cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Removing WSS4J's XmlSchemaDateFormat
Date Tue, 14 Mar 2017 12:11:12 GMT
Repository: cxf
Updated Branches:
  refs/heads/master a93f0d9ad -> 792443729


Removing WSS4J's XmlSchemaDateFormat


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/79244372
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/79244372
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/79244372

Branch: refs/heads/master
Commit: 79244372958dc1a9e382db4e1740e248bc8e2538
Parents: a93f0d9
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Mar 14 12:10:50 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Mar 14 12:11:08 2017 +0000

----------------------------------------------------------------------
 .../provider/DefaultConditionsProvider.java     | 89 +++++++++-----------
 .../provider/jwt/DefaultJWTClaimsProvider.java  | 83 +++++++++---------
 .../apache/cxf/sts/operation/IssueUnitTest.java | 15 ++--
 .../cxf/sts/operation/RenewSamlUnitTest.java    | 16 ++--
 .../token/provider/JWTProviderLifetimeTest.java | 88 +++++++++----------
 .../provider/SAMLProviderLifetimeTest.java      | 85 +++++++++----------
 .../renewer/SAMLTokenRenewerLifetimeTest.java   | 65 +++++++-------
 .../token/renewer/SAMLTokenRenewerPOPTest.java  | 17 ++--
 .../renewer/SAMLTokenRenewerRealmTest.java      | 17 ++--
 .../sts/token/renewer/SAMLTokenRenewerTest.java | 19 ++---
 .../token/validator/SAMLTokenValidatorTest.java | 17 ++--
 .../systest/sts/batch/SimpleBatchSTSClient.java | 15 ++--
 .../systest/ws/fault/ModifiedRequestTest.java   | 19 ++---
 13 files changed, 259 insertions(+), 286 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
index 1ba21f1..05bc25c 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
@@ -18,10 +18,12 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import java.text.ParseException;
+import java.time.Duration;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeParseException;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Date;
 import java.util.List;
 import java.util.logging.Logger;
 
@@ -31,8 +33,6 @@ import org.apache.cxf.sts.request.Participants;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
 import org.apache.wss4j.common.saml.bean.ConditionsBean;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
-import org.joda.time.DateTime;
 
 /**
  * A default implementation of the ConditionsProvider interface.
@@ -141,56 +141,49 @@ public class DefaultConditionsProvider implements ConditionsProvider {
         if (lifetime > 0) {
             if (acceptClientLifetime && tokenLifetime != null
                 && tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
+                ZonedDateTime creationTime = null;
+                ZonedDateTime expirationTime = null;
                 try {
-                    XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-                    Date creationTime = fmt.parse(tokenLifetime.getCreated());
-                    Date expirationTime = fmt.parse(tokenLifetime.getExpires());
-                    if (creationTime == null || expirationTime == null) {
-                        LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
-                        throw new STSException(
-                            "Error in parsing Timestamp Created or Expiration Strings",
-                            STSException.INVALID_TIME
-                        );
-                    }
+                    creationTime = ZonedDateTime.parse(tokenLifetime.getCreated());
+                    expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires());
+                } catch (DateTimeParseException ex) {
+                    LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
+                    throw new STSException(
+                        "Error in parsing Timestamp Created or Expiration Strings",
+                        STSException.INVALID_TIME
+                    );
+                }
 
-                    // Check to see if the created time is in the future
-                    Date validCreation = new Date();
-                    long currentTime = validCreation.getTime();
-                    if (futureTimeToLive > 0) {
-                        validCreation.setTime(currentTime + futureTimeToLive * 1000L);
-                    }
-                    if (creationTime.after(validCreation)) {
-                        LOG.fine("The Created Time is too far in the future");
-                        throw new STSException(
-                            "The Created Time is too far in the future", STSException.INVALID_TIME
-                        );
-                    }
+                // Check to see if the created time is in the future
+                ZonedDateTime validCreation = ZonedDateTime.now(ZoneOffset.UTC);
+                if (futureTimeToLive > 0) {
+                    validCreation = validCreation.plusSeconds(futureTimeToLive);
+                }
+                if (creationTime.isAfter(validCreation)) {
+                    LOG.fine("The Created Time is too far in the future");
+                    throw new STSException(
+                        "The Created Time is too far in the future", STSException.INVALID_TIME
+                    );
+                }
 
