cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: More work on DateTime
Date Mon, 20 Mar 2017 13:08:59 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 3fe8e9222 -> d770183ad


More work on DateTime


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d770183a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d770183a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d770183a

Branch: refs/heads/master
Commit: d770183ad67370694e140a4aac9dae6b0753dbf2
Parents: 3fe8e92
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Mar 20 11:43:52 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Mar 20 11:44:01 2017 +0000

----------------------------------------------------------------------
 .../SecureConversationInInterceptor.java        |  2 +-
 .../SpnegoContextTokenInInterceptor.java        |  2 +-
 .../security/tokenstore/MemoryTokenStore.java   | 20 ++++++-------
 .../ws/security/tokenstore/SecurityToken.java   | 25 ++++++++--------
 .../cxf/ws/security/wss4j/WSS4JUtils.java       |  5 ++--
 .../policyhandlers/AbstractBindingBuilder.java  |  6 ++--
 .../AsymmetricBindingHandler.java               |  2 +-
 .../StaxSymmetricBindingHandler.java            |  2 +-
 .../policyhandlers/SymmetricBindingHandler.java | 10 +++----
 .../policyhandlers/TransportBindingHandler.java |  6 ++--
 .../tokenstore/MemoryTokenStoreTest.java        |  2 +-
 .../org/apache/cxf/sts/cache/CacheUtils.java    |  4 +--
 .../cxf/sts/cache/HazelCastTokenStore.java      |  7 +++--
 .../cxf/sts/operation/AbstractOperation.java    | 18 ++++++------
 .../sts/token/provider/SAMLTokenProvider.java   |  6 ++--
 .../cxf/sts/token/provider/SCTProvider.java     |  7 +++--
 .../token/provider/TokenProviderResponse.java   | 30 ++++++++++----------
 .../provider/jwt/DefaultJWTClaimsProvider.java  | 13 ++++-----
 .../token/provider/jwt/JWTTokenProvider.java    |  8 ++----
 .../cxf/sts/token/renewer/SAMLTokenRenewer.java |  6 ++--
 .../sts/token/renewer/TokenRenewerResponse.java | 30 ++++++++++----------
 .../cxf/sts/cache/HazelCastTokenStoreTest.java  |  4 +--
 .../token/provider/JWTProviderLifetimeTest.java | 12 ++++----
 .../token/provider/JWTTokenProviderTest.java    | 28 +++++++++---------
 .../cxf/systest/sts/caching/CachingTest.java    |  2 +-
 .../stsclient/STSTokenOutInterceptorTest.java   |  2 +-
 .../sts/stsclient/STSTokenRetrieverTest.java    |  2 +-
 27 files changed, 132 insertions(+), 129 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
index 1611a97..36f163d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
@@ -379,7 +379,7 @@ class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessa
             ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
             ZonedDateTime expires = created.plusSeconds(ttl / 1000L);
 
-            SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
+            SecurityToken token = new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
             token.setToken(sct.getElement());
             token.setTokenType(sct.getTokenType());
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 29350aa..0032128 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -199,7 +199,7 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
             ZonedDateTime expires = 
                 created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(exchange.getOutMessage()) / 1000L);
 
-            SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
+            SecurityToken token = new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
             token.setToken(sct.getElement());
             token.setTokenType(sct.getTokenType());
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
index 9941c48..731c181 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStore.java
@@ -19,8 +19,10 @@
 
 package org.apache.cxf.ws.security.tokenstore;
 
