SAML-Toolkits
diff --git a/‎core/pom.xml‎
Lines changed: 8 additions & 8 deletions b/‎core/pom.xml‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎core/src/main/java/com/onelogin/saml2/authn/AuthnRequest.java‎
Lines changed: 2 additions & 1 deletion b/‎core/src/main/java/com/onelogin/saml2/authn/AuthnRequest.java‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java‎
Lines changed: 16 additions & 7 deletions b/‎core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java‎
Lines changed: 16 additions & 7 deletions
diff --git a/‎core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java‎
Lines changed: 18 additions & 5 deletions b/‎core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java‎
Lines changed: 18 additions & 5 deletions
diff --git a/‎core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java‎
Lines changed: 17 additions & 5 deletions b/‎core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java‎
Lines changed: 17 additions & 5 deletions
diff --git a/‎core/src/main/java/com/onelogin/saml2/util/Util.java‎
Lines changed: 6 additions & 6 deletions b/‎core/src/main/java/com/onelogin/saml2/util/Util.java‎
Lines changed: 6 additions & 6 deletions
@@ -48,7 +48,7 @@
 		<dependency>
 			<groupId>joda-time</groupId>
 			<artifactId>joda-time</artifactId>
-			<version>2.10.3</version>
+			<version>2.10.6</version>
 		</dependency>
 
 		<!-- commons -->
@@ -60,12 +60,12 @@
 		<dependency>
 			<groupId>org.apache.santuario</groupId>
 			<artifactId>xmlsec</artifactId>
-			<version>2.1.4</version>
+			<version>2.2.0</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-codec</groupId>
 			<artifactId>commons-codec</artifactId>
-			<version>1.12</version>
+			<version>1.15</version>
 		</dependency>
 	</dependencies>
 
@@ -74,7 +74,7 @@
 			<plugin>
 				<groupId>org.jacoco</groupId>
 				<artifactId>jacoco-maven-plugin</artifactId>
-				<version>0.8.2</version>
+				<version>0.8.6</version>
 				<configuration>
 					<propertyName>jacoco.agent.argLine</propertyName>
 				</configuration>
@@ -90,7 +90,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-jar-plugin</artifactId>
-				<version>2.4</version>
+				<version>3.2.0</version>
 				<executions>
 					<execution>
 						<goals>
@@ -102,22 +102,22 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>2.12</version>
+				<version>2.22.2</version>
 				<configuration>
 					<argLine>${jacoco.agent.argLine}</argLine>
 				</configuration>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-enforcer-plugin</artifactId>
-				<version>1.1.1</version>
+				<version>1.4.1</version>
 				<executions>
 					<execution>
 						<id>enforce</id>
 						<configuration>
 							<rules>
 								<evaluateBeanshell>
-									<condition>javax.crypto.Cipher.getMaxAllowedKeyLength("AES") &gt; 128</condition>
+									<condition>javax.crypto.Cipher.getMaxAllowedKeyLength("AES") > 128</condition>
 								</evaluateBeanshell>
 							</rules>
 						</configuration>
 
@@ -224,6 +224,7 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) {
 		valueMap.put("issueInstant", issueInstantString);
 		valueMap.put("id", String.valueOf(id));
 		valueMap.put("assertionConsumerServiceURL", String.valueOf(settings.getSpAssertionConsumerServiceUrl()));
+		valueMap.put("protocolBinding", settings.getSpAssertionConsumerServiceBinding());
 		valueMap.put("spEntityid", settings.getSpEntityId());
 
