You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/03/22 11:14:10 UTC
[2/2] cxf git commit: Finished Java 8 DateTime work
Finished Java 8 DateTime work
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/06588cac
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/06588cac
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/06588cac
Branch: refs/heads/master
Commit: 06588cac671464bb900453919cad18b3e47a8d4b
Parents: a4b9845
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Mar 22 10:50:48 2017 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Mar 22 10:50:48 2017 +0000
----------------------------------------------------------------------
.../cxf/rs/security/jose/jwt/JwtUtils.java | 38 +++++++-------
.../filters/AccessTokenIntrospectionClient.java | 5 +-
.../oauth2/filters/JwtAccessTokenValidator.java | 5 +-
...AbstractRequestAssertionConsumerHandler.java | 9 ++--
.../security/saml/sso/AbstractSSOSpHandler.java | 14 ++---
.../saml/sso/SAMLSSOResponseValidator.java | 22 ++++----
.../security/saml/sso/SSOValidatorResponse.java | 14 ++---
.../policy/interceptors/STSInvoker.java | 11 ++--
.../SecureConversationInInterceptor.java | 9 ++--
.../SpnegoContextTokenInInterceptor.java | 9 ++--
.../security/tokenstore/MemoryTokenStore.java | 8 ++-
.../ws/security/tokenstore/SecurityToken.java | 9 ++--
.../ws/security/trust/AbstractSTSClient.java | 10 ++--
.../cxf/ws/security/wss4j/WSS4JUtils.java | 9 ++--
.../policyhandlers/AbstractBindingBuilder.java | 19 ++++---
.../AsymmetricBindingHandler.java | 9 ++--
.../StaxSymmetricBindingHandler.java | 9 ++--
.../policyhandlers/SymmetricBindingHandler.java | 29 +++++------
.../policyhandlers/TransportBindingHandler.java | 11 ++--
.../tokenstore/MemoryTokenStoreTest.java | 7 ++-
.../cxf/sts/cache/HazelCastTokenStore.java | 8 ++-
.../cxf/sts/operation/AbstractOperation.java | 21 ++++----
.../provider/DefaultConditionsProvider.java | 12 ++---
.../cxf/sts/token/provider/SCTProvider.java | 13 +++--
.../provider/jwt/DefaultJWTClaimsProvider.java | 20 ++++----
.../apache/cxf/sts/operation/IssueUnitTest.java | 10 ++--
.../cxf/sts/operation/RenewSamlUnitTest.java | 10 ++--
.../token/provider/JWTProviderLifetimeTest.java | 54 ++++++++++----------
.../provider/SAMLProviderLifetimeTest.java | 54 ++++++++++----------
.../renewer/SAMLTokenRenewerLifetimeTest.java | 42 +++++++--------
.../token/renewer/SAMLTokenRenewerPOPTest.java | 13 ++---
.../renewer/SAMLTokenRenewerRealmTest.java | 13 ++---
.../sts/token/renewer/SAMLTokenRenewerTest.java | 13 ++---
.../token/validator/SAMLTokenValidatorTest.java | 12 ++---
.../systest/sts/batch/SimpleBatchSTSClient.java | 10 ++--
.../cxf/systest/sts/caching/CachingTest.java | 5 +-
.../stsclient/STSTokenOutInterceptorTest.java | 5 +-
.../sts/stsclient/STSTokenRetrieverTest.java | 5 +-
.../cxf/xkms/x509/validator/DateValidator.java | 7 ++-
.../security/jose/jwt/JWTAlgorithmTest.java | 36 ++++++-------
.../security/jose/jwt/JWTAuthnAuthzTest.java | 12 ++---
.../security/oauth2/common/OAuth2TestUtils.java | 9 ++--
.../grants/AuthorizationGrantNegativeTest.java | 9 ++--
.../security/oidc/IdTokenProviderImpl.java | 9 ++--
.../jaxrs/security/oidc/OIDCFlowTest.java | 6 +--
.../jaxrs/security/oidc/OIDCNegativeTest.java | 6 +--
46 files changed, 329 insertions(+), 341 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
index 844c229..9ea3904 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
@@ -18,7 +18,7 @@
*/
package org.apache.cxf.rs.security.jose.jwt;
-import java.util.Date;
+import java.time.Instant;
import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
import org.apache.cxf.message.Message;
@@ -49,12 +49,12 @@ public final class JwtUtils {
}
return;
}
- Date rightNow = new Date();
- Date expiresDate = new Date(expiryTime * 1000L);
+ Instant now = Instant.now();
+ Instant expires = Instant.ofEpochMilli(expiryTime * 1000L);
if (clockOffset != 0) {
- expiresDate.setTime(expiresDate.getTime() + (long)clockOffset * 1000L);
+ expires = expires.plusSeconds(clockOffset);
}
- if (expiresDate.before(rightNow)) {
+ if (expires.isBefore(now)) {
throw new JwtException("The token has expired");
}
}
@@ -68,15 +68,14 @@ public final class JwtUtils {
return;
}
- Date validCreation = new Date();
- long currentTime = validCreation.getTime();
+ Instant validCreation = Instant.now();
if (clockOffset != 0) {
- validCreation.setTime(currentTime + (long)clockOffset * 1000L);
+ validCreation = validCreation.plusSeconds(clockOffset);
}
- Date notBeforeDate = new Date(notBeforeTime * 1000L);
+ Instant notBeforeDate = Instant.ofEpochMilli(notBeforeTime * 1000L);
// Check to see if the not before time is in the future
- if (notBeforeDate.after(validCreation)) {
+ if (notBeforeDate.isAfter(validCreation)) {
throw new JwtException("The token cannot be accepted yet");
}
}
@@ -90,25 +89,24 @@ public final class JwtUtils {
return;
}
- Date createdDate = new Date(issuedAtInSecs * 1000L);
- Date validCreation = new Date();
- long currentTime = validCreation.getTime();
- if (clockOffset > 0) {
- validCreation.setTime(currentTime + (long)clockOffset * 1000L);
+ Instant createdDate = Instant.ofEpochMilli(issuedAtInSecs * 1000L);
+
+ Instant validCreation = Instant.now();