+import java.time.Instant;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
 import java.util.Collection;
-import java.util.Date;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -84,10 +86,10 @@ public class MemoryTokenStore implements TokenStore {
     }
 
     protected void processTokenExpiry() {
-        Date current = new Date();
+        Instant current = ZonedDateTime.now(ZoneOffset.UTC).toInstant();
         synchronized (tokens) {
             for (Map.Entry<String, CacheEntry> entry : tokens.entrySet()) {
-                if (entry.getValue().getExpiry().before(current)) {
+                if (entry.getValue().getExpiry().isBefore(current)) {
                     tokens.remove(entry.getKey());
                 }
             }
@@ -95,18 +97,16 @@ public class MemoryTokenStore implements TokenStore {
     }
 
     private CacheEntry createCacheEntry(SecurityToken token) {
-        Date expires = new Date();
-        long currentTime = expires.getTime();
-        expires.setTime(currentTime + (ttl * 1000L));
-        return new CacheEntry(token, expires);
+        ZonedDateTime expires = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(ttl);
+        return new CacheEntry(token, expires.toInstant());
     }
 
     private static class CacheEntry {
 
         private final SecurityToken securityToken;
-        private final Date expires;
+        private final Instant expires;
 
-        CacheEntry(SecurityToken securityToken, Date expires) {
+        CacheEntry(SecurityToken securityToken, Instant expires) {
             this.securityToken = securityToken;
             this.expires = expires;
         }
@@ -123,7 +123,7 @@ public class MemoryTokenStore implements TokenStore {
          * Get when this CacheEntry is to be removed from the cache
          * @return when this CacheEntry is to be removed from the cache
          */
-        public Date getExpiry() {
+        public Instant getExpiry() {
             return expires;
         }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index a2338b1..181d900 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -27,6 +27,7 @@ import java.io.StringReader;
 import java.security.Key;
 import java.security.Principal;
 import java.security.cert.X509Certificate;
+import java.time.Instant;
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
 import java.time.format.DateTimeParseException;
@@ -125,12 +126,12 @@ public class SecurityToken implements Serializable {
     /**
      * Created time
      */
-    private ZonedDateTime created;
+    private Instant created;
 
     /**
      * Expiration time
      */
-    private ZonedDateTime expires;
+    private Instant expires;
 
     /**
      * Issuer end point address
@@ -179,7 +180,7 @@ public class SecurityToken implements Serializable {
         this.id = XMLUtils.getIDFromReference(id);
     }
 
-    public SecurityToken(String id, ZonedDateTime created, ZonedDateTime expires) {
+    public SecurityToken(String id, Instant created, Instant expires) {
         this.id = XMLUtils.getIDFromReference(id);
 
         this.created = created;
@@ -188,8 +189,8 @@ public class SecurityToken implements Serializable {
 
     public SecurityToken(String id,
                  Element tokenElem,
-                 ZonedDateTime created,
-                 ZonedDateTime expires) {
+                 Instant created,
+                 Instant expires) {
         this.id = XMLUtils.getIDFromReference(id);
 
         this.token = cloneElement(tokenElem);
@@ -229,13 +230,13 @@ public class SecurityToken implements Serializable {
                 DOMUtils.getFirstChildWithName(lifetimeElem,
                                                 WSConstants.WSU_NS,
                                                 WSConstants.CREATED_LN);
-            this.created = ZonedDateTime.parse(DOMUtils.getContent(createdElem));
+            this.created = ZonedDateTime.parse(DOMUtils.getContent(createdElem)).toInstant();
 
             Element expiresElem =
                 DOMUtils.getFirstChildWithName(lifetimeElem,
                                                 WSConstants.WSU_NS,
                                                 WSConstants.EXPIRES_LN);
-            this.expires = ZonedDateTime.parse(DOMUtils.getContent(expiresElem));
+            this.expires = ZonedDateTime.parse(DOMUtils.getContent(expiresElem)).toInstant();
         } catch (DateTimeParseException e) {
             //shouldn't happen
         }
@@ -348,14 +349,14 @@ public class SecurityToken implements Serializable {
     /**
      * @return Returns the created.
      */
-    public ZonedDateTime getCreated() {
+    public Instant getCreated() {
         return created;
     }
 
     /**
      * @return Returns the expires.
      */
-    public ZonedDateTime getExpires() {
+    public Instant getExpires() {
         return expires;
     }
 
