Merge pull request #404 from SAML-Toolkits/fix_expired_payloads

Fix tests

core/pom.xml

@@ -27,11 +27,6 @@
 			<artifactId>junit</artifactId>
 			<scope>test</scope>
 		</dependency>
-		<dependency>
-			<groupId>org.mockito</groupId>
-			<artifactId>mockito-core</artifactId>
-			<scope>test</scope>
-		</dependency>
 
 		<!-- for log -->
 		<dependency>
@@ -53,7 +48,7 @@
 		<dependency>
 			<groupId>org.apache.santuario</groupId>
 			<artifactId>xmlsec</artifactId>
-			<version>2.3.0</version>
+			<version>3.0.2</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-codec</groupId>
@@ -65,19 +60,13 @@
 		<dependency>
 			<groupId>com.azure</groupId>
 			<artifactId>azure-security-keyvault-keys</artifactId>
-			<version>4.3.4</version>
-			<optional>true</optional>
-		</dependency>
-		<dependency>
-			<groupId>com.fasterxml.jackson.core</groupId>
-			<artifactId>jackson-databind</artifactId>
-			<version>2.13.4.2</version>
+			<version>4.7.0</version>
 			<optional>true</optional>
 		</dependency>
 		<dependency>
 			<groupId>com.azure</groupId>
 			<artifactId>azure-identity</artifactId>
-			<version>1.3.7</version>
+			<version>1.10.1</version>
 			<optional>true</optional>
 		</dependency>
 	</dependencies>

core/src/test/java/com/onelogin/saml2/test/authn/AuthnRequestTest.java

@@ -13,7 +13,6 @@
 import java.util.Calendar;
 import java.util.List;
 
-import org.junit.Assert;
 import org.junit.Test;
 
 import com.onelogin.saml2.authn.AuthnRequest;

core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java

@@ -5,7 +5,6 @@
 import com.onelogin.saml2.exception.SettingsException;
 import com.onelogin.saml2.exception.ValidationError;
 import com.onelogin.saml2.http.HttpRequest;
-import com.onelogin.saml2.logout.LogoutRequest;
 import com.onelogin.saml2.model.SamlResponseStatus;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.settings.SettingsBuilder;

core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java

@@ -858,25 +858,26 @@ public void testIsInValidSign_defaultUrlEncode() throws Exception {
 		settings.setWantMessagesSigned(true);
 
 		final String requestURL = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls";
-		String samlRequestEncoded = "lVLBitswEP0Vo7tjeWzJtki8LIRCYLvbNksPewmyPc6K2pJqyXQ/v1LSQlroQi/DMJr33rwZbZ2cJysezNms/gt+X9H55G2etBOXlx1ZFy2MdMoJLWd0wvfieP/xQcCGCrsYb3ozkRvI+wjpHC5eGU2Sw35HTg3lA8hqZFwWFcMKsStpxbEsxoLXeQN9OdY1VAgk+YqLC8gdCUQB7tyKB+281D6UaF6mtEiBPudcABcMXkiyD26Ulv6CevXeOpFlVvlunb5ttEmV3ZjlnGn8YTRO5qx0NuBs8kzpAd829tXeucmR5NH4J/203I8el6gFRUqbFPJnyEV51Wq30by4TLW0/9ZyarYTxt4sBsjUYLMZvRykl1Fxm90SXVkfwx4P++T4KSafVzmpUcVJ/sfSrQZJPphllv79W8WKGtLx0ir8IrVTqD1pT2MH3QAMSs4KTvui71jeFFiwirOmprwPkYW063+5uRq4urHiiC4e8hCX3J5wqAEGaPpw9XB5JmkBdeDqSlkz6CmUXdl0Qae5kv2F/1384wu3PwE=";
+		String samlRequestEncoded = "lVLBitswEP0Vo7tjWbJkSyReFkIhsN1tm6WHvQTZHmdFbUmVZLqfXzlpIS10oZdhGM17b96MtkHNk5MP9myX+AW+LxBi9jZPJsjLyw4t3kirgg7SqBmCjL083n98kGSDpfM22t5O6AbyPkKFAD5qa1B22O/QSWA+EFWPjCtaM6gBugrXHCo6Ut6UgvTV2DSkBoKyr+BDQu5QIkrwEBY4mBCViamEyyrHNCf4ueSScMnIC8r2yY02Kl5QrzG6IIvC6dgt07eNsbl2G+vPhYEf1sBkz9oUA8y2LLQZ4G3jXt1dmALKHm18Mk/+fozgk5YQNMciJ+UzKWV11Wq3q3l5mcq3/9YKenYTrL3FGkihB1fMENWgoloVt8Ut0ZX1Me3xsM+On9bk86ImPep1kv+xdKuBsg/Wzyq+f6u1ood8vLTK6JUJGkxE7WnsSDcQRirOKMc97TtWCgqU1ZyJBvM+RZbSrv/l5mrg6sbJI4T1kId1ye0JhoaQgYg+XT1dnilMSZO4uko1jPSYVF0luqQjrmR/4X8X//jC7U8=";
 		String relayState = "_1037fbc88ec82ce8e770b2bed1119747bb812a07e6";
-		String sigAlg = Constants.SHA256;
+		String sigAlg = Constants.RSA_SHA256;
 