 		String requestedAuthnContextStr = "";
@@ -247,7 +248,7 @@ private StrSubstitutor generateSubstitutor(Saml2Settings settings) {
 	 */
 	private static StringBuilder getAuthnRequestTemplate() {
 		StringBuilder template = new StringBuilder();
-		template.append("<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"${id}\" Version=\"2.0\" IssueInstant=\"${issueInstant}\"${providerStr}${forceAuthnStr}${isPassiveStr}${destinationStr} ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"${assertionConsumerServiceURL}\">");
+		template.append("<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"${id}\" Version=\"2.0\" IssueInstant=\"${issueInstant}\"${providerStr}${forceAuthnStr}${isPassiveStr}${destinationStr} ProtocolBinding=\"${protocolBinding}\" AssertionConsumerServiceURL=\"${assertionConsumerServiceURL}\">");
 		template.append("<saml:Issuer>${spEntityid}</saml:Issuer>");
 		template.append("${subjectStr}${nameIDPolicyStr}${requestedAuthnContextStr}</samlp:AuthnRequest>");
 		return template;
 
@@ -79,7 +79,7 @@ public class SamlResponse {
 	/**
 	 * After validation, if it fails this property has the cause of the problem
 	 */ 
-	private String error;
+	private Exception validationException;
 
 	/**
 	 * Constructor to have a Response object fully built and ready to validate the saml response.
@@ -144,7 +144,7 @@ public void loadXmlFromBase64(String responseStr) throws ParserConfigurationExce
 	 * @return if the response is valid or not
 	 */
 	public boolean isValid(String requestId) {
-		error = null;
+		validationException = null;
 
 		try {
 			if (samlResponseDocument == null) {
@@ -307,9 +307,9 @@ public boolean isValid(String requestId) {
 			LOGGER.debug("SAMLResponse validated --> {}", samlResponseString);
 			return true;
 		} catch (Exception e) {
-			error = e.getMessage();
+			validationException = e;
 			LOGGER.debug("SAMLResponse invalid --> {}", samlResponseString);
-			LOGGER.error(error);
+			LOGGER.error(validationException.getMessage());
 			return false;
 		}
 	}
@@ -966,15 +966,24 @@ public void setDestinationUrl(String url) {
 	/**
      * After execute a validation process, if fails this method returns the cause
      *
-     * @return the cause of the validation error 
+     * @return the cause of the validation error as a string
      */
 	public String getError() {
-		if (error != null) {
-			return error;
+		if (validationException != null) {
+			return validationException.getMessage();
 		}
 		return null;
 	}
 
+	/**
+	 * After execute a validation process, if fails this method returns the Exception object
+	 *
+	 * @return the cause of the validation error
+	 */
+	public Exception getValidationException() {
+		return validationException;
+	}
+
 	/**
 	 * Extracts a node from the DOMDocument (Assertion).
 	 *
 
@@ -98,7 +98,7 @@ public class LogoutRequest {
 	/**
 	 * After validation, if it fails this property has the cause of the problem
 	 */ 
-	private String error;
+	private Exception validationException;
 
 	/**
 	 * Constructs the LogoutRequest object.
@@ -366,7 +366,7 @@ private static StringBuilder getLogoutRequestTemplate() {
 	 * @throws Exception
      */
 	public Boolean isValid() throws Exception {
-		error = null;
+		validationException = null;
 
 		try {
 			if (this.logoutRequestString == null || logoutRequestString.isEmpty()) {
@@ -474,9 +474,9 @@ public Boolean isValid() throws Exception {
 			LOGGER.debug("LogoutRequest validated --> " + logoutRequestString);
 		    return true;	
 		} catch (Exception e) {
-			error = e.getMessage();
+			validationException = e;
 			LOGGER.debug("LogoutRequest invalid --> " + logoutRequestString);
-			LOGGER.error(error);
+			LOGGER.error(validationException.getMessage());
 			return false;
 		}
 	}
@@ -737,9 +737,22 @@ public static List<String> getSessionIndexes(String samlLogoutRequestString) thr
      * @return the cause of the validation error 
      */
 	public String getError() {
-		return error;
+		if (validationException != null) {
+			return validationException.getMessage();
+		}
+		return null;
 	}
 
+	/**
+	 * After execute a validation process, if fails this method returns the Exception object
+	 *
+	 * @return the cause of the validation error
+	 */
+	public Exception getValidationException() {
+		return validationException;
+	}
+
+
 	/**
 	 * @return the ID of the Logout Request
 	 */
 