@@ -365,7 +366,7 @@ public class SecurityToken implements Serializable {
     public boolean isExpired() {
         if (expires != null) {
             ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
-            if (expires.isBefore(now)) {
+            if (expires.isBefore(now.toInstant())) {
                 return true;
             }
         }
@@ -378,7 +379,7 @@ public class SecurityToken implements Serializable {
     public boolean isAboutToExpire(long secondsToExpiry) {
         if (expires != null && secondsToExpiry > 0) {
             ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(secondsToExpiry);
-            if (expires.isBefore(now)) {
+            if (expires.isBefore(now.toInstant())) {
                 return true;
             }
         }
@@ -388,7 +389,7 @@ public class SecurityToken implements Serializable {
     /**
      * @param expires The expires to set.
      */
-    public void setExpires(ZonedDateTime expires) {
+    public void setExpires(Instant expires) {
         this.expires = expires;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
index 9551fb3..46506e9 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java
@@ -163,9 +163,10 @@ public final class WSS4JUtils {
         SecurityToken existingToken = TokenStoreUtils.getTokenStore(message).getToken(securityToken.getId());
         if (existingToken == null || existingToken.isExpired()) {
             ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
-            ZonedDateTime expires = created.plusSeconds(getSecurityTokenLifetime(message) / 1000L); 
+            ZonedDateTime expires = created.plusSeconds(getSecurityTokenLifetime(message) / 1000L);
 
-            SecurityToken cachedTok = new SecurityToken(securityToken.getId(), created, expires);
+            SecurityToken cachedTok =
+                new SecurityToken(securityToken.getId(), created.toInstant(), expires.toInstant());
             cachedTok.setSHA1(securityToken.getSha1Identifier());
 
             if (securityToken.getTokenType() != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index e2d77a8..446f36a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -1933,8 +1933,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
 
                 ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
                 ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
-                SecurityToken secToken =
-                    new SecurityToken(id, utBuilder.getUsernameTokenElement(), created, expires);
+                SecurityToken secToken = new SecurityToken(id, 
+                                                           utBuilder.getUsernameTokenElement(), 
+                                                           created.toInstant(), 
+                                                           expires.toInstant());
 
                 if (isTokenProtection) {
                     sigParts.add(new WSEncryptionPart(secToken.getId()));

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index f24465d..80f162a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -817,7 +817,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                     || actInt.intValue() == WSConstants.ST_UNSIGNED) {
                     ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
                     ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
-                    SecurityToken tempTok = new SecurityToken(id, created, expires);
+                    SecurityToken tempTok = new SecurityToken(id, created.toInstant(), expires.toInstant());
                     tempTok.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_SECRET));
                     tempTok.setX509Certificate(
                         (X509Certificate)wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE), null

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
index 6707136..8aa4ea2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
@@ -604,7 +604,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler {
         ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
         ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
         SecurityToken tempTok =
-            new SecurityToken(IDGenerator.generateID(null), created, expires);
+            new SecurityToken(IDGenerator.generateID(null), created.toInstant(), expires.toInstant());
 
         KeyGenerator keyGenerator =
             KeyUtils.getKeyGenerator(sbinding.getAlgorithmSuite().getAlgorithmSuiteType().getEncryption());

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index bfe8491..3e06d84 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -926,8 +926,8 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
         SecurityToken tempTok = new SecurityToken(
                         id,
                         encrKey.getEncryptedKeyElement(),
-                        created,
-                        expires);
+                        created.toInstant(),
+                        expires.toInstant());
 
 
         tempTok.setSecret(secret);
@@ -968,7 +968,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
         ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
         ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
         SecurityToken tempTok =
-            new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
+            new SecurityToken(id, usernameToken.getUsernameTokenElement(), created.toInstant(), expires.toInstant());
         tempTok.setSecret(secret);
 
         tokenStore.add(tempTok);
@@ -984,7 +984,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
             ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
 