+ if (clockOffset != 0) {
+ validCreation = validCreation.plusSeconds(clockOffset);
}
-
+
// Check to see if the IssuedAt time is in the future
- if (createdDate.after(validCreation)) {
+ if (createdDate.isAfter(validCreation)) {
throw new JwtException("Invalid issuedAt");
}
if (timeToLive > 0) {
// Calculate the time that is allowed for the message to travel
- currentTime -= (long)timeToLive * 1000L;
- validCreation.setTime(currentTime);
+ validCreation = validCreation.minusSeconds(timeToLive);
// Validate the time it took the message to travel
- if (createdDate.before(validCreation)) {
+ if (createdDate.isBefore(validCreation)) {
throw new JwtException("Invalid issuedAt");
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
index 0e86a2a..f5aba4b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
@@ -18,8 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.filters;
+import java.time.Instant;
import java.util.Collections;
-import java.util.Date;
import java.util.LinkedList;
import java.util.List;
@@ -70,7 +70,8 @@ public class AccessTokenIntrospectionClient implements AccessTokenValidator {
if (response.getIat() != null) {
atv.setTokenIssuedAt(response.getIat());
} else {
- atv.setTokenIssuedAt(new Date().getTime());
+ Instant now = Instant.now();
+ atv.setTokenIssuedAt(now.toEpochMilli());
}
if (response.getExp() != null) {
atv.setTokenLifetime(response.getExp() - atv.getTokenIssuedAt());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/JwtAccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/JwtAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/JwtAccessTokenValidator.java
index a1f3b0f..e9388b9 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/JwtAccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/JwtAccessTokenValidator.java
@@ -18,8 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.filters;
+import java.time.Instant;
import java.util.Collections;
-import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@@ -74,7 +74,8 @@ public class JwtAccessTokenValidator extends JoseJwtConsumer implements AccessTo
if (claims.getIssuedAt() != null) {
atv.setTokenIssuedAt(claims.getIssuedAt());
} else {
- atv.setTokenIssuedAt(new Date().getTime());
+ Instant now = Instant.now();
+ atv.setTokenIssuedAt(now.toEpochMilli());
}
if (claims.getExpiryTime() != null) {
atv.setTokenLifetime(claims.getExpiryTime() - atv.getTokenIssuedAt());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
index ffca76f..e9c0e16 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
@@ -24,7 +24,7 @@ import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URI;
import java.nio.charset.StandardCharsets;
-import java.util.Date;
+import java.time.Instant;
import java.util.ResourceBundle;
import java.util.UUID;
import java.util.logging.Level;
@@ -178,10 +178,10 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
String securityContextKey = UUID.randomUUID().toString();
long currentTime = System.currentTimeMillis();
- Date notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
+ Instant notOnOrAfter = validatorResponse.getSessionNotOnOrAfter();
long expiresAt = 0;
if (notOnOrAfter != null) {
- expiresAt = notOnOrAfter.getTime();
+ expiresAt = notOnOrAfter.toEpochMilli();
} else {
expiresAt = currentTime + getStateTimeToLive();
}
@@ -221,13 +221,14 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
}
// Otherwise create a new one for the IdP initiated case
+ Instant now = Instant.now();
return new RequestState(urlToForwardTo,
getIdpServiceAddress(),
null,
getIssuerId(JAXRSUtils.getCurrentMessage()),
"/",
null,
- new Date().getTime());
+ now.toEpochMilli());
}
if (relayState == null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
index 5efd79a..e4d81bb 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java
@@ -19,7 +19,8 @@
package org.apache.cxf.rs.security.saml.sso;
import java.io.IOException;
-import java.util.Date;
+import java.time.Instant;
+import java.time.ZoneOffset;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -125,8 +126,8 @@ public class AbstractSSOSpHandler {
// Note that the Expires property has been deprecated but apparently is
// supported better than 'max-age' property by different browsers
// (Firefox, IE, etc)
- Date expiresDate = new Date(System.currentTimeMillis() + stateTimeToLive);
- String cookieExpires = HttpUtils.getHttpDateFormat().format(expiresDate);
+ Instant expires = Instant.ofEpochMilli(System.currentTimeMillis() + stateTimeToLive);
+ String cookieExpires = HttpUtils.getHttpDateFormat().format(expires.atZone(ZoneOffset.UTC));
contextCookie += ";Expires=" + cookieExpires;
//TODO: Consider adding an 'HttpOnly' attribute
@@ -134,12 +135,13 @@ public class AbstractSSOSpHandler {
}
protected boolean isStateExpired(long stateCreatedAt, long expiresAt) {
- Date currentTime = new Date();
- if (currentTime.after(new Date(stateCreatedAt + getStateTimeToLive()))) {
+ Instant currentTime = Instant.now();
+ Instant expires = Instant.ofEpochMilli(stateCreatedAt + getStateTimeToLive());
+ if (currentTime.isAfter(expires)) {
return true;
}
- return expiresAt > 0 && currentTime.after(new Date(expiresAt));
+ return expiresAt > 0 && currentTime.isAfter(Instant.ofEpochMilli(expiresAt));
}
