change PVP2 AssertionBuilder to use the same DateTime at every position

2 files changed, 10 insertions, 8 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index d1d79373c..9e2c89583 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -57,7 +57,7 @@ import at.gv.egovernment.moa.util.Constants;
 
 public class PVP2AssertionBuilder implements PVPConstants {
 	public static Assertion buildAssertion(AuthnRequest authnRequest,
-			AuthenticationSession authSession, EntityDescriptor peerEntity)
+			AuthenticationSession authSession, EntityDescriptor peerEntity, DateTime date)
 			throws MOAIDException {
 		Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class);
 
@@ -137,7 +137,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		AuthnStatement authnStatement = SAML2Utils
 				.createSAMLObject(AuthnStatement.class);
 		String remoteSessionID = SAML2Utils.getSecureIdentifier();
-		authnStatement.setAuthnInstant(new DateTime());
+		authnStatement.setAuthnInstant(date);
 		// currently dummy id ...
 		authnStatement.setSessionIndex(remoteSessionID);
 		authnStatement.setAuthnContext(authnContext);
@@ -300,7 +300,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		SubjectConfirmationData subjectConfirmationData = SAML2Utils
 				.createSAMLObject(SubjectConfirmationData.class);
 		subjectConfirmationData.setInResponseTo(authnRequest.getID());
-		subjectConfirmationData.setNotOnOrAfter(new DateTime().plusMinutes(5));
+		subjectConfirmationData.setNotOnOrAfter(date.plusMinutes(5));
 		
 		//TL: change from entityID to destination URL 
 		AssertionConsumerService consumerService = spSSODescriptor
@@ -323,9 +323,9 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		
 		audience.setAudienceURI(peerEntity.getEntityID());
 		audienceRestriction.getAudiences().add(audience);
-		conditions.setNotBefore(new DateTime());
+		conditions.setNotBefore(date);
 		
-		conditions.setNotOnOrAfter(new DateTime().plusMinutes(5));
+		conditions.setNotOnOrAfter(date.plusMinutes(5));
 //		conditions.setNotOnOrAfter(new DateTime());
 		
 		conditions.getAudienceRestrictions().add(audienceRestriction);
@@ -342,7 +342,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		assertion.setIssuer(issuer);
 		assertion.setSubject(subject);
 		assertion.setID(SAML2Utils.getSecureIdentifier());
-		assertion.setIssueInstant(new DateTime());
+		assertion.setIssueInstant(date);
 
 		return assertion;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 4128a406b..89285bad1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -77,7 +77,9 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		AuthnRequest authnRequest = (AuthnRequest) obj.getSamlRequest();
 		EntityDescriptor peerEntity = obj.getEntityMetadata();
 		
-		Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity);
+		DateTime date = new DateTime();
+		
+		Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity, date);
 		
 		Response authResponse = SAML2Utils.createSAMLObject(Response.class);
 
@@ -93,7 +95,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		authResponse.setInResponseTo(authnRequest.getID());
 		
 		//SAML2 response required IssueInstant
-		authResponse.setIssueInstant(new DateTime());
+		authResponse.setIssueInstant(date);
 		
 		authResponse.setStatus(SAML2Utils.getSuccessStatus());