@@ -82,7 +82,7 @@ public class LogoutResponse {
 	/**
 	 * After validation, if it fails this property has the cause of the problem
 	 */
-	private String error;
+	private Exception validationException;
 
 	/**
 	 * Constructs the LogoutResponse object.
@@ -168,7 +168,7 @@ public String getId() {
      * @return if the SAML LogoutResponse is or not valid
      */
 	public Boolean isValid(String requestId) {
-		error = null;
+		validationException = null;
 
 		try {
 			if (this.logoutResponseDocument == null) {
@@ -270,9 +270,9 @@ public Boolean isValid(String requestId) {
 			LOGGER.debug("LogoutRequest validated --> " + logoutResponseString);
 			return true;
 		} catch (Exception e) {
-			error = e.getMessage();
+			validationException = e;
 			LOGGER.debug("LogoutResponse invalid --> " + logoutResponseString);
-			LOGGER.error(error);
+			LOGGER.error(validationException.getMessage());
 			return false;
 		}
 	}
@@ -451,6 +451,18 @@ private static StringBuilder getLogoutResponseTemplate() {
      * @return the cause of the validation error
      */
 	public String getError() {
-		return error;
+		if (validationException != null) {
+			return validationException.getMessage();
+		}
+		return null;
+	}
+
+	/**
+	 * After execute a validation process, if fails this method returns the Exception object
+	 *
+	 * @return the cause of the validation error
+	 */
+	public Exception getValidationException() {
+		return validationException;
 	}
 }
@@ -73,8 +73,8 @@
 import org.joda.time.DateTime;
 import org.joda.time.DateTimeZone;
 import org.joda.time.Period;
-import org.joda.time.format.DateTimeFormat;
 import org.joda.time.format.DateTimeFormatter;
+import org.joda.time.format.ISODateTimeFormat;
 import org.joda.time.format.ISOPeriodFormat;
 import org.joda.time.format.PeriodFormatter;
 import org.slf4j.Logger;
@@ -103,9 +103,9 @@ public final class Util {
      * Private property to construct a logger for this class.
      */
 	private static final Logger LOGGER = LoggerFactory.getLogger(Util.class);
-
-    private static final DateTimeFormatter DATE_TIME_FORMAT = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss'Z'").withZone(DateTimeZone.UTC);
-	private static final DateTimeFormatter DATE_TIME_FORMAT_MILLS = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'").withZone(DateTimeZone.UTC);
+	
+    private static final DateTimeFormatter DATE_TIME_FORMAT = ISODateTimeFormat.dateTimeNoMillis().withZoneUTC();
+	private static final DateTimeFormatter DATE_TIME_FORMAT_MILLS = ISODateTimeFormat.dateTime().withZoneUTC();
 	public static final String UNIQUE_ID_PREFIX = "ONELOGIN_";
 	public static final String RESPONSE_SIGNATURE_XPATH = "/samlp:Response/ds:Signature";
 	public static final String ASSERTION_SIGNATURE_XPATH = "/samlp:Response/saml:Assertion/ds:Signature";
@@ -597,9 +597,9 @@ public static String calculateX509Fingerprint(X509Certificate x509cert, String a
 			byte[] dataBytes = x509cert.getEncoded();
 			if (alg == null || alg.isEmpty() || alg.equals("SHA-1")|| alg.equals("sha1")) {
 				fingerprint = DigestUtils.sha1Hex(dataBytes);
-			} else if (alg.equals("SHA-256") || alg .equals("sha256")) {
+			} else if (alg.equals("SHA-256") || alg.equals("sha256")) {
 				fingerprint = DigestUtils.sha256Hex(dataBytes);
-			} else if (alg.equals("SHA-384") || alg .equals("sha384")) {
+			} else if (alg.equals("SHA-384") || alg.equals("sha384")) {
 				fingerprint = DigestUtils.sha384Hex(dataBytes);
 			} else if (alg.equals("SHA-512") || alg.equals("sha512")) {
 				fingerprint = DigestUtils.sha512Hex(dataBytes);