/** * Return true if the "Created" value is before the current time minus the timeToLive * argument, and if the Created value is not "in the future". * * @param timeToLive the value in seconds for the validity of the Created time * @param futureTimeToLive the value in seconds for the future validity of the Created time * @return true if the UsernameToken is before (now-timeToLive), false otherwise */ public boolean verifyCreated( int timeToLive, int futureTimeToLive ) { return DateUtil.verifyCreated(created, timeToLive, futureTimeToLive); }
/** * Return true if the "Created" value is before the current time minus the timeToLive * argument, and if the Created value is not "in the future". * * @param timeToLive the value in seconds for the validity of the Created time * @param futureTimeToLive the value in seconds for the future validity of the Created time * @return true if the timestamp is before (now-timeToLive), false otherwise */ public boolean verifyCreated( int timeToLive, int futureTimeToLive ) { return DateUtil.verifyCreated(created, timeToLive, futureTimeToLive); }
private Instant verifyCreated( WSSSecurityProperties wssSecurityProperties, UsernameTokenType usernameTokenType ) throws WSSecurityException { // Verify Created int ttl = wssSecurityProperties.getUtTTL(); int futureTTL = wssSecurityProperties.getUtFutureTTL(); final AttributedDateTime attributedDateTimeCreated = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSU_CREATED); if (attributedDateTimeCreated != null) { // Parse the Date ZonedDateTime created; try { created = ZonedDateTime.parse(attributedDateTimeCreated.getValue()); } catch (DateTimeParseException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e); } // Validate whether the security semantics have expired if (!DateUtil.verifyCreated(created.toInstant(), ttl, futureTTL)) { throw new WSSecurityException(WSSecurityException.ErrorCode.MESSAGE_EXPIRED); } return created.toInstant(); } return null; } }
if (createdDate != null && !DateUtil.verifyCreated(createdDate.toInstant(), ttl, futureTTL)) { LOG.debug("Time now: {}", rightNow.toString()); throw new WSSecurityException(WSSecurityException.ErrorCode.MESSAGE_EXPIRED, "invalidTimestamp",