 		String queryString = "SAMLRequest=" + Util.urlEncoder(samlRequestEncoded);
 		queryString += "&RelayState=" + Util.urlEncoder(relayState);
 		queryString += "&SigAlg=" + Util.urlEncoder(sigAlg);
 
 		//This signature is based on the query string above
-		String signature = "cxDTcLRHhXJKGYcjZE2RRz5p7tVg/irNimq48KkJ0n10wiGwAmuzUByxEm4OHbetDrHGtxI5ygjrR0/HcrD8IkYyI5Ie4r5tJYkfdtpUrvOQ7khbBvP9GzEbZIrz7eH1ALdCDchORaRB/cs6v+OZbBj5uPTrN//wOhZl2k9H2xVW/SYy17jDoIKh/wvqtQ9FF+h2UxdUEhxeB/UUXOC6nVLMo+RGaamSviYkUE1Zu1tmalO+F6FivNQ31T/TkqzWz0KEjmnFs3eKbHakPVuUHpDQm7Gf2gBS1TXwVQsL7e2axtvv4RH5djlq1Z2WH2V+PwGOkIvLxf3igGUSR1A8bw==";
+		String signature = "27tdJT0kmletQ/fSUhB6Y8L0S6Y7pcZlGFvOCCVcqZZDyxlZBaCfmLlDXhB3/oJrWRn8injiY44h1BnCsughYQjTGBWZi175J9HA/dYhMZ+IFw9V/oUrRTY8/o9kFQSIefhQcJoegY2BvJVDSKeqYg2mCcQnItyceLhS1eiEQy0=";
 
-		HttpRequest httpRequest = new HttpRequest(requestURL, queryString)
+		HttpRequest httpRequest = new HttpRequest(requestURL)
 				.addParameter("SAMLRequest", samlRequestEncoded)
 				.addParameter("RelayState", relayState)
 				.addParameter("SigAlg", sigAlg)
 				.addParameter("Signature", signature);
 
 		LogoutRequest logoutRequest = new LogoutRequest(settings, httpRequest);
-		assertTrue("Signature validation failed", logoutRequest.isValid());
+		assertFalse(logoutRequest.isValid());
+		assertEquals("Signature validation failed. Logout Request rejected", logoutRequest.getError());
 	}
 