             String encryptedKeyID = (String)encryptedKeyResult.get(WSSecurityEngineResult.TAG_ID);
-            SecurityToken securityToken = new SecurityToken(encryptedKeyID, created, expires);
+            SecurityToken securityToken = new SecurityToken(encryptedKeyID, created.toInstant(), expires.toInstant());
             securityToken.setSecret((byte[])encryptedKeyResult.get(WSSecurityEngineResult.TAG_SECRET));
             securityToken.setSHA1(getSHA1((byte[])encryptedKeyResult
                                     .get(WSSecurityEngineResult.TAG_ENCRYPTED_EPHEMERAL_KEY)));
@@ -1012,7 +1012,7 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                     }
                     ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
                     ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
-                    SecurityToken securityToken = new SecurityToken(utID, created, expires);
+                    SecurityToken securityToken = new SecurityToken(utID, created.toInstant(), expires.toInstant());
 
                     byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
                     securityToken.setSecret(secret);

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
index 1d42a17..a8ef6fe 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
@@ -331,8 +331,10 @@ public class TransportBindingHandler extends AbstractBindingBuilder {
 
             ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
             ZonedDateTime expires = created.plusSeconds(WSS4JUtils.getSecurityTokenLifetime(message) / 1000L);
-            SecurityToken tempTok =
-                new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
+            SecurityToken tempTok = new SecurityToken(id,
+                                                      usernameToken.getUsernameTokenElement(),
+                                                      created.toInstant(),
+                                                      expires.toInstant());
             tempTok.setSecret(secret);
             getTokenStore().add(tempTok);
             message.put(SecurityConstants.TOKEN_ID, tempTok.getId());

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
index 9a93f81..faba41e 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/tokenstore/MemoryTokenStoreTest.java
@@ -77,7 +77,7 @@ public class MemoryTokenStoreTest extends org.junit.Assert {
         SecurityToken token = new SecurityToken();
 
         ZonedDateTime expires = ZonedDateTime.now(ZoneOffset.UTC).plusMinutes(5L);
-        token.setExpires(expires);
+        token.setExpires(expires.toInstant());
 
         assertFalse(token.isExpired());
         assertFalse(token.isAboutToExpire(100L));

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/CacheUtils.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/CacheUtils.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/CacheUtils.java
index bd34aac..9b52ef7 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/CacheUtils.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/CacheUtils.java
@@ -20,7 +20,7 @@
 package org.apache.cxf.sts.cache;
 
 import java.security.Principal;
-import java.time.ZonedDateTime;
+import java.time.Instant;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
@@ -40,7 +40,7 @@ public final class CacheUtils {
     public static SecurityToken createSecurityTokenForStorage(
         Element token,
         String tokenIdentifier,
-        ZonedDateTime expiry,
+        Instant expiry,
         Principal principal,
         String realm,
         Renewing renewing

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
index 57390e5..c847e4d 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/cache/HazelCastTokenStore.java
@@ -20,6 +20,7 @@
 package org.apache.cxf.sts.cache;
 
 import java.time.Duration;
+import java.time.Instant;
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
 import java.util.Collection;
@@ -127,13 +128,13 @@ public class HazelCastTokenStore implements TokenStore {
     private int getTTL(SecurityToken token) {
         int parsedTTL = 0;
         if (token.getExpires() != null) {
-            ZonedDateTime expires = token.getExpires();
+            Instant expires = token.getExpires();
             ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
-            if (expires.isBefore(now)) {
+            if (expires.isBefore(now.toInstant())) {
                 return 0;
             }
             
-            Duration duration = Duration.between(now, expires);
+            Duration duration = Duration.between(now.toInstant(), expires);
 
             parsedTTL = (int)duration.getSeconds();
             if (duration.getSeconds() != (long)parsedTTL || parsedTTL > MAX_TTL) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
index 6730010..816bf91 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
@@ -20,6 +20,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
+import java.time.Instant;
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
 import java.util.ArrayList;
@@ -290,20 +291,21 @@ public abstract class AbstractOperation {
      * Create a LifetimeType object given a created + expires Dates
      */
     protected static LifetimeType createLifetime(
-        ZonedDateTime tokenCreated, ZonedDateTime tokenExpires
+        Instant tokenCreated, Instant tokenExpires
     ) {
         AttributedDateTime created = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
         AttributedDateTime expires = QNameConstants.UTIL_FACTORY.createAttributedDateTime();
 