public void setStateProvider(SPStateManager stateProvider) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 0d7af23..19304d8 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -18,7 +18,8 @@
*/
package org.apache.cxf.rs.security.saml.sso;
-import java.util.Date;
+import java.time.Duration;
+import java.time.Instant;
import java.util.List;
import java.util.logging.Logger;
@@ -100,7 +101,7 @@ public class SAMLSSOResponseValidator {
// Validate Assertions
org.opensaml.saml.saml2.core.Assertion validAssertion = null;
- Date sessionNotOnOrAfter = null;
+ Instant sessionNotOnOrAfter = null;
for (org.opensaml.saml.saml2.core.Assertion assertion : samlResponse.getAssertions()) {
// Check the Issuer
if (assertion.getIssuer() == null) {
@@ -126,12 +127,15 @@ public class SAMLSSOResponseValidator {
// Store Session NotOnOrAfter
for (AuthnStatement authnStatment : assertion.getAuthnStatements()) {
if (authnStatment.getSessionNotOnOrAfter() != null) {
- sessionNotOnOrAfter = authnStatment.getSessionNotOnOrAfter().toDate();
+ sessionNotOnOrAfter =
+ Instant.ofEpochMilli(authnStatment.getSessionNotOnOrAfter().toDate().getTime());
}
}
// Fall back to the SubjectConfirmationData NotOnOrAfter if we have no session NotOnOrAfter
if (sessionNotOnOrAfter == null) {
- sessionNotOnOrAfter = subjectConf.getSubjectConfirmationData().getNotOnOrAfter().toDate();
+ sessionNotOnOrAfter =
+ Instant.ofEpochMilli(subjectConf.getSubjectConfirmationData()
+ .getNotOnOrAfter().toDate().getTime());
}
}
}
@@ -147,7 +151,7 @@ public class SAMLSSOResponseValidator {
validatorResponse.setResponseId(samlResponse.getID());
validatorResponse.setSessionNotOnOrAfter(sessionNotOnOrAfter);
if (samlResponse.getIssueInstant() != null) {
- validatorResponse.setCreated(samlResponse.getIssueInstant().toDate());
+ validatorResponse.setCreated(Instant.ofEpochMilli(samlResponse.getIssueInstant().toDate().getTime()));
}
Element assertionElement = validAssertion.getDOM();
@@ -234,10 +238,10 @@ public class SAMLSSOResponseValidator {
// Need to keep bearer assertion IDs based on NotOnOrAfter to detect replay attacks
if (postBinding && replayCache != null) {
if (replayCache.getId(id) == null) {
- Date expires = subjectConfData.getNotOnOrAfter().toDate();
- Date currentTime = new Date();
- long ttl = expires.getTime() - currentTime.getTime();
- replayCache.putId(id, ttl / 1000L);
+ Instant expires = Instant.ofEpochMilli(subjectConfData.getNotOnOrAfter().toDate().getTime());
+ Instant currentTime = Instant.now();
+ long ttl = Duration.between(currentTime, expires).getSeconds();
+ replayCache.putId(id, ttl);
} else {
LOG.fine("Replay attack with token id: " + id);
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SSOValidatorResponse.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SSOValidatorResponse.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SSOValidatorResponse.java
index 6c0b59c..ee6d3eb 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SSOValidatorResponse.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SSOValidatorResponse.java
@@ -18,7 +18,7 @@
*/
package org.apache.cxf.rs.security.saml.sso;
-import java.util.Date;
+import java.time.Instant;
import org.w3c.dom.Element;
@@ -26,8 +26,8 @@ import org.w3c.dom.Element;
* Some information that encapsulates a successful validation by the SAMLSSOResponseValidator
*/
public class SSOValidatorResponse {
- private Date sessionNotOnOrAfter;
- private Date created;
+ private Instant sessionNotOnOrAfter;
+ private Instant created;
private String responseId;
private String assertion;
private Element assertionElement;
@@ -40,11 +40,11 @@ public class SSOValidatorResponse {
this.assertion = assertion;
}
- public Date getSessionNotOnOrAfter() {
+ public Instant getSessionNotOnOrAfter() {
return sessionNotOnOrAfter;
}
- public void setSessionNotOnOrAfter(Date sessionNotOnOrAfter) {
+ public void setSessionNotOnOrAfter(Instant sessionNotOnOrAfter) {
this.sessionNotOnOrAfter = sessionNotOnOrAfter;
}
@@ -64,11 +64,11 @@ public class SSOValidatorResponse {
this.assertionElement = assertionElement;
}
- public Date getCreated() {
+ public Instant getCreated() {
return created;
}
- public void setCreated(Date created) {
+ public void setCreated(Instant created) {
this.created = created;
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
index b8b520b..396dcad 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
@@ -20,7 +20,8 @@
package org.apache.cxf.ws.security.policy.interceptors;
import java.security.NoSuchAlgorithmException;
-import java.time.ZonedDateTime;
+import java.time.Instant;
+import java.time.ZoneOffset;
import java.util.Base64;
import java.util.logging.Logger;
@@ -286,19 +287,19 @@ abstract class STSInvoker implements Invoker {
void writeLifetime(
W3CDOMStreamWriter writer,
- ZonedDateTime created,
- ZonedDateTime expires,
+ Instant created,
+ Instant expires,
String prefix,
String namespace
) throws Exception {
writer.writeStartElement(prefix, "Lifetime", namespace);
writer.writeNamespace("wsu", WSConstants.WSU_NS);
writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
- writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(created));
+ writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
- writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(expires));
+ writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeEndElement();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
index 36f163d..648706f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
@@ -19,8 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collection;
@@ -376,10 +375,10 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
.createSecureId("sctId-", sct.getElement()));
}
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(ttl / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(ttl / 1000L);
- SecurityToken token = new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
+ SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
token.setToken(sct.getElement());
token.setTokenType(sct.getTokenType());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 0032128..21c42d8 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -19,8 +19,7 @@
package org.apache.cxf.ws.security.policy.interceptors;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.Base64;
import java.util.Collection;
@@ -195,11 +194,11 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
sct.setID(wssConfig.getIdAllocator().createId("sctId-", sct));
// Lifetime
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires =
+ Instant created = Instant.now();
+ Instant expires =
created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(exchange.getOutMessage()) / 1000L);
- SecurityToken token = new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
+ SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
token.setToken(sct.getElement());
token.setTokenType(sct.getTokenType());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
index 731c181..019ed5d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
@@ -20,8 +20,6 @@
package org.apache.cxf.ws.security.tokenstore;
import java.time.Instant;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.Collection;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
@@ -86,7 +84,7 @@ public class MemoryTokenStore implements TokenStore {
}
protected void processTokenExpiry() {
- Instant current = ZonedDateTime.now(ZoneOffset.UTC).toInstant();
+ Instant current = Instant.now();
synchronized (tokens) {
for (Map.Entry<String, CacheEntry> entry : tokens.entrySet()) {
if (entry.getValue().getExpiry().isBefore(current)) {
@@ -97,8 +95,8 @@ public class MemoryTokenStore implements TokenStore {
}
private CacheEntry createCacheEntry(SecurityToken token) {
- ZonedDateTime expires = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(ttl);
- return new CacheEntry(token, expires.toInstant());
+ Instant expires = Instant.now().plusSeconds(ttl);
+ return new CacheEntry(token, expires);
}
private static class CacheEntry {
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index 181d900..eac0b0c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -28,7 +28,6 @@ import java.security.Key;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.time.Instant;
-import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.time.format.DateTimeParseException;
import java.util.Map;
@@ -365,8 +364,8 @@ public class SecurityToken implements Serializable {
*/
public boolean isExpired() {
if (expires != null) {
- ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
- if (expires.isBefore(now.toInstant())) {
+ Instant now = Instant.now();
+ if (expires.isBefore(now)) {
return true;
}
}
@@ -378,8 +377,8 @@ public class SecurityToken implements Serializable {
*/
public boolean isAboutToExpire(long secondsToExpiry) {
if (expires != null && secondsToExpiry > 0) {
- ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(secondsToExpiry);
- if (expires.isBefore(now.toInstant())) {
+ Instant now = Instant.now().plusSeconds(secondsToExpiry);
+ if (expires.isBefore(now)) {
return true;
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 592c7e2..830195f 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -24,8 +24,8 @@ import java.io.StringReader;
import java.net.URL;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
@@ -1376,17 +1376,17 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
}
protected void addLifetime(XMLStreamWriter writer) throws XMLStreamException {
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(ttl);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(ttl);
writer.writeStartElement("wst", "Lifetime", namespace);
writer.writeNamespace("wsu", WSConstants.WSU_NS);
writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
- writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(created));
+ writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
- writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(expires));
+ writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
writer.writeEndElement();
writer.writeEndElement();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index 46506e9..cc79367 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -23,8 +23,7 @@ import java.io.InputStream;
import java.net.URL;
import java.security.Key;
import java.security.cert.X509Certificate;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.List;
import java.util.Map;
import java.util.Properties;
@@ -162,11 +161,11 @@ public final class WSS4JUtils {
}