-                    long requestedLifetime = expirationTime.getTime() - creationTime.getTime();
-                    if (requestedLifetime > (getMaxLifetime() * 1000L)) {
-                        StringBuilder sb = new StringBuilder();
-                        sb.append("Requested lifetime [").append(requestedLifetime / 1000L);
-                        sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
-                        sb.append(" sec]");
-                        LOG.warning(sb.toString());
-                        if (isFailLifetimeExceedance()) {
-                            throw new STSException("Requested lifetime exceeds maximum lifetime",
-                                    STSException.INVALID_TIME);
-                        } else {
-                            expirationTime.setTime(creationTime.getTime() + (getMaxLifetime() * 1000L));
-                        }
+                long requestedLifetime = Duration.between(creationTime, expirationTime).getSeconds();
+                if (requestedLifetime > getMaxLifetime()) {
+                    StringBuilder sb = new StringBuilder();
+                    sb.append("Requested lifetime [").append(requestedLifetime);
+                    sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
+                    sb.append(" sec]");
+                    LOG.warning(sb.toString());
+                    if (isFailLifetimeExceedance()) {
+                        throw new STSException("Requested lifetime exceeds maximum lifetime",
+                                               STSException.INVALID_TIME);
+                    } else {
+                        expirationTime = creationTime.plusSeconds(getMaxLifetime());
                     }
-
-                    DateTime creationDateTime = new DateTime(creationTime.getTime());
-                    DateTime expirationDateTime = new DateTime(expirationTime.getTime());
-
-                    conditions.setNotAfter(expirationDateTime);
-                    conditions.setNotBefore(creationDateTime);
-                } catch (ParseException e) {
-                    LOG.warning("Failed to parse life time element: " + e.getMessage());
-                    conditions.setTokenPeriodSeconds(lifetime);
                 }
 
+                conditions.setNotAfter(expirationTime);
+                conditions.setNotBefore(creationTime);
+
             } else {
                 conditions.setTokenPeriodSeconds(lifetime);
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
index d0e5068..9af74b3 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
@@ -19,7 +19,10 @@
 package org.apache.cxf.sts.token.provider.jwt;
 
 import java.security.Principal;
-import java.text.ParseException;
+import java.time.Duration;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeParseException;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.Iterator;
@@ -42,7 +45,6 @@ import org.apache.cxf.sts.request.ReceivedToken.STATE;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderUtils;
 import org.apache.cxf.ws.security.sts.provider.STSException;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 
 /**
  * A default implementation to create a JWTClaims object. The Subject name is the name
@@ -178,51 +180,48 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
         Lifetime tokenLifetime = providerParameters.getTokenRequirements().getLifetime();
         if (lifetime > 0 && acceptClientLifetime && tokenLifetime != null
             && tokenLifetime.getCreated() != null && tokenLifetime.getExpires() != null) {
+            ZonedDateTime creationTime = null;
+            ZonedDateTime expirationTime = null;
             try {
-                XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-                Date creationTime = fmt.parse(tokenLifetime.getCreated());
-                Date expirationTime = fmt.parse(tokenLifetime.getExpires());
-                if (creationTime == null || expirationTime == null) {
-                    LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
-                    throw new STSException(
-                                           "Error in parsing Timestamp Created or Expiration Strings",
-                                           STSException.INVALID_TIME
-                        );
-                }
+                creationTime = ZonedDateTime.parse(tokenLifetime.getCreated());
+                expirationTime = ZonedDateTime.parse(tokenLifetime.getExpires());
+            } catch (DateTimeParseException ex) {
+                LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
+                throw new STSException(
+                                       "Error in parsing Timestamp Created or Expiration Strings",
+                                       STSException.INVALID_TIME
+                    );
+            }
 