-        ZonedDateTime creationTime = tokenCreated;
         ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
-        if (creationTime == null) {
-            creationTime = now;
+        ZonedDateTime creationTime = now;
+        if (tokenCreated != null) {
+            creationTime = ZonedDateTime.ofInstant(tokenCreated, ZoneOffset.UTC);
         }
-        ZonedDateTime expirationTime = tokenExpires;
-        if (expirationTime == null) {
-            long lifeTimeOfToken = 300L;
-            expirationTime = now.plusSeconds(lifeTimeOfToken);
+        
+        long lifeTimeOfToken = 300L;
+        ZonedDateTime expirationTime = now.plusSeconds(lifeTimeOfToken);
+        if (tokenExpires != null) {
+            expirationTime = ZonedDateTime.ofInstant(tokenExpires, ZoneOffset.UTC);
         }
 
         created.setValue(DateUtil.getDateTimeFormatter(true).format(creationTime));

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
index 10fe618..82a30a6 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
@@ -19,8 +19,6 @@
 
 package org.apache.cxf.sts.token.provider;
 
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -160,8 +158,8 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements Toke
                 validFrom = assertion.getSaml1().getConditions().getNotBefore();
                 validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
             }
-            response.setCreated(ZonedDateTime.ofInstant(validFrom.toDate().toInstant(), ZoneOffset.UTC));
-            response.setExpires(ZonedDateTime.ofInstant(validTill.toDate().toInstant(), ZoneOffset.UTC));
+            response.setCreated(validFrom.toDate().toInstant());
+            response.setExpires(validTill.toDate().toInstant());
 
             response.setEntropy(entropyBytes);
             if (keySize > 0) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
index 538119a..d875b04 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SCTProvider.java
@@ -136,14 +136,15 @@ public class SCTProvider implements TokenProvider {
 
             // putting the secret key into the cache
             ZonedDateTime created = ZonedDateTime.now(ZoneOffset.UTC);
-            response.setCreated(created);
+            response.setCreated(created.toInstant());
             ZonedDateTime expires = null;
             if (lifetime > 0) {
                 expires = created.plusSeconds(lifetime);
-                response.setExpires(expires);
+                response.setExpires(expires.toInstant());
             }
 
-            SecurityToken token = new SecurityToken(sct.getIdentifier(), created, expires);
+            SecurityToken token =
+                new SecurityToken(sct.getIdentifier(), created.toInstant(), expires.toInstant());
             token.setSecret(keyHandler.getSecret());
             token.setPrincipal(tokenParameters.getPrincipal());
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
index feeee68..79ae6b6 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/TokenProviderResponse.java
@@ -19,7 +19,7 @@
 
 package org.apache.cxf.sts.token.provider;
 
-import java.time.ZonedDateTime;
+import java.time.Instant;
 
 /**
  * This class encapsulates the response from a TokenProvider instance after creating a token.
@@ -33,8 +33,8 @@ public class TokenProviderResponse {
     private boolean computedKey;
     private TokenReference attachedReference;
     private TokenReference unAttachedReference;
-    private ZonedDateTime created;
-    private ZonedDateTime expires;
+    private Instant created;
+    private Instant expires;
 
     /**
      * Return true if the entropy represents a Computed Key.
@@ -145,34 +145,34 @@ public class TokenProviderResponse {
     }
 
     /**
-     * Get the ZonedDateTime that this Token was Created
-     * @return the ZonedDateTime that this Token was Created
+     * Get the Instant that this Token was Created
+     * @return the Instant that this Token was Created
      */
-    public ZonedDateTime getCreated() {
+    public Instant getCreated() {
         return created;
     }
 
