Merge branch 'opensaml_4.x' into nightlyBuild

# Conflicts:
#	eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java
#	eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
#	eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java
#	eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java
#	eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
#	eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java
#	pom.xml

5 files changed, 30 insertions, 28 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
index 85977193..2e30dcd9 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
@@ -19,6 +19,8 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.idp.impl;
 
+import java.time.Duration;
+import java.time.Instant;
 import java.util.List;
 
 import javax.annotation.PostConstruct;
@@ -27,7 +29,6 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.core.AuthnRequest;
 import org.opensaml.saml.saml2.core.Issuer;
@@ -173,12 +174,13 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
     //set status-message if availabe    
     if (statusMessage.getMessage() != null) {
       status.setStatusMessage(statusMessage);
+      
     }    
-    status.setStatusCode(statusCode);
-    
+    status.setStatusCode(statusCode);    
     samlResponse.setStatus(status);    
     samlResponse.setID(Saml2Utils.getSecureIdentifier());
-    samlResponse.setIssueInstant(new DateTime());
+    samlResponse.setIssueInstant(Instant.now());
+    
     final Issuer nissuer = Saml2Utils.createSamlObject(Issuer.class);
     nissuer.setValue(pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl()));
     nissuer.setFormat(NameIDType.ENTITY);
@@ -469,8 +471,8 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
 
     }
 
-    if (authnRequest.getIssueInstant().minusMinutes(EaafConstants.ALLOWED_TIME_JITTER)
-        .isAfterNow()) {
+    if (authnRequest.getIssueInstant().minus(Duration.ofMinutes(EaafConstants.ALLOWED_TIME_JITTER))
+        .isAfter(Instant.now())) {
       log.warn("Unsupported request: No IssueInstant DateTime is not valid anymore.");
       throw new AuthnRequestValidatorException("pvp2.22",
           new Object[] { "Unsupported request: No IssueInstant DateTime is not valid anymore." },
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index 68ba39a3..a3c6cb5d 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -19,11 +19,12 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.idp.impl;
 
+import java.time.Instant;
+
 import javax.annotation.PostConstruct;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.joda.time.DateTime;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.core.Assertion;
 import org.opensaml.saml.saml2.core.AuthnRequest;
@@ -108,7 +109,7 @@ public class AuthenticationAction implements IAction {
       consumerService.setBinding(pvpRequest.getBinding());
       consumerService.setLocation(pvpRequest.getConsumerUrl());
 
-      final DateTime date = new DateTime();
+      final Instant date = Instant.now();
       final SloInformationImpl sloInformation = new SloInformationImpl();
       final String issuerEntityID = pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl());
 
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
index 482a2a09..500482b2 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
@@ -19,17 +19,10 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder;
 
+import java.time.Instant;
 import java.util.ArrayList;
 import java.util.List;
 
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-
-import org.joda.time.DateTime;
 import org.opensaml.core.criterion.EntityIdCriterion;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.io.MarshallingException;
@@ -67,6 +60,12 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Element;
 
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
 import net.shibboleth.utilities.java.support.resolver.ResolverException;
@@ -94,7 +93,7 @@ public class AuthResponseBuilder {
    * @throws InvalidAssertionEncryptionException In case of an error
    */
   public static Response buildResponse(final IPvp2MetadataProvider metadataProvider,
-      final String issuerEntityID, final RequestAbstractType req, final DateTime date,
+      final String issuerEntityID, final RequestAbstractType req, final Instant date,
       final Assertion assertion, IConfiguration authConfig)
       throws InvalidAssertionEncryptionException {
     final Response authResponse = Saml2Utils.createSamlObject(Response.class);
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
index d2ed2c11..21912592 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
@@ -20,6 +20,7 @@
 package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder;
 
 import java.security.MessageDigest;
+import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
@@ -27,7 +28,6 @@ import java.util.List;
 import javax.naming.ConfigurationException;
 