SecurityToken existingToken = TokenStoreUtils.getTokenStore(message).getToken(securityToken.getId());
if (existingToken == null || existingToken.isExpired()) {
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
SecurityToken cachedTok =
- new SecurityToken(securityToken.getId(), created.toInstant(), expires.toInstant());
+ new SecurityToken(securityToken.getId(), created, expires);
cachedTok.setSHA1(securityToken.getSha1Identifier());
if (securityToken.getTokenType() != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 446f36a..ce689b3 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -21,8 +21,7 @@ package org.apache.cxf.ws.security.wss4j.policyhandlers;
import java.net.URL;
import java.security.cert.X509Certificate;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
@@ -545,8 +544,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
return ret;
}
- private SupportingToken signSupportingToken(SecurityToken secToken, String id,
- AbstractToken token, SupportingTokens suppTokens)
+ private SupportingToken signSupportingToken(SecurityToken secToken, String id,
+ AbstractToken token, SupportingTokens suppTokens)
throws SOAPException {
WSSecSignature sig = new WSSecSignature(secHeader);
sig.setIdAllocator(wssConfig.getIdAllocator());
@@ -1931,12 +1930,12 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
WSSecUsernameToken utBuilder = (WSSecUsernameToken)tempTok;
String id = utBuilder.getId();
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
- SecurityToken secToken = new SecurityToken(id,
- utBuilder.getUsernameTokenElement(),
- created.toInstant(),
- expires.toInstant());
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ SecurityToken secToken = new SecurityToken(id,
+ utBuilder.getUsernameTokenElement(),
+ created,
+ expires);
if (isTokenProtection) {
sigParts.add(new WSEncryptionPart(secToken.getId()));
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 80f162a..33434b8 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -21,8 +21,7 @@ package org.apache.cxf.ws.security.wss4j.policyhandlers;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@@ -815,9 +814,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
String id = (String)wser.get(WSSecurityEngineResult.TAG_ID);
if (actInt.intValue() == WSConstants.ST_SIGNED
|| actInt.intValue() == WSConstants.ST_UNSIGNED) {
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
- SecurityToken tempTok = new SecurityToken(id, created.toInstant(), expires.toInstant());
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ SecurityToken tempTok = new SecurityToken(id, created, expires);
tempTok.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_SECRET));
tempTok.setX509Certificate(
(X509Certificate)wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE), null
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index 8aa4ea2..6c80607 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -19,8 +19,7 @@
package org.apache.cxf.ws.security.wss4j.policyhandlers;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.List;
@@ -601,10 +600,10 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
private String setupEncryptedKey(AbstractTokenWrapper wrapper, AbstractToken sigToken) throws WSSecurityException {
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
SecurityToken tempTok =
- new SecurityToken(IDGenerator.generateID(null), created.toInstant(), expires.toInstant());
+ new SecurityToken(IDGenerator.generateID(null), created, expires);
KeyGenerator keyGenerator =
KeyUtils.getKeyGenerator(sbinding.getAlgorithmSuite().getAlgorithmSuiteType().getEncryption());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 3e06d84..f705f84 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -19,8 +19,7 @@
package org.apache.cxf.ws.security.wss4j.policyhandlers;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
@@ -921,13 +920,13 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
String id = encrKey.getId();
byte[] secret = encrKey.getEphemeralKey();
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
SecurityToken tempTok = new SecurityToken(
id,
encrKey.getEncryptedKeyElement(),
- created.toInstant(),
- expires.toInstant());
+ created,
+ expires);
tempTok.setSecret(secret);
@@ -965,10 +964,10 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
SecurityToken tempTok =
- new SecurityToken(id, usernameToken.getUsernameTokenElement(), created.toInstant(), expires.toInstant());
+ new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
tokenStore.add(tempTok);
@@ -980,11 +979,11 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
WSSecurityEngineResult encryptedKeyResult = getEncryptedKeyResult();
if (encryptedKeyResult != null) {
// Store it in the cache
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
String encryptedKeyID = (String)encryptedKeyResult.get(WSSecurityEngineResult.TAG_ID);
- SecurityToken securityToken = new SecurityToken(encryptedKeyID, created.toInstant(), expires.toInstant());
+ SecurityToken securityToken = new SecurityToken(encryptedKeyID, created, expires);
securityToken.setSecret((byte[])encryptedKeyResult.get(WSSecurityEngineResult.TAG_SECRET));
securityToken.setSHA1(getSHA1((byte[])encryptedKeyResult