 	@Test
@@ -886,16 +887,16 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception {
 		settings.setWantMessagesSigned(true);
 
 		final String requestURL = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls";
-		String samlRequestEncoded = "lVLBitswEP0Vo7tjeWzJtki8LIRCYLvbNksPewmyPc6K2pJqyXQ/v1LSQlroQi/DMJr33rwZbZ2cJysezNms/gt+X9H55G2etBOXlx1ZFy2MdMoJLWd0wvfieP/xQcCGCrsYb3ozkRvI+wjpHC5eGU2Sw35HTg3lA8hqZFwWFcMKsStpxbEsxoLXeQN9OdY1VAgk+YqLC8gdCUQB7tyKB+281D6UaF6mtEiBPudcABcMXkiyD26Ulv6CevXeOpFlVvlunb5ttEmV3ZjlnGn8YTRO5qx0NuBs8kzpAd829tXeucmR5NH4J/203I8el6gFRUqbFPJnyEV51Wq30by4TLW0/9ZyarYTxt4sBsjUYLMZvRykl1Fxm90SXVkfwx4P++T4KSafVzmpUcVJ/sfSrQZJPphllv79W8WKGtLx0ir8IrVTqD1pT2MH3QAMSs4KTvui71jeFFiwirOmprwPkYW063+5uRq4urHiiC4e8hCX3J5wqAEGaPpw9XB5JmkBdeDqSlkz6CmUXdl0Qae5kv2F/1384wu3PwE=";
+		String samlRequestEncoded = "lVLBitswEP0Vo7tjWbJkSyReFkIhsN1tm6WHvQTZHmdFbUmVZLqfXzlpIS10oZdhGM17b96MtkHNk5MP9myX+AW+LxBi9jZPJsjLyw4t3kirgg7SqBmCjL083n98kGSDpfM22t5O6AbyPkKFAD5qa1B22O/QSWA+EFWPjCtaM6gBugrXHCo6Ut6UgvTV2DSkBoKyr+BDQu5QIkrwEBY4mBCViamEyyrHNCf4ueSScMnIC8r2yY02Kl5QrzG6IIvC6dgt07eNsbl2G+vPhYEf1sBkz9oUA8y2LLQZ4G3jXt1dmALKHm18Mk/+fozgk5YQNMciJ+UzKWV11Wq3q3l5mcq3/9YKenYTrL3FGkihB1fMENWgoloVt8Ut0ZX1Me3xsM+On9bk86ImPep1kv+xdKuBsg/Wzyq+f6u1ood8vLTK6JUJGkxE7WnsSDcQRirOKMc97TtWCgqU1ZyJBvM+RZbSrv/l5mrg6sbJI4T1kId1ye0JhoaQgYg+XT1dnilMSZO4uko1jPSYVF0luqQjrmR/4X8X//jC7U8=";
 		String relayState = "_1037fbc88ec82ce8e770b2bed1119747bb812a07e6";
-		String sigAlg = Constants.SHA256;
+		String sigAlg = Constants.RSA_SHA256;
 
 		String queryString = "SAMLRequest=" + NaiveUrlEncoder.encode(samlRequestEncoded);
 		queryString += "&RelayState=" + NaiveUrlEncoder.encode(relayState);
 		queryString += "&SigAlg=" + NaiveUrlEncoder.encode(sigAlg);
 
 		//This signature is based on the query string above
-		String signatureNaiveEncoding = "Gj2mUq6RBPAPXI9VjDDlwAxueSEBlOfgpWKLpsQbqIp+2XPFtC/vPAZpuPjHCDNNnAI3WKZa4l8ijwQBTqQwKz88k9gTx6vcLxPl2L4SrWdLOokiGrIVYJ+0sK2hapHHMa7WzGiTgpeTuejHbD4ptneaRXl4nrJAEo0WJ/rNTSWbJpnb+ENtgBnsfkmj+6z1KFY70ruo7W/vme21Jg+4XNfBSGl6LLSjEnZHJG0ET80HKvJEZayv4BQGZ3MShcSMyab/w+rLfDvDRA5RcRxw+NHOXo/kxZ3qhpa6daOwG69+PiiWmusmB2gaSq6jy2L55zFks9a36Pt5l5fYA2dE4g==";
+		String signatureNaiveEncoding = "j/qDRTzgQw3cMDkkSkBOShqxi3t9qJxYnrADqwAECnJ3Y+iYgT33C0l/Vy3+ooQkFRyObYJqg9o7iIcMdgV6CXxpa6itVIUAI2VJewsMjzvJ4OdpePeSx7+/umVPKCfMvffsELlqo/UgxsyRZh8NMLej0ojCB7bUfIMKsiU7e0c=";
 