     /**
-     * Set the ZonedDateTime that this Token was Created
-     * @param created the ZonedDateTime that this Token was Created
+     * Set the Instant that this Token was Created
+     * @param created the Instant that this Token was Created
      */
-    public void setCreated(ZonedDateTime created) {
+    public void setCreated(Instant created) {
         this.created = created;
     }
 
     /**
-     * Get the ZonedDateTime that this Token expires
-     * @return the ZonedDateTime that this Token expires
+     * Get the Instant that this Token expires
+     * @return the Instant that this Token expires
      */
-    public ZonedDateTime getExpires() {
+    public Instant getExpires() {
         return expires;
     }
 
     /**
-     * Set the ZonedDateTime that this Token expires
-     * @param expires the ZonedDateTime that this Token expires
+     * Set the Instant that this Token expires
+     * @param expires the Instant that this Token expires
      */
-    public void setExpires(ZonedDateTime expires) {
+    public void setExpires(Instant expires) {
         this.expires = expires;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
index 9af74b3..3b26f0d 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java
@@ -24,7 +24,6 @@ import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
 import java.time.format.DateTimeParseException;
 import java.util.ArrayList;
-import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
 import java.util.UUID;
@@ -169,13 +168,13 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider {
     protected void handleConditions(JWTClaimsProviderParameters jwtClaimsProviderParameters, JwtClaims claims) {
         TokenProviderParameters providerParameters = jwtClaimsProviderParameters.getProviderParameters();
 
-        Date currentDate = new Date();
-        long currentTimeInSeconds = currentDate.getTime() / 1000L;
-
+        ZonedDateTime currentDate = ZonedDateTime.now(ZoneOffset.UTC);
+        long currentTime = currentDate.toEpochSecond();
+        
         // Set the defaults first
-        claims.setIssuedAt(currentTimeInSeconds);
-        claims.setNotBefore(currentTimeInSeconds);
-        claims.setExpiryTime(currentTimeInSeconds + lifetime);
+        claims.setIssuedAt(currentTime);
+        claims.setNotBefore(currentTime);
+        claims.setExpiryTime(currentTime + lifetime);
 
         Lifetime tokenLifetime = providerParameters.getTokenRequirements().getLifetime();
         if (lifetime > 0 && acceptClientLifetime && tokenLifetime != null

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
index 2583d32..d1bb134 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
@@ -21,8 +21,6 @@ package org.apache.cxf.sts.token.provider.jwt;
 
 import java.security.KeyStore;
 import java.time.Instant;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
@@ -133,11 +131,11 @@ public class JWTTokenProvider implements TokenProvider {
             response.setTokenId(claims.getTokenId());
 
             if (claims.getIssuedAt() > 0) {
-                response.setCreated(Instant.ofEpochMilli(claims.getIssuedAt() * 1000L).atZone(ZoneOffset.UTC));
+                response.setCreated(Instant.ofEpochMilli(claims.getIssuedAt() * 1000L));
             }
-            ZonedDateTime expires = null;
+            Instant expires = null;
             if (claims.getExpiryTime() > 0) {
-                expires = Instant.ofEpochMilli(claims.getExpiryTime() * 1000L).atZone(ZoneOffset.UTC);
+                expires = Instant.ofEpochMilli(claims.getExpiryTime() * 1000L);
                 response.setExpires(expires);
             }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
index 228b95b..8ce30e4 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
@@ -21,8 +21,6 @@ package org.apache.cxf.sts.token.renewer;
 
 import java.security.Principal;
 import java.security.cert.Certificate;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
@@ -227,8 +225,8 @@ public class SAMLTokenRenewer extends AbstractSAMLTokenProvider implements Token
                 validFrom = renewedAssertion.getSaml1().getConditions().getNotBefore();
                 validTill = renewedAssertion.getSaml1().getConditions().getNotOnOrAfter();
             }
-            response.setCreated(ZonedDateTime.ofInstant(validFrom.toDate().toInstant(), ZoneOffset.UTC));
-            response.setExpires(ZonedDateTime.ofInstant(validTill.toDate().toInstant(), ZoneOffset.UTC));
+            response.setCreated(validFrom.toDate().toInstant());
+            response.setExpires(validTill.toDate().toInstant());
 
