if (conditionsType != null) XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar updatedNotBefore = XMLTimeUtil.subtract(notBefore, clockSkewInMilis); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); XMLGregorianCalendar updatedOnOrAfter = XMLTimeUtil.add(notOnOrAfter, clockSkewInMilis); expiry = !XMLTimeUtil.isValid(now, updatedNotBefore, updatedOnOrAfter); if (expiry)
protected SAML11RequestType parseRequiredAttributes(StartElement startElement) throws ParsingException { Attribute idAttr = startElement.getAttributeByName(new QName(SAML11Constants.REQUEST_ID)); if (idAttr == null) throw new RuntimeException(REQD_ATTRIBUTE + SAML11Constants.REQUEST_ID); String id = StaxParserUtil.getAttributeValue(idAttr); Attribute issueInstantAttr = startElement.getAttributeByName(new QName(SAML11Constants.ISSUE_INSTANT)); if (issueInstantAttr == null) throw new RuntimeException(REQD_ATTRIBUTE + SAML11Constants.ISSUE_INSTANT); XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(issueInstantAttr)); return new SAML11RequestType(id, issueInstant); }
/** * Get the current instant of time * * @return * * @throws ConfigurationException */ public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException { return getIssueInstant(getCurrentTimeZoneID()); }
/** * Check whether the assertion has expired * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(AssertionType assertion) throws ConfigurationException { boolean expiry = false; //Check for validity of assertion ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); if (trace) log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { log.info("Assertion has expired with id=" + assertion.getID()); } } //TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
private XMLGregorianCalendar getCurrentTime() { try { return XMLTimeUtil.getIssueInstant(); } catch (ConfigurationException e) { throw new RuntimeException(e); } }
/** * Add validity conditions to the SAML2 Assertion * @param assertion * @param durationInMilis * @throws ConfigurationException * @throws IssueInstantMissingException */ public static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException { XMLGregorianCalendar issueInstant = assertion.getIssueInstant(); if (issueInstant == null) throw new IssueInstantMissingException(ErrorCodes.NULL_ISSUE_INSTANT); XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis + clockSkew); SAML11ConditionsType conditionsType = new SAML11ConditionsType(); XMLGregorianCalendar beforeInstant = XMLTimeUtil.subtract(issueInstant, clockSkew); conditionsType.setNotBefore(beforeInstant); conditionsType.setNotOnOrAfter(assertionValidityLength); assertion.setConditions(conditionsType); }
entitiesDescriptorType.setValidUntil(XMLTimeUtil.parse(validUntilValue)); if (cacheDuration != null) entitiesDescriptorType.setCacheDuration(XMLTimeUtil.parseAsDuration(StaxParserUtil .getAttributeValue(cacheDuration)));
/** * Subtract some miliseconds from the time value * @param value * @param milis miliseconds entered in a positive value * @return * @throws ConfigurationException */ public static XMLGregorianCalendar subtract(XMLGregorianCalendar value, long milis) throws ConfigurationException { if(milis < 0) throw new IllegalArgumentException("milis should be a positive value"); return add(value, -1 * milis); }
/** * Check whether the assertion has expired * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(AssertionType assertion) throws ConfigurationException { boolean expiry = false; //Check for validity of assertion ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); if (trace) log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { log.info("Assertion has expired with id=" + assertion.getID()); } } //TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
private XMLGregorianCalendar generateIssueInstant() { try { return XMLTimeUtil.getIssueInstant(); } catch (ConfigurationException e) { throw new RuntimeException(e); } } }
/** * Add validity conditions to the SAML2 Assertion * * @param assertion * @param durationInMilis * * @throws ConfigurationException * @throws IssueInstantMissingException */ public static void createSAML11TimedConditions(SAML11AssertionType assertion, long durationInMilis, long clockSkew) throws ConfigurationException, IssueInstantMissingException { XMLGregorianCalendar issueInstant = assertion.getIssueInstant(); if (issueInstant == null) throw new IssueInstantMissingException(ErrorCodes.NULL_ISSUE_INSTANT); XMLGregorianCalendar assertionValidityLength = XMLTimeUtil.add(issueInstant, durationInMilis + clockSkew); SAML11ConditionsType conditionsType = new SAML11ConditionsType(); XMLGregorianCalendar beforeInstant = XMLTimeUtil.subtract(issueInstant, clockSkew); conditionsType.setNotBefore(beforeInstant); conditionsType.setNotOnOrAfter(assertionValidityLength); assertion.setConditions(conditionsType); }
entitiesDescriptorType.setValidUntil(XMLTimeUtil.parse(validUntilValue)); if (cacheDuration != null) entitiesDescriptorType.setCacheDuration(XMLTimeUtil.parseAsDuration(StaxParserUtil .getAttributeValue(cacheDuration)));
/** * Get the current instant of time * * @return * * @throws ConfigurationException */ public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException { return getIssueInstant(getCurrentTimeZoneID()); }
/** * Subtract some miliseconds from the time value * @param value * @param milis miliseconds entered in a positive value * @return * @throws ConfigurationException */ public static XMLGregorianCalendar subtract(XMLGregorianCalendar value, long milis) throws ConfigurationException { if(milis < 0) throw new IllegalArgumentException("milis should be a positive value"); return add(value, -1 * milis); }
if (conditionsType != null) XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar updatedNotBefore = XMLTimeUtil.subtract(notBefore, clockSkewInMilis); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); XMLGregorianCalendar updatedOnOrAfter = XMLTimeUtil.add(notOnOrAfter, clockSkewInMilis); expiry = !XMLTimeUtil.isValid(now, updatedNotBefore, updatedOnOrAfter); if (expiry)
/** * Check whether the assertion has expired * @param assertion * @return * @throws ConfigurationException */ public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException { boolean expiry = false; //Check for validity of assertion SAML11ConditionsType conditionsType = assertion.getConditions(); if (conditionsType != null) { XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant(); XMLGregorianCalendar notBefore = conditionsType.getNotBefore(); XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter(); if (trace) log.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + "::notOnOrAfter=" + notOnOrAfter); expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter); if (expiry) { log.info("Assertion has expired with id=" + assertion.getID()); } } //TODO: if conditions do not exist, assume the assertion to be everlasting? return expiry; }
/** * Get the current instant of time * @return * @throws ConfigurationException */ public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException { return getIssueInstant(TimeZone.getDefault().getID()); }
protected Lifetime adjustLifetimeForClockSkew(Lifetime lifetime) throws ProcessingException { try { lifetime.setCreated( XMLTimeUtil.subtract(lifetime.getCreated(), getClockSkewInMillis())); lifetime.setExpires( XMLTimeUtil.add(lifetime.getExpires(), getClockSkewInMillis())); return lifetime; } catch( ConfigurationException ce ) { throw new ProcessingException(ce.getMessage()); } }
if (validUntil != null) { String validUntilValue = StaxParserUtil.getAttributeValue(validUntil); entitiesDescriptorType.setValidUntil(XMLTimeUtil.parse(validUntilValue)); if (cacheDuration != null) { entitiesDescriptorType .setCacheDuration(XMLTimeUtil.parseAsDuration(StaxParserUtil.getAttributeValue(cacheDuration)));
/** * Get the current instant of time * * @return * @throws ConfigurationException */ public static XMLGregorianCalendar getIssueInstant() throws ConfigurationException { return getIssueInstant(getCurrentTimeZoneID()); }