALID_UNTIL = -1 to signal omission of validUntil.

Updated XML marshaling/unmarshaling to handle nil values, omitting attributes when appropriate.

Preserved compatibility by defaulting to DefaultValidDuration when ValidDuration is nil.

Suggestions:
Could a boolean flag (e.g., OmitValidUntil) replace METADATA_OMIT_VALID_UNTIL for cleaner configuration?

Should validUntil be removed from SPSSODescriptor to follow the spec’s recommendation, unless needed for specific use cases?

I’ve implemented this in my fork (wz2b/saml) and can submit a PR with tests (e.g., verifying XML output without validUntil). Would this fix be valuable for crewjam/saml? Any feedback on the approach or alternative solutions?