             LOG.fine("SAML Token successfully renewed");
             return response;

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/TokenRenewerResponse.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/TokenRenewerResponse.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/TokenRenewerResponse.java
index b310828..b19cb5b 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/TokenRenewerResponse.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/TokenRenewerResponse.java
@@ -18,7 +18,7 @@
  */
 package org.apache.cxf.sts.token.renewer;
 
-import java.time.ZonedDateTime;
+import java.time.Instant;
 
 import org.w3c.dom.Element;
 import org.apache.cxf.sts.token.provider.TokenReference;
@@ -33,8 +33,8 @@ public class TokenRenewerResponse {
     private String tokenId;
     private TokenReference attachedReference;
     private TokenReference unAttachedReference;
-    private ZonedDateTime created;
-    private ZonedDateTime expires;
+    private Instant created;
+    private Instant expires;
 
     /**
      * Set the token
@@ -101,34 +101,34 @@ public class TokenRenewerResponse {
     }
 
     /**
-     * Get the ZonedDateTime that this Token was Created
-     * @return the ZonedDateTime that this Token was Created
+     * Get the Instant that this Token was Created
+     * @return the Instant that this Token was Created
      */
-    public ZonedDateTime getCreated() {
+    public Instant getCreated() {
         return created;
     }
 
     /**
-     * Set the ZonedDateTime that this Token was Created
-     * @param created the ZonedDateTime that this Token was Created
+     * Set the Instant that this Token was Created
+     * @param created the Instant that this Token was Created
      */
-    public void setCreated(ZonedDateTime created) {
+    public void setCreated(Instant created) {
         this.created = created;
     }
 
     /**
-     * Get the ZonedDateTime that this Token expires
-     * @return the ZonedDateTime that this Token expires
+     * Get the Instant that this Token expires
+     * @return the Instant that this Token expires
      */
-    public ZonedDateTime getExpires() {
+    public Instant getExpires() {
         return expires;
     }
 
     /**
-     * Set the ZonedDateTime that this Token expires
-     * @param expires the ZonedDateTime that this Token expires
+     * Set the Instant that this Token expires
+     * @param expires the Instant that this Token expires
      */
-    public void setExpires(ZonedDateTime expires) {
+    public void setExpires(Instant expires) {
         this.expires = expires;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
index a8936fd..c4b3729 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
@@ -59,13 +59,13 @@ public class HazelCastTokenStoreTest extends org.junit.Assert {
     public void testTokenAddExpiration() throws Exception {
         SecurityToken expiredToken = new SecurityToken("expiredToken");
         ZonedDateTime expiry = ZonedDateTime.now(ZoneOffset.UTC).minusSeconds(5L);
-        expiredToken.setExpires(expiry);
+        expiredToken.setExpires(expiry.toInstant());
         store.add(expiredToken);
         assertTrue(store.getTokenIdentifiers().isEmpty());
 
         SecurityToken farFutureToken = new SecurityToken("farFuture");
         expiry = ZonedDateTime.now(ZoneOffset.UTC).plusYears(50L);
-        farFutureToken.setExpires(expiry);
+        farFutureToken.setExpires(expiry.toInstant());
         store.add(farFutureToken);
 
         assertTrue(store.getTokenIdentifiers().size() == 1);

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
index 6b978fb..8f21291 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTProviderLifetimeTest.java
@@ -86,7 +86,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
     /**
@@ -116,7 +116,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
 