-                // Check to see if the created time is in the future
-                Date validCreation = new Date();
-                long currentTime = validCreation.getTime();
-                if (futureTimeToLive > 0) {
-                    validCreation.setTime(currentTime + futureTimeToLive * 1000L);
-                }
-                if (creationTime.after(validCreation)) {
-                    LOG.fine("The Created Time is too far in the future");
-                    throw new STSException("The Created Time is too far in the future", STSException.INVALID_TIME);
-                }
+            // Check to see if the created time is in the future
+            ZonedDateTime validCreation = ZonedDateTime.now(ZoneOffset.UTC);
+            if (futureTimeToLive > 0) {
+                validCreation = validCreation.plusSeconds(futureTimeToLive);
+            }
+            if (creationTime.isAfter(validCreation)) {
+                LOG.fine("The Created Time is too far in the future");
+                throw new STSException("The Created Time is too far in the future", STSException.INVALID_TIME);
+            }
 
-                long requestedLifetime = expirationTime.getTime() - creationTime.getTime();
-                if (requestedLifetime > (getMaxLifetime() * 1000L)) {
-                    StringBuilder sb = new StringBuilder();
-                    sb.append("Requested lifetime [").append(requestedLifetime / 1000L);
-                    sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
-                    sb.append(" sec]");
-                    LOG.warning(sb.toString());
-                    if (isFailLifetimeExceedance()) {
-                        throw new STSException("Requested lifetime exceeds maximum lifetime",
-                                               STSException.INVALID_TIME);
-                    } else {
-                        expirationTime.setTime(creationTime.getTime() + (getMaxLifetime() * 1000L));
-                    }
+            long requestedLifetime = Duration.between(creationTime, expirationTime).getSeconds();
+            if (requestedLifetime > getMaxLifetime()) {
+                StringBuilder sb = new StringBuilder();
+                sb.append("Requested lifetime [").append(requestedLifetime);
+                sb.append(" sec] exceed configured maximum lifetime [").append(getMaxLifetime());
+                sb.append(" sec]");
+                LOG.warning(sb.toString());
+                if (isFailLifetimeExceedance()) {
+                    throw new STSException("Requested lifetime exceeds maximum lifetime",
+                                           STSException.INVALID_TIME);
+                } else {
+                    expirationTime = creationTime.plusSeconds(getMaxLifetime());
                 }
-
-                long creationTimeInSeconds = creationTime.getTime() / 1000L;
-                claims.setIssuedAt(creationTimeInSeconds);
-                claims.setNotBefore(creationTimeInSeconds);
-                claims.setExpiryTime(expirationTime.getTime() / 1000L);
-            } catch (ParseException e) {
-                LOG.warning("Failed to parse life time element: " + e.getMessage());
             }
+
+            long creationTimeInSeconds = creationTime.toEpochSecond();
+            claims.setIssuedAt(creationTimeInSeconds);
+            claims.setNotBefore(creationTimeInSeconds);
+            claims.setExpiryTime(expirationTime.toEpochSecond());
         }
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
index 88ebc1a..3bdd11c 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
@@ -18,9 +18,10 @@
  */
 package org.apache.cxf.sts.operation;
 
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Date;
 import java.util.List;
 
 import javax.xml.bind.JAXBElement;
@@ -45,8 +46,8 @@ import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenRespons
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 import org.apache.cxf.ws.security.sts.provider.model.utility.AttributedDateTime;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 
 /**
  * Some unit tests for the issue operation.
@@ -461,16 +462,14 @@ public class IssueUnitTest extends org.junit.Assert {
         AttributedDateTime created = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
         AttributedDateTime expires = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
 
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
         if (lifetime <= 0) {
             lifetime = 300L;
         }
-        expirationTime.setTime(creationTime.getTime() + (lifetime * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(lifetime);
 