.get(WSSecurityEngineResult.TAG_ENCRYPTED_EPHEMERAL_KEY)));
@@ -1010,9 +1009,9 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
if (utID == null || utID.length() == 0) {
utID = wssConfig.getIdAllocator().createId("UsernameToken-", null);
}
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
- SecurityToken securityToken = new SecurityToken(utID, created.toInstant(), expires.toInstant());
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ SecurityToken securityToken = new SecurityToken(utID, created, expires);
byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
securityToken.setSecret(secret);
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index a8ef6fe..ff9b311 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -19,8 +19,7 @@
package org.apache.cxf.ws.security.wss4j.policyhandlers;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@@ -329,12 +328,12 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
+ Instant created = Instant.now();
+ Instant expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
SecurityToken tempTok = new SecurityToken(id,
usernameToken.getUsernameTokenElement(),
- created.toInstant(),
- expires.toInstant());
+ created,
+ expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.put(SecurityConstants.TOKEN_ID, tempTok.getId());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
index faba41e..2edfd87 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
@@ -18,8 +18,7 @@
*/
package org.apache.cxf.ws.security.tokenstore;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageImpl;
@@ -76,8 +75,8 @@ public class MemoryTokenStoreTest extends org.junit.Assert {
public void testTokenExpiry() {
SecurityToken token = new SecurityToken();
- ZonedDateTime expires = ZonedDateTime.now(ZoneOffset.UTC).plusMinutes(5L);
- token.setExpires(expires.toInstant());
+ Instant expires = Instant.now().plusSeconds(5L * 60L);
+ token.setExpires(expires);
assertFalse(token.isExpired());
assertFalse(token.isAboutToExpire(100L));
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
index c847e4d..28ab73a 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
@@ -21,8 +21,6 @@ package org.apache.cxf.sts.cache;
import java.time.Duration;
import java.time.Instant;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.Collection;
import java.util.concurrent.TimeUnit;
@@ -129,12 +127,12 @@ public class HazelCastTokenStore implements TokenStore {
int parsedTTL = 0;
if (token.getExpires() != null) {
Instant expires = token.getExpires();
- ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
- if (expires.isBefore(now.toInstant())) {
+ Instant now = Instant.now();
+ if (expires.isBefore(now)) {
return 0;
}
- Duration duration = Duration.between(now.toInstant(), expires);
+ Duration duration = Duration.between(now, expires);
parsedTTL = (int)duration.getSeconds();
if (duration.getSeconds() != (long)parsedTTL || parsedTTL > MAX_TTL) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
index 816bf91..991e07e 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
@@ -22,7 +22,6 @@ package org.apache.cxf.sts.operation;
import java.security.Principal;
import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -296,20 +295,20 @@ public abstract class AbstractOperation {
AttributedDateTime created = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
AttributedDateTime expires = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
- ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime creationTime = now;
- if (tokenCreated != null) {
- creationTime = ZonedDateTime.ofInstant(tokenCreated, ZoneOffset.UTC);
+ Instant now = Instant.now();
+ Instant creationTime = tokenCreated;
+ if (tokenCreated == null) {
+ creationTime = now;
}
- long lifeTimeOfToken = 300L;
- ZonedDateTime expirationTime = now.plusSeconds(lifeTimeOfToken);
- if (tokenExpires != null) {
- expirationTime = ZonedDateTime.ofInstant(tokenExpires, ZoneOffset.UTC);
+ Instant expirationTime = tokenExpires;
+ if (tokenExpires == null) {
+ long lifeTimeOfToken = 300L;
+ expirationTime = now.plusSeconds(lifeTimeOfToken);
}
- created.setValue(DateUtil.getDateTimeFormatter(true).format(creationTime));
- expires.setValue(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ created.setValue(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ expires.setValue(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("Token lifetime creation: " + created.getValue());
LOG.fine("Token lifetime expiration: " + expires.getValue());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
index 05bc25c..e6ec9d1 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
@@ -19,7 +19,7 @@
package org.apache.cxf.sts.token.provider;
import java.time.Duration;
-import java.time.ZoneOffset;
+import java.time.Instant;
import java.time.ZonedDateTime;
import java.time.format.DateTimeParseException;
import java.util.ArrayList;
@@ -141,11 +141,11 @@ public class DefaultConditionsProvider implements ConditionsProvider {
if (lifetime > 0) {
if (acceptClientLifetime && tokenLifetime != null
&& tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
- ZonedDateTime creationTime = null;
- ZonedDateTime expirationTime = null;
+ Instant creationTime = null;
+ Instant expirationTime = null;
try {