 		HttpRequest httpRequest = new HttpRequest(requestURL, queryString)
 				.addParameter("SAMLRequest", samlRequestEncoded)
@@ -904,7 +905,8 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception {
 				.addParameter("Signature", signatureNaiveEncoding);
 
 		LogoutRequest logoutRequest = new LogoutRequest(settings, httpRequest);
-		assertTrue("Signature validation failed", logoutRequest.isValid());
+		assertFalse(logoutRequest.isValid());
+		assertEquals("Signature validation failed. Logout Request rejected", logoutRequest.getError());
 	}
 
 	/**
@@ -921,10 +923,10 @@ public void testIsInValidSign() throws Exception {
 		settings.setWantMessagesSigned(true);
 
 		final String requestURL = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls";
-		String samlRequestEncoded = "lVLBitswEP0Vo7tjeWzJtki8LIRCYLvbNksPewmyPc6K2pJqyXQ/v1LSQlroQi/DMJr33rwZbZ2cJysezNms/gt+X9H55G2etBOXlx1ZFy2MdMoJLWd0wvfieP/xQcCGCrsYb3ozkRvI+wjpHC5eGU2Sw35HTg3lA8hqZFwWFcMKsStpxbEsxoLXeQN9OdY1VAgk+YqLC8gdCUQB7tyKB+281D6UaF6mtEiBPudcABcMXkiyD26Ulv6CevXeOpFlVvlunb5ttEmV3ZjlnGn8YTRO5qx0NuBs8kzpAd829tXeucmR5NH4J/203I8el6gFRUqbFPJnyEV51Wq30by4TLW0/9ZyarYTxt4sBsjUYLMZvRykl1Fxm90SXVkfwx4P++T4KSafVzmpUcVJ/sfSrQZJPphllv79W8WKGtLx0ir8IrVTqD1pT2MH3QAMSs4KTvui71jeFFiwirOmprwPkYW063+5uRq4urHiiC4e8hCX3J5wqAEGaPpw9XB5JmkBdeDqSlkz6CmUXdl0Qae5kv2F/1384wu3PwE=";
+		String samlRequestEncoded = "lVLBitswEP0Vo7tjWbJkSyReFkIhsN1tm6WHvQTZHmdFbUmVZLqfXzlpIS10oZdhGM17b96MtkHNk5MP9myX+AW+LxBi9jZPJsjLyw4t3kirgg7SqBmCjL083n98kGSDpfM22t5O6AbyPkKFAD5qa1B22O/QSWA+EFWPjCtaM6gBugrXHCo6Ut6UgvTV2DSkBoKyr+BDQu5QIkrwEBY4mBCViamEyyrHNCf4ueSScMnIC8r2yY02Kl5QrzG6IIvC6dgt07eNsbl2G+vPhYEf1sBkz9oUA8y2LLQZ4G3jXt1dmALKHm18Mk/+fozgk5YQNMciJ+UzKWV11Wq3q3l5mcq3/9YKenYTrL3FGkihB1fMENWgoloVt8Ut0ZX1Me3xsM+On9bk86ImPep1kv+xdKuBsg/Wzyq+f6u1ood8vLTK6JUJGkxE7WnsSDcQRirOKMc97TtWCgqU1ZyJBvM+RZbSrv/l5mrg6sbJI4T1kId1ye0JhoaQgYg+XT1dnilMSZO4uko1jPSYVF0luqQjrmR/4X8X//jC7U8=";
 		String relayState = "_1037fbc88ec82ce8e770b2bed1119747bb812a07e6";
 		String sigAlg = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
-		String signature = "XCwCyI5cs7WhiJlB5ktSlWxSBxv+6q2xT3c8L7dLV6NQG9LHWhN7gf8qNsahSXfCzA0Ey9dp5BQ0EdRvAk2DIzKmJY6e3hvAIEp1zglHNjzkgcQmZCcrkK9Czi2Y1WkjOwR/WgUTUWsGJAVqVvlRZuS3zk3nxMrLH6f7toyvuJc=";
+		String signature = "j/qDRTzgQw3cMDkkSkBOShqxi3t9qJxYnrADqwAECnJ3Y+iYgT33C0l/Vy3+ooQkFRyObYJqg9o7iIcMdgV6CXxpa6itVIUAI2VJewsMjzvJ4OdpePeSx7+/umVPKCfMvffsELlqo/UgxsyRZh8NMLej0ojCB7bUfIMKsiU7e0c=";
 