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        created.setValue(fmt.format(creationTime));
-        expires.setValue(fmt.format(expirationTime));
+        created.setValue(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        expires.setValue(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
         LifetimeType lifetimeType = QNameConstants.WS_TRUST_FACTORY.createLifetimeType();
         lifetimeType.setCreated(created);

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
index d840aba..89305c4 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
@@ -19,8 +19,9 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.ArrayList;
-import java.util.Date;
 import java.util.List;
 import java.util.Properties;
 
@@ -65,8 +66,8 @@ import org.apache.wss4j.common.principal.CustomTokenPrincipal;
 import org.apache.wss4j.common.saml.builder.SAML1Constants;
 import org.apache.wss4j.common.saml.builder.SAML2Constants;
 import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 /**
@@ -500,13 +501,12 @@ public class RenewSamlUnitTest extends org.junit.Assert {
 
         if (ttlMs != 0) {
             Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
+            
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
index 69973c4..6b978fb 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
@@ -19,7 +19,8 @@
 package org.apache.cxf.sts.token.provider;
 
 import java.time.Duration;
-import java.util.Date;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.Properties;
 
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
@@ -40,7 +41,7 @@ import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
+import org.apache.wss4j.common.util.DateUtil;
 
 
 /**
@@ -64,13 +65,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
@@ -136,14 +137,14 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
         TokenProviderParameters providerParameters = createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         try {
@@ -170,14 +171,14 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to Default max lifetime plus 1
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         try {
@@ -208,14 +209,14 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
@@ -249,14 +250,14 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
-        creationTime.setTime(creationTime.getTime() + (10 * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+        creationTime = creationTime.plusSeconds(10);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);
@@ -290,14 +291,13 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        creationTime.setTime(creationTime.getTime() + (60L * 2L * 1000L));
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         try {
@@ -338,11 +338,11 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
             createProviderParameters(JWTTokenProvider.JWT_TOKEN_TYPE);
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        creationTime.setTime(creationTime.getTime() + (60L * 2L * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         TokenProviderResponse providerResponse = tokenProvider.createToken(providerParameters);

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
index 75f7199..97dce88 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderLifetimeTest.java
@@ -19,7 +19,8 @@
 package org.apache.cxf.sts.token.provider;
 
 import java.time.Duration;
-import java.util.Date;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.Properties;
 
 import org.w3c.dom.Element;
@@ -39,8 +40,8 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
 import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 
 
 /**
@@ -66,13 +67,12 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -138,14 +138,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -176,14 +175,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to Default max lifetime plus 1
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -218,14 +216,14 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -259,14 +257,14 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
-        creationTime.setTime(creationTime.getTime() + (10 * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+        creationTime = creationTime.plusSeconds(10L);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -300,14 +298,13 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        creationTime.setTime(creationTime.getTime() + (60L * 2L * 1000L));
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));
@@ -347,11 +344,11 @@ public class SAMLProviderLifetimeTest extends org.junit.Assert {
             );
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        creationTime.setTime(creationTime.getTime() + (60L * 2L * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(120L);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        
         providerParameters.getTokenRequirements().setLifetime(lifetime);
 
         assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML2_TOKEN_TYPE));

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
index ecd816a..ae9efb5 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerLifetimeTest.java
@@ -19,7 +19,8 @@
 package org.apache.cxf.sts.token.renewer;
 
 import java.time.Duration;
-import java.util.Date;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.Properties;
 
 import javax.security.auth.callback.CallbackHandler;
@@ -49,8 +50,8 @@ import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 
@@ -83,13 +84,13 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
         TokenRenewerParameters renewerParameters = createRenewerParameters();
 
         // Set expected lifetime to 1 minute
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         renewerParameters.getTokenRequirements().setLifetime(lifetime);
 
         CallbackHandler callbackHandler = new PasswordCallbackHandler();
@@ -178,14 +179,14 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
         TokenRenewerParameters renewerParameters = createRenewerParameters();
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         renewerParameters.getTokenRequirements().setLifetime(lifetime);
 