- creationTime = ZonedDateTime.parse(tokenLifetime.getCreated());
- expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires());
+ creationTime = ZonedDateTime.parse(tokenLifetime.getCreated()).toInstant();
+ expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires()).toInstant();
} catch (DateTimeParseException ex) {
LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
throw new STSException(
@@ -155,7 +155,7 @@ public class DefaultConditionsProvider implements ConditionsProvider {
}
// Check to see if the created time is in the future
- ZonedDateTime validCreation = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant validCreation = Instant.now();
if (futureTimeToLive > 0) {
validCreation = validCreation.plusSeconds(futureTimeToLive);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
index d875b04..2cbd37a 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
@@ -19,8 +19,7 @@
package org.apache.cxf.sts.token.provider;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
@@ -135,16 +134,16 @@ public class SCTProvider implements TokenProvider {
response.setComputedKey(keyHandler.isComputedKey());
// putting the secret key into the cache
- ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
- response.setCreated(created.toInstant());
- ZonedDateTime expires = null;
+ Instant created = Instant.now();
+ response.setCreated(created);
+ Instant expires = null;
if (lifetime > 0) {
expires = created.plusSeconds(lifetime);
- response.setExpires(expires.toInstant());
+ response.setExpires(expires);
}
SecurityToken token =
- new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
+ new SecurityToken(sct.getIdentifier(), created, expires);
token.setSecret(keyHandler.getSecret());
token.setPrincipal(tokenParameters.getPrincipal());
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
index 3b26f0d..92c7b32b 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
@@ -20,7 +20,7 @@ package org.apache.cxf.sts.token.provider.jwt;
import java.security.Principal;
import java.time.Duration;
-import java.time.ZoneOffset;
+import java.time.Instant;
import java.time.ZonedDateTime;
import java.time.format.DateTimeParseException;
import java.util.ArrayList;
@@ -168,8 +168,8 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
protected void handleConditions(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) {
TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
- ZonedDateTime currentDate = ZonedDateTime.now(ZoneOffset.UTC);
- long currentTime = currentDate.toEpochSecond();
+ Instant currentDate = Instant.now();
+ long currentTime = currentDate.getEpochSecond();
// Set the defaults first
claims.setIssuedAt(currentTime);
@@ -179,11 +179,11 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
Lifetime tokenLifetime = providerParameters.getTokenRequirements().getLifetime();
if (lifetime > 0 && acceptClientLifetime && tokenLifetime != null
&& tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
- ZonedDateTime creationTime = null;
- ZonedDateTime expirationTime = null;
+ Instant creationTime = null;
+ Instant expirationTime = null;
try {
- creationTime = ZonedDateTime.parse(tokenLifetime.getCreated());
- expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires());
+ creationTime = ZonedDateTime.parse(tokenLifetime.getCreated()).toInstant();
+ expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires()).toInstant();
} catch (DateTimeParseException ex) {
LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
throw new STSException(
@@ -193,7 +193,7 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
}
// Check to see if the created time is in the future
- ZonedDateTime validCreation = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant validCreation = Instant.now();
if (futureTimeToLive > 0) {
validCreation = validCreation.plusSeconds(futureTimeToLive);
}
@@ -217,10 +217,10 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
}
}
- long creationTimeInSeconds = creationTime.toEpochSecond();
+ long creationTimeInSeconds = creationTime.getEpochSecond();
claims.setIssuedAt(creationTimeInSeconds);
claims.setNotBefore(creationTimeInSeconds);
- claims.setExpiryTime(expirationTime.toEpochSecond());
+ claims.setExpiryTime(expirationTime.getEpochSecond());
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
index 3bdd11c..555ddfe 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
@@ -18,8 +18,8 @@
*/
package org.apache.cxf.sts.operation;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -465,11 +465,11 @@ public class IssueUnitTest extends org.junit.Assert {
if (lifetime <= 0) {
lifetime = 300L;
}
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(lifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(lifetime);
- created.setValue(DateUtil.getDateTimeFormatter(true).format(creationTime));
- expires.setValue(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ created.setValue(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ expires.setValue(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
LifetimeType lifetimeType = QNameConstants.WS_TRUST_FACTORY.createLifetimeType();
lifetimeType.setCreated(created);
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
index 89305c4..e9ca631 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