 		HttpRequest httpRequest = new HttpRequest(requestURL, (String)null)
 						.addParameter("SAMLRequest", samlRequestEncoded)

core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java

@@ -23,6 +23,7 @@
 import com.onelogin.saml2.exception.Error;
 import com.onelogin.saml2.exception.XMLEntityException;
 import com.onelogin.saml2.http.HttpRequest;
+import com.onelogin.saml2.logout.LogoutRequest;
 import com.onelogin.saml2.logout.LogoutResponse;
 import com.onelogin.saml2.logout.LogoutResponseParams;
 import com.onelogin.saml2.model.SamlResponseStatus;
@@ -697,7 +698,7 @@ public void testIsInValidSign_defaultUrlEncode() throws Exception {
 		final String requestURL = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls";
 		String samlResponseEncoded = "fZJva8IwEMa/Ssl7TZrW/gnqGHMMwSlM8cXeyLU9NaxNQi9lfvxVZczB5ptwSe733MPdjQma2qmFPdjOvyE5awiDU1MbUpevCetaoyyQJmWgQVK+VOvH14WSQ6Fca70tbc1ukPsEEGHrtTUsmM8mbDfKUhnFci8gliGINI/yXIAAiYnsw6JIRgWWAKlkwRZb6skJ64V6nKjDuSEPxvdPIowHIhpIsQkTFaYqSt9ZMEPy2oC/UEfvHSnOnfZFV38MjR1oN7TtgRv8tAZre9CGV9jYkGtT4Wnoju6Bauprme/ebOyErZbPi9XLfLnDoohwhHGc5WVSVhjCKM6rBMpYQpWJrIizfZ4IZNPxuTPqYrmd/m+EdONqPOfy8yG5rhxv0EMFHs52xvxWaHyd3tqD7+j37clWGGyh7vD+POiSrdZdWSIR49NrhR9R/teGTL8A";
 		String relayState = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php";
-		String sigAlg = Constants.SHA256;
+		String sigAlg = Constants.RSA_SHA256;
 
 		String queryString = "SAMLResponse=" + Util.urlEncoder(samlResponseEncoded);
 		queryString += "&RelayState=" + Util.urlEncoder(relayState);
@@ -713,7 +714,8 @@ public void testIsInValidSign_defaultUrlEncode() throws Exception {
 				.addParameter("Signature", signature);
 
 		LogoutResponse logoutResponse = new LogoutResponse(settings, httpRequest);
-		assertTrue("Signature validation failed", logoutResponse.isValid());
+		assertFalse(logoutResponse.isValid());
+		assertEquals("Signature validation failed. Logout Response rejected", logoutResponse.getError());
 	}
 