         CallbackHandler callbackHandler = new PasswordCallbackHandler();
@@ -229,14 +230,14 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
         TokenRenewerParameters renewerParameters = createRenewerParameters();
 
         // Set expected lifetime to Default max lifetime plus 1
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = DefaultConditionsProvider.DEFAULT_MAX_LIFETIME + 1;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         renewerParameters.getTokenRequirements().setLifetime(lifetime);
 
         CallbackHandler callbackHandler = new PasswordCallbackHandler();
@@ -285,14 +286,14 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
         TokenRenewerParameters renewerParameters = createRenewerParameters();
 
         // Set expected lifetime to 35 minutes
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
         long requestedLifetime = 35 * 60L;
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (requestedLifetime * 1000L));
+        ZonedDateTime expirationTime = creationTime.plusSeconds(requestedLifetime);
+
         Lifetime lifetime = new Lifetime();
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-        lifetime.setCreated(fmt.format(creationTime));
-        lifetime.setExpires(fmt.format(expirationTime));
+        lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+        lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+        
         renewerParameters.getTokenRequirements().setLifetime(lifetime);
 
         CallbackHandler callbackHandler = new PasswordCallbackHandler();
@@ -373,14 +374,12 @@ public class SAMLTokenRenewerLifetimeTest extends org.junit.Assert {
         providerParameters.getTokenRequirements().setRenewing(renewing);
 
         if (ttlMs != 0) {
-            Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            Lifetime lifetime = new Lifetime();
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
index 5b6021d..d50da32 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
@@ -18,9 +18,10 @@
  */
 package org.apache.cxf.sts.token.renewer;
 
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Date;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
@@ -57,11 +58,11 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 /**
@@ -283,14 +284,12 @@ public class SAMLTokenRenewerPOPTest extends org.junit.Assert {
         providerParameters.getTokenRequirements().setRenewing(renewing);
 
         if (ttlMs != 0) {
-            Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            Lifetime lifetime = new Lifetime();
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
index cf45739..951ab1f 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
@@ -18,7 +18,8 @@
  */
 package org.apache.cxf.sts.token.renewer;
 
-import java.util.Date;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
@@ -58,8 +59,8 @@ import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 /**
@@ -272,14 +273,12 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
         providerParameters.getTokenRequirements().setRenewing(renewing);
 
         if (ttlMs != 0) {
-            Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            Lifetime lifetime = new Lifetime();
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
index ad0f321..359ea76 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerTest.java
@@ -18,7 +18,8 @@
  */
 package org.apache.cxf.sts.token.renewer;
 
-import java.util.Date;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.Properties;
 
 import javax.security.auth.callback.CallbackHandler;
@@ -54,8 +55,8 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 /**
@@ -576,15 +577,13 @@ public class SAMLTokenRenewerTest extends org.junit.Assert {
         providerParameters.getTokenRequirements().setRenewing(renewing);
 
         if (ttlMs != 0) {
-            Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
-
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
+            Lifetime lifetime = new Lifetime();
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
+            
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
index 6189c52..7d396f7 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
@@ -21,9 +21,10 @@ package org.apache.cxf.sts.token.validator;
 import java.io.IOException;
 import java.net.URI;
 import java.security.Principal;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Date;
 import java.util.List;
 import java.util.Properties;
 import java.util.Set;
@@ -64,8 +65,8 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.principal.CustomTokenPrincipal;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.junit.BeforeClass;
 
 
@@ -578,14 +579,12 @@ public class SAMLTokenValidatorTest extends org.junit.Assert {
             );
 
         if (ttlMs != 0) {
-            Lifetime lifetime = new Lifetime();
-            Date creationTime = new Date();
-            Date expirationTime = new Date();
-            expirationTime.setTime(creationTime.getTime() + ttlMs);
+            ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+            ZonedDateTime expirationTime = creationTime.plusNanos(ttlMs * 1000000L);
 