@@ -19,8 +19,8 @@
package org.apache.cxf.sts.operation;
import java.security.Principal;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
@@ -502,11 +502,11 @@ public class RenewSamlUnitTest extends org.junit.Assert {
if (ttlMs != 0) {
Lifetime lifetime = new Lifetime();
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
index 8f21291..e017c24 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
@@ -19,8 +19,8 @@
package org.apache.cxf.sts.token.provider;
import java.time.Duration;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.Properties;
import org.apache.cxf.jaxws.context.WrappedMessageContext;
@@ -65,12 +65,12 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -137,13 +137,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -171,13 +171,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to Default max lifetime plus 1
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -209,13 +209,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -250,13 +250,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
creationTime = creationTime.plusSeconds(10);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -291,12 +291,12 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now().plusSeconds(120L);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -338,10 +338,10 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+ Instant creationTime = Instant.now().plusSeconds(120L);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
index 97dce88..24e1cd1 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
@@ -19,8 +19,8 @@
package org.apache.cxf.sts.token.provider;
import java.time.Duration;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.Properties;
import org.w3c.dom.Element;
@@ -68,11 +68,11 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
// Set expected lifetime to 1 minute
Lifetime lifetime = new Lifetime();
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -138,13 +138,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -175,13 +175,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to Default max lifetime plus 1
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -216,13 +216,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -257,13 +257,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
creationTime = creationTime.plusSeconds(10L);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -298,12 +298,12 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now().plusSeconds(120L);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -344,10 +344,10 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
);
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+ Instant creationTime = Instant.now().plusSeconds(120L);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
index ae9efb5..b1c3d4b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
@@ -19,8 +19,8 @@
package org.apache.cxf.sts.token.renewer;
import java.time.Duration;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.Properties;
import javax.security.auth.callback.CallbackHandler;
@@ -84,12 +84,12 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to 1 minute
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -179,13 +179,13 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -230,13 +230,13 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to Default max lifetime plus 1
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -286,13 +286,13 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
TokenRenewerParameters renewerParameters = createRenewerParameters();
// Set expected lifetime to 35 minutes
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+ Instant creationTime = Instant.now();
long requestedLifetime = 35 * 60L;
- ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+ Instant expirationTime = creationTime.plusSeconds(requestedLifetime);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
renewerParameters.getTokenRequirements().setLifetime(lifetime);
@@ -374,12 +374,12 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
providerParameters.getTokenRequirements().setRenewing(renewing);
if (ttlMs != 0) {
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/06588cac/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
index d50da32..b4ff7d6 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
@@ -18,8 +18,8 @@
*/
package org.apache.cxf.sts.token.renewer;
+import java.time.Instant;
import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -284,12 +284,13 @@ public class SAMLTokenRenewerPOPTest extends org.junit.Assert {
providerParameters.getTokenRequirements().setRenewing(renewing);
if (ttlMs != 0) {
- ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
- ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
-
Lifetime lifetime = new Lifetime();
- lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
- lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+
+ Instant creationTime = Instant.now();
+ Instant expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
+
+ lifetime.setCreated(creationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
+ lifetime.setExpires(expirationTime.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
providerParameters.getTokenRequirements().setLifetime(lifetime);
}