 import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.core.Assertion;
 import org.opensaml.saml.saml2.core.Attribute;
@@ -102,7 +102,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
    * @throws Pvp2Exception In case of an error
    */
   public Assertion buildAssertion(final String issuerEntityID, final AttributeQuery attrQuery,
-      final List<Attribute> attrList, final DateTime now, final DateTime validTo,
+      final List<Attribute> attrList, final Instant now, final Instant validTo,
       final String qaaLevel, final String sessionIndex) throws Pvp2Exception {
 
     final AuthnContextClassRef authnContextClassRef =
@@ -140,7 +140,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
    */
   public Assertion buildAssertion(final String issuerEntityID,
       final PvpSProfilePendingRequest pendingReq, final AuthnRequest authnRequest,
-      final IAuthData authData, final EntityDescriptor peerEntity, final DateTime date,
+      final IAuthData authData, final EntityDescriptor peerEntity, final Instant date,
       final AssertionConsumerService assertionConsumerService,
       final SloInformationInterface sloInformation) throws Pvp2Exception {
 
@@ -249,7 +249,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
 
       if (attributeConsumingService != null) {
         final Iterator<RequestedAttribute> it =
-            attributeConsumingService.getRequestAttributes().iterator();
+            attributeConsumingService.getRequestedAttributes().iterator();
         while (it.hasNext()) {
           final RequestedAttribute reqAttribut = it.next();
           try {
@@ -364,7 +364,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
         Saml2Utils.createSamlObject(SubjectConfirmationData.class);
     subjectConfirmationData.setInResponseTo(authnRequest.getID());
     subjectConfirmationData
-        .setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime()));
+        .setNotOnOrAfter(Instant.ofEpochMilli(authData.getSsoSessionValidTo().getTime()));
 
     // set 'recipient' attribute in subjectConformationData
     subjectConfirmationData.setRecipient(assertionConsumerService.getLocation());
@@ -403,10 +403,10 @@ public class Pvp2AssertionBuilder implements PvpConstants {
    * @throws ConfigurationException In case on an error
    */
 
-  public Assertion buildGenericAssertion(String issuer, final String entityID, final DateTime date,
+  public Assertion buildGenericAssertion(String issuer, final String entityID, final Instant date,
       final AuthnContextClassRef authnContextClassRef, final List<Attribute> attrList,
       final NameID subjectNameID, final SubjectConfirmationData subjectConfirmationData,
-      final String sessionIndex, final DateTime isValidTo) throws ResponderErrorException {
+      final String sessionIndex, final Instant isValidTo) throws ResponderErrorException {
     final Assertion assertion = Saml2Utils.createSamlObject(Assertion.class);
 
     final AuthnContext authnContext = Saml2Utils.createSamlObject(AuthnContext.class);
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
index f2c843da..f2df5e8d 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
@@ -1,11 +1,11 @@
 package at.gv.egiz.eaaf.modules.pvp2.idp.test;
 
 import java.io.IOException;
+import java.time.Instant;
 
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.lang3.RandomStringUtils;
-import org.joda.time.DateTime;
 import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.junit.Test;
@@ -79,7 +79,7 @@ public class AuthnResponseBuilderTest {
         PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml"));
 
     //build response
-    final DateTime now = DateTime.now();
+    final Instant now = Instant.now();
     final Response response = AuthResponseBuilder.buildResponse(
         metadataProvider, issuerEntityID, authnReq,
         now, assertion, authConfig);
@@ -124,7 +124,7 @@ public class AuthnResponseBuilderTest {
         PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml"));
 
     //build response
-    final DateTime now = DateTime.now();
+    final Instant now = Instant.now();
     final Response response = AuthResponseBuilder.buildResponse(
         metadataProvider, issuerEntityID, authnReq,
         now, assertion, authConfig);
@@ -169,7 +169,7 @@ public class AuthnResponseBuilderTest {
         PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml"));
 
     //build response
-    final DateTime now = DateTime.now();
+    final Instant now = Instant.now();
     final Response response = AuthResponseBuilder.buildResponse(
         metadataProvider, issuerEntityID, authnReq,
         now, assertion, authConfig);