-            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
-            lifetime.setCreated(fmt.format(creationTime));
-            lifetime.setExpires(fmt.format(expirationTime));
+            Lifetime lifetime = new Lifetime();
+            lifetime.setCreated(DateUtil.getDateTimeFormatter(true).format(creationTime));
+            lifetime.setExpires(DateUtil.getDateTimeFormatter(true).format(expirationTime));
 
             providerParameters.getTokenRequirements().setLifetime(lifetime);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
index 0d441a5..e91f60a 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/batch/SimpleBatchSTSClient.java
@@ -24,9 +24,10 @@ import java.io.InputStream;
 import java.net.URL;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Base64;
-import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
@@ -96,6 +97,7 @@ import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.derivedKey.P_SHA1;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.token.Reference;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
@@ -105,7 +107,6 @@ import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.processor.EncryptedKeyProcessor;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.dom.util.X509Util;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.apache.wss4j.policy.model.AbstractBinding;
 import org.apache.wss4j.policy.model.AlgorithmSuite;
 import org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType;
@@ -795,19 +796,17 @@ public class SimpleBatchSTSClient implements Configurable, InterceptorProvider {
     }
 
     protected void addLifetime(XMLStreamWriter writer) throws XMLStreamException {
-        Date creationTime = new Date();
-        Date expirationTime = new Date();
-        expirationTime.setTime(creationTime.getTime() + (ttl * 1000L));
+        ZonedDateTime creationTime = ZonedDateTime.now(ZoneOffset.UTC);
+        ZonedDateTime expirationTime = creationTime.plusSeconds(ttl); 
 
-        XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
         writer.writeStartElement("wst", "Lifetime", namespace);
         writer.writeNamespace("wsu", WSConstants.WSU_NS);
         writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
-        writer.writeCharacters(fmt.format(creationTime));
+        writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(creationTime));
         writer.writeEndElement();
 
         writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
-        writer.writeCharacters(fmt.format(expirationTime));
+        writer.writeCharacters(DateUtil.getDateTimeFormatter(true).format(expirationTime));
         writer.writeEndElement();
         writer.writeEndElement();
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/79244372/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/ModifiedRequestTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/ModifiedRequestTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/ModifiedRequestTest.java
index 8efd14f..2e6e257 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/ModifiedRequestTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/ModifiedRequestTest.java
@@ -20,12 +20,9 @@
 package org.apache.cxf.systest.ws.fault;
 
 import java.net.URL;
-import java.text.DateFormat;
-import java.util.Date;
+import java.time.ZonedDateTime;
 import java.util.Iterator;
 
-import javax.xml.datatype.Duration;
-import javax.xml.datatype.XMLGregorianCalendar;
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPFault;
 import javax.xml.ws.Service;
@@ -40,10 +37,9 @@ import org.apache.cxf.frontend.ClientProxy;
 import org.apache.cxf.systest.ws.common.SecurityTestUtil;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.engine.WSSConfig;
-import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 import org.example.contract.doubleit.DoubleItFault;
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
@@ -313,15 +309,10 @@ public class ModifiedRequestTest extends AbstractBusClientServerTestBase {
                     XMLUtils.findElement(securityHeader, "Timestamp", WSConstants.WSU_NS);
                 Element createdValue =
                     XMLUtils.findElement(timestampElement, "Created", WSConstants.WSU_NS);
-                DateFormat zulu = new XmlSchemaDateFormat();
-
-                XMLGregorianCalendar createdCalendar =
-                    WSSConfig.DATATYPE_FACTORY.newXMLGregorianCalendar(createdValue.getTextContent());
+                
+                ZonedDateTime created = ZonedDateTime.parse(createdValue.getTextContent());
                 // Add 5 seconds
-                Duration duration = WSSConfig.DATATYPE_FACTORY.newDuration(5000L);
-                createdCalendar.add(duration);
-                Date createdDate = createdCalendar.toGregorianCalendar().getTime();
-                createdValue.setTextContent(zulu.format(createdDate));
+                createdValue.setTextContent(DateUtil.getDateTimeFormatter(true).format(created.plusSeconds(5L)));
             }
         }
 


Mime
View raw message