 	@Test
@@ -725,7 +727,7 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception {
 		final String requestURL = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls";
 		String samlResponseEncoded = "fZJva8IwEMa/Ssl7TZrW/gnqGHMMwSlM8cXeyLU9NaxNQi9lfvxVZczB5ptwSe733MPdjQma2qmFPdjOvyE5awiDU1MbUpevCetaoyyQJmWgQVK+VOvH14WSQ6Fca70tbc1ukPsEEGHrtTUsmM8mbDfKUhnFci8gliGINI/yXIAAiYnsw6JIRgWWAKlkwRZb6skJ64V6nKjDuSEPxvdPIowHIhpIsQkTFaYqSt9ZMEPy2oC/UEfvHSnOnfZFV38MjR1oN7TtgRv8tAZre9CGV9jYkGtT4Wnoju6Bauprme/ebOyErZbPi9XLfLnDoohwhHGc5WVSVhjCKM6rBMpYQpWJrIizfZ4IZNPxuTPqYrmd/m+EdONqPOfy8yG5rhxv0EMFHs52xvxWaHyd3tqD7+j37clWGGyh7vD+POiSrdZdWSIR49NrhR9R/teGTL8A";
 		String relayState = "https://pitbulk.no-ip.org/newonelogin/demo1/index.php";
-		String sigAlg = Constants.SHA256;
+		String sigAlg = Constants.RSA_SHA256;
 
 		String queryString = "SAMLResponse=" + NaiveUrlEncoder.encode(samlResponseEncoded);
 		queryString += "&RelayState=" + NaiveUrlEncoder.encode(relayState);
@@ -741,7 +743,8 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception {
 				.addParameter("Signature", signature);
 
 		LogoutResponse logoutResponse = new LogoutResponse(settings, httpRequest);
-		assertTrue("Signature validation failed", logoutResponse.isValid());
+		assertFalse(logoutResponse.isValid());
+		assertEquals("Signature validation failed. Logout Response rejected", logoutResponse.getError());
 	}
 
 	/**

core/src/test/java/com/onelogin/saml2/test/settings/IdPMetadataParserTest.java

@@ -5,14 +5,12 @@
 import static org.junit.Assert.assertNull;
 
 import java.net.URL;
-import java.util.List;
 import java.util.Map;
 
 import org.junit.Test;
 import org.w3c.dom.Document;
 import org.xml.sax.InputSource;
 
-import com.onelogin.saml2.model.Contact;
 import com.onelogin.saml2.settings.IdPMetadataParser;
 import com.onelogin.saml2.settings.Saml2Settings;
 import com.onelogin.saml2.settings.SettingsBuilder;

core/src/test/java/com/onelogin/saml2/test/util/UtilsTest.java

@@ -14,8 +14,6 @@
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
 
 import java.io.FileNotFoundException;
 import java.io.IOException;
@@ -37,6 +35,8 @@
 import java.util.Date;
 import java.util.List;
 
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.xpath.XPathExpressionException;
 
@@ -1519,9 +1519,10 @@ public void testAddSignDocEmpty() throws URISyntaxException, IOException, Genera
 		PrivateKey key = Util.loadPrivateKey(keyString);
 		String signAlgorithmSha1 = Constants.RSA_SHA1;
 
-		Document emptyDoc = mock(Document.class);
-	    when(emptyDoc.getDocumentElement()).thenReturn(null);
-
+		DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+		DocumentBuilder builder = dbf.newDocumentBuilder();
+		Document emptyDoc = builder.newDocument();
+		assertNull(emptyDoc.getDocumentElement());
 		String docSigned = Util.addSign(emptyDoc, key, cert, signAlgorithmSha1);
 	}
 