@@ -230,7 +230,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
     /**
@@ -271,7 +271,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
     /**
@@ -319,7 +319,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
     /**
@@ -356,7 +356,7 @@ public class JWTProviderLifetimeTest extends org.junit.Assert {
 
         JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(token);
         JwtToken jwt = jwtConsumer.getJwtToken();
-        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().toEpochSecond());
+        assertEquals(jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT), providerResponse.getCreated().getEpochSecond());
     }
 
     private TokenProviderParameters createProviderParameters(String tokenType) throws WSSecurityException {

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
index 846f4e5..cf09345 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTTokenProviderTest.java
@@ -88,9 +88,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
         JwtToken jwt = jwtConsumer.getJwtToken();
         Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
         Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-        Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-        Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
     }
 
@@ -115,9 +115,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
         JwtToken jwt = jwtConsumer.getJwtToken();
         Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
         Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-        Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-        Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
 
         // Verify Signature
@@ -157,9 +157,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
             JwtToken jwt = jwtConsumer.getJwtToken();
             Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
             Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-            Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-            Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
 
             // Verify Signature
@@ -197,9 +197,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
         JwtToken jwt = jwtConsumer.getJwtToken();
         Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
         Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-        Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-        Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+        Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                             jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
 
         // Check that the token is stored correctly in the cache
@@ -246,9 +246,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
 
             Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
             Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-            Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-            Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
         }
 
@@ -300,9 +300,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
 
                 Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
                 Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-                Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+                Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                                     jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-                Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+                Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                                     jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
             }
         } finally {
@@ -347,9 +347,9 @@ public class JWTTokenProviderTest extends org.junit.Assert {
 
             Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
             Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
-            Assert.assertEquals(providerResponse.getCreated().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
-            Assert.assertEquals(providerResponse.getExpires().toEpochSecond(),
+            Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
                                 jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
         }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/caching/CachingTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/caching/CachingTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/caching/CachingTest.java
index 2ff425f..8aa2ec0 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/caching/CachingTest.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/caching/CachingTest.java
@@ -196,7 +196,7 @@ public class CachingTest extends AbstractBusClientServerTestBase {
         assertNotNull(tok);
 
         // Make the token "about to expire"
-        tok.setExpires(ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(5L));
+        tok.setExpires(ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(5L).toInstant());
         assertTrue(tok.isAboutToExpire(10L));
 
         doubleIt(port, 25);

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenOutInterceptorTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenOutInterceptorTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenOutInterceptorTest.java
index 2a9c4da..0f0d319 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenOutInterceptorTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenOutInterceptorTest.java
@@ -329,7 +329,7 @@ public class STSTokenOutInterceptorTest extends AbstractBusClientServerTestBase
         Assert.assertNotNull(token);
         Assert.assertEquals(TOKEN_TYPE_SAML_2_0, token.getTokenType());
         Assert.assertNotNull(token.getId());
-        Assert.assertTrue(token.getExpires().isAfter(ZonedDateTime.now(ZoneOffset.UTC)));
+        Assert.assertTrue(token.getExpires().isAfter(ZonedDateTime.now(ZoneOffset.UTC).toInstant()));
         Assert.assertEquals("Assertion", token.getToken().getLocalName());
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d770183a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenRetrieverTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenRetrieverTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenRetrieverTest.java
index bb7f594..024e41a 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenRetrieverTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/stsclient/STSTokenRetrieverTest.java
@@ -267,7 +267,7 @@ public class STSTokenRetrieverTest extends AbstractBusClientServerTestBase {
         Assert.assertNotNull(token);
         Assert.assertEquals(TOKEN_TYPE_SAML_2_0, token.getTokenType());
         Assert.assertNotNull(token.getId());
-        Assert.assertTrue(token.getExpires().isAfter(ZonedDateTime.now(ZoneOffset.UTC)));
+        Assert.assertTrue(token.getExpires().isAfter(ZonedDateTime.now(ZoneOffset.UTC).toInstant()));
         Assert.assertEquals("Assertion", token.getToken().getLocalName());
     }
 


Mime
View raw message