diff options
author | Thomas <> | 2022-01-08 19:50:42 +0100 |
---|---|---|
committer | Thomas <> | 2022-01-08 19:50:42 +0100 |
commit | 5bdcf4b0298da05efb06eb84acdb188e4313df75 (patch) | |
tree | a1c40aef7914f58950d3ecc06e0811131430ddd3 /eaaf_modules/eaaf_module_pvp2_idp/src/main | |
parent | d7f9aa156ad76e5ddaf797a16f1155c37594bd91 (diff) | |
parent | f59462296cf6eb0401be025a64b1be9ec8afc541 (diff) | |
download | EAAF-Components-5bdcf4b0298da05efb06eb84acdb188e4313df75.tar.gz EAAF-Components-5bdcf4b0298da05efb06eb84acdb188e4313df75.tar.bz2 EAAF-Components-5bdcf4b0298da05efb06eb84acdb188e4313df75.zip |
Merge branch 'opensaml_4.x' into nightlyBuild
# Conflicts:
# eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java
# eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
# eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java
# eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java
# eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
# eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java
# pom.xml
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_idp/src/main')
4 files changed, 26 insertions, 24 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index 85977193..2e30dcd9 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -19,6 +19,8 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl; +import java.time.Duration; +import java.time.Instant; import java.util.List; import javax.annotation.PostConstruct; @@ -27,7 +29,6 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.AuthnRequest; import org.opensaml.saml.saml2.core.Issuer; @@ -173,12 +174,13 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement //set status-message if availabe if (statusMessage.getMessage() != null) { status.setStatusMessage(statusMessage); + } - status.setStatusCode(statusCode); - + status.setStatusCode(statusCode); samlResponse.setStatus(status); samlResponse.setID(Saml2Utils.getSecureIdentifier()); - samlResponse.setIssueInstant(new DateTime()); + samlResponse.setIssueInstant(Instant.now()); + final Issuer nissuer = Saml2Utils.createSamlObject(Issuer.class); nissuer.setValue(pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl())); nissuer.setFormat(NameIDType.ENTITY); @@ -469,8 +471,8 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement } - if (authnRequest.getIssueInstant().minusMinutes(EaafConstants.ALLOWED_TIME_JITTER) - .isAfterNow()) { + if (authnRequest.getIssueInstant().minus(Duration.ofMinutes(EaafConstants.ALLOWED_TIME_JITTER)) + .isAfter(Instant.now())) { log.warn("Unsupported request: No IssueInstant DateTime is not valid anymore."); throw new AuthnRequestValidatorException("pvp2.22", new Object[] { "Unsupported request: No IssueInstant DateTime is not valid anymore." }, diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java index 68ba39a3..a3c6cb5d 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java @@ -19,11 +19,12 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl; +import java.time.Instant; + import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.joda.time.DateTime; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.Assertion; import org.opensaml.saml.saml2.core.AuthnRequest; @@ -108,7 +109,7 @@ public class AuthenticationAction implements IAction { consumerService.setBinding(pvpRequest.getBinding()); consumerService.setLocation(pvpRequest.getConsumerUrl()); - final DateTime date = new DateTime(); + final Instant date = Instant.now(); final SloInformationImpl sloInformation = new SloInformationImpl(); final String issuerEntityID = pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl()); diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java index 482a2a09..500482b2 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java @@ -19,17 +19,10 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder; +import java.time.Instant; import java.util.ArrayList; import java.util.List; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; -import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; - -import org.joda.time.DateTime; import org.opensaml.core.criterion.EntityIdCriterion; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; import org.opensaml.core.xml.io.MarshallingException; @@ -67,6 +60,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Element; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.resolver.CriteriaSet; import net.shibboleth.utilities.java.support.resolver.ResolverException; @@ -94,7 +93,7 @@ public class AuthResponseBuilder { * @throws InvalidAssertionEncryptionException In case of an error */ public static Response buildResponse(final IPvp2MetadataProvider metadataProvider, - final String issuerEntityID, final RequestAbstractType req, final DateTime date, + final String issuerEntityID, final RequestAbstractType req, final Instant date, final Assertion assertion, IConfiguration authConfig) throws InvalidAssertionEncryptionException { final Response authResponse = Saml2Utils.createSamlObject(Response.class); diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java index d2ed2c11..21912592 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java @@ -20,6 +20,7 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder; import java.security.MessageDigest; +import java.time.Instant; import java.util.ArrayList; import java.util.Iterator; import java.util.List; @@ -27,7 +28,6 @@ import java.util.List; import javax.naming.ConfigurationException; import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.Assertion; import org.opensaml.saml.saml2.core.Attribute; @@ -102,7 +102,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { * @throws Pvp2Exception In case of an error */ public Assertion buildAssertion(final String issuerEntityID, final AttributeQuery attrQuery, - final List<Attribute> attrList, final DateTime now, final DateTime validTo, + final List<Attribute> attrList, final Instant now, final Instant validTo, final String qaaLevel, final String sessionIndex) throws Pvp2Exception { final AuthnContextClassRef authnContextClassRef = @@ -140,7 +140,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { */ public Assertion buildAssertion(final String issuerEntityID, final PvpSProfilePendingRequest pendingReq, final AuthnRequest authnRequest, - final IAuthData authData, final EntityDescriptor peerEntity, final DateTime date, + final IAuthData authData, final EntityDescriptor peerEntity, final Instant date, final AssertionConsumerService assertionConsumerService, final SloInformationInterface sloInformation) throws Pvp2Exception { @@ -249,7 +249,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { if (attributeConsumingService != null) { final Iterator<RequestedAttribute> it = - attributeConsumingService.getRequestAttributes().iterator(); + attributeConsumingService.getRequestedAttributes().iterator(); while (it.hasNext()) { final RequestedAttribute reqAttribut = it.next(); try { @@ -364,7 +364,7 @@ public class Pvp2AssertionBuilder implements PvpConstants { Saml2Utils.createSamlObject(SubjectConfirmationData.class); subjectConfirmationData.setInResponseTo(authnRequest.getID()); subjectConfirmationData - .setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime())); + .setNotOnOrAfter(Instant.ofEpochMilli(authData.getSsoSessionValidTo().getTime())); // set 'recipient' attribute in subjectConformationData subjectConfirmationData.setRecipient(assertionConsumerService.getLocation()); @@ -403,10 +403,10 @@ public class Pvp2AssertionBuilder implements PvpConstants { * @throws ConfigurationException In case on an error */ - public Assertion buildGenericAssertion(String issuer, final String entityID, final DateTime date, + public Assertion buildGenericAssertion(String issuer, final String entityID, final Instant date, final AuthnContextClassRef authnContextClassRef, final List<Attribute> attrList, final NameID subjectNameID, final SubjectConfirmationData subjectConfirmationData, - final String sessionIndex, final DateTime isValidTo) throws ResponderErrorException { + final String sessionIndex, final Instant isValidTo) throws ResponderErrorException { final Assertion assertion = Saml2Utils.createSamlObject(Assertion.class); final AuthnContext authnContext = Saml2Utils.createSamlObject(AuthnContext.class); |