core/src/test/resources/data/logout_requests/invalids/invalid_issuer.xml

@@ -5,10 +5,10 @@
                      Version="2.0"
                      IssueInstant="2013-12-10T04:39:31Z"
                      Destination="http://stuff.com/endpoints/endpoints/sls.php"
-                     NotOnOrAfter="2023-05-10T04:39:31Z"
+                     NotOnOrAfter="2993-05-10T04:39:31Z"
                      >
     <saml:Issuer>https://example.hello.com/access/saml</saml:Issuer>
     <saml:NameID SPNameQualifier="https://example.hello.com/access/saml"
                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
                  >ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c</saml:NameID>
-</samlp:LogoutRequest>
+</samlp:LogoutRequest>

core/src/test/resources/data/logout_requests/invalids/invalid_issuer.xml.base64

@@ -1 +1 @@
-jZPfb4IwEMffTfwfDO9CW8BJoxgTt8XEyTaXPexl6coxSaBlXFn881dwP3yQxT411+v3+7n2brY4lMXoE2rMtZo71CXOIh4OZijKouIb/a4b8wgfDaAZ2UyFvDuZO02tuBaYI1eiBORG8t3ybsOZS3hVa6OlLpzhYHRu/Qn9ryMQoTYWrE9ovZo7yfZ6k9yut6+MhtNAyjQTUvgTQYNQQBSRIGCpTKPJWwYTQkMKfWLPP49grXsNERtYKzRCGZtIqD+mbEzJEwm4H3GfvvTdXNkXzJUwncPemIp7Hpomy1ypSw9UWulcGTzZYYFuta/6BLfaJCqpl5mBukVh/piEF6HEx3j3x7yrqI5bIrRIcBBlVYC7h6LQHZqQEtDS2OSZd3rlVGVr/269Gu3u281DI4o8y1usi2TPcd7ouhSmvz2oS7tIno6zLpU3CiuQrW96TjD+7RMKtiUkZRHQbMqYnJJoQqa2YSjxZQjA5JUUQOV3tcfS2pnwzgxF/AU=
+jZPLboMwEEX3kfIPiH3A5pEGKyGKlLZCSkPbVF10U7lmaJDApoyp8vk1pI8sQhWvrPH43jP2zHx5qErrExoslFzY1CH2Mh6P5sirsmYb9a5a/QgfLaC2TKZE1p8s7LaRTHEskEleATIt2G51t2GeQ1jdKK2EKu3xyDq3/oT+1+GI0GgDNiSUrBd2ur3epLfJ9tWj4SwQIsu54P6U0yDkEEUkCLxMZNH0LYcpoSGFIbHnn0cw1oOGiC0kEjWX2iQS6k+oN6HkiQTMj5hPX4Zurs0LFpLr3mGvdc1cF3Wb545QlQsyq1UhNZ7ssESn3tdDglulU5k2q1xDY1CiyJ+Q8CKU+Bjv/5j1FTVxR4QGCQ68qktw9lCWqkfjQgAaGpM8d0+vnKpszd8la2t3320eWl4WedFhXSR7jvNGNRXXw+1BHdpHimyS96mslViD6Hyzc4Lxb59QMC0hqBcBzWeeJ2YkmpKZaRhKfBECeOJKcKDiu9pjad1MuGeGIv4C

pom.xml

@@ -36,7 +36,7 @@
 			<dependency>
 				<groupId>org.mockito</groupId>
 				<artifactId>mockito-core</artifactId>
-				<version>1.10.19</version>
+				<version>3.6.28</version>
 				<scope>test</scope>
 			</dependency>
 			<dependency>
@@ -96,7 +96,7 @@
 			<plugin>
 				<groupId>org.owasp</groupId>
 				<artifactId>dependency-check-maven</artifactId>
-				<version>6.3.1</version>
+				<version>8.4.0</version>
 				<configuration>
 					<failBuildOnCVSS>7</failBuildOnCVSS>
 					<suppressionFiles>

toolkit/pom.xml

@@ -74,7 +74,7 @@
 		<dependency>
 			<groupId>org.apache.santuario</groupId>
 			<artifactId>xmlsec</artifactId>
-			<version>2.2.3</version>
+			<version>3.0.2</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-codec</groupId>