package org.apache.wss4j.dom.message;

import java.nio.file.Path;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.cache.EHCacheReplayCache;
import org.apache.wss4j.common.cache.MemoryReplayCache;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.bean.ConditionsBean;
import org.apache.wss4j.common.util.SOAPUtil;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.common.AbstractSAMLCallbackHandler;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
import org.apache.wss4j.dom.common.SAML2CallbackHandler;
import org.apache.wss4j.dom.common.UsernamePasswordCallbackHandler;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.SamlAssertionValidator;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.io.TempDir;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/wss4j/dom/message/ReplayTest.class */
public class ReplayTest {
    private static final Logger LOG = LoggerFactory.getLogger(ReplayTest.class);
    private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
    private Crypto crypto = CryptoFactory.getInstance();

    @TempDir
    Path tempDir;

    private ReplayCache createCache(String str) throws WSSecurityException {
        return new EHCacheReplayCache(str, this.tempDir);
    }

    @Test
    public void testReplayedTimestamp() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(300);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.prepare(this.crypto);
        wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(wSSecSignature.getParts()), false, (Element) null);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        requestData.setTimestampReplayCache(new MemoryReplayCache());
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
    }

    @Test
    public void testEhCacheReplayedTimestamp() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(300);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.prepare(this.crypto);
        wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(wSSecSignature.getParts()), false, (Element) null);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        ReplayCache createCache = createCache("wss4j.timestamp.cache-");
        requestData.setTimestampReplayCache(createCache);
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        createCache.close();
    }

    @Test
    public void testReplayedTimestampBelowSignature() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(300);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.build(this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        requestData.setTimestampReplayCache(new MemoryReplayCache());
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
    }

    @Test
    public void testEhCacheReplayedTimestampBelowSignature() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(300);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.build(this.crypto);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        ReplayCache createCache = createCache("wss4j.timestamp.cache-");
        requestData.setTimestampReplayCache(createCache);
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        createCache.close();
    }

    @Test
    public void testReplayedTimestampNoExpires() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(0);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.prepare(this.crypto);
        wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(wSSecSignature.getParts()), false, (Element) null);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        requestData.setTimestampReplayCache(new MemoryReplayCache());
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
    }

    @Test
    public void testEhCacheReplayedTimestampNoExpires() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecTimestamp wSSecTimestamp = new WSSecTimestamp(wSSecHeader);
        wSSecTimestamp.setTimeToLive(0);
        Document build = wSSecTimestamp.build();
        WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
        wSSecSignature.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        wSSecSignature.setKeyIdentifierType(2);
        wSSecSignature.getParts().add(new WSEncryptionPart("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", ""));
        wSSecSignature.prepare(this.crypto);
        wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(wSSecSignature.getParts()), false, (Element) null);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(this.callbackHandler);
        ReplayCache createCache = createCache("wss4j.timestamp.cache-");
        requestData.setTimestampReplayCache(createCache);
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        createCache.close();
    }

    @Test
    public void testReplayedUsernameToken() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecUsernameToken wSSecUsernameToken = new WSSecUsernameToken(wSSecHeader);
        wSSecUsernameToken.setUserInfo("wernerd", "verySecret");
        Document build = wSSecUsernameToken.build();
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setCallbackHandler(new UsernamePasswordCallbackHandler());
        requestData.setWssConfig(newInstance);
        requestData.setNonceReplayCache(new MemoryReplayCache());
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
    }

    @Test
    public void testEhCacheReplayedUsernameToken() throws Exception {
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        WSSecUsernameToken wSSecUsernameToken = new WSSecUsernameToken(wSSecHeader);
        wSSecUsernameToken.setUserInfo("wernerd", "verySecret");
        Document build = wSSecUsernameToken.build();
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        RequestData requestData = new RequestData();
        requestData.setCallbackHandler(new UsernamePasswordCallbackHandler());
        requestData.setWssConfig(newInstance);
        ReplayCache createCache = createCache("wss4j.nonce.cache-");
        requestData.setNonceReplayCache(createCache);
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        createCache.close();
    }

    @Test
    public void testEhCacheReplayedSAML2() throws Exception {
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        ConditionsBean conditionsBean = new ConditionsBean();
        conditionsBean.setTokenPeriodMinutes(5);
        sAML2CallbackHandler.setConditions(conditionsBean);
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(sAML2CallbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        Document build = new WSSecSAMLToken(wSSecHeader).build(samlAssertionWrapper);
        if (LOG.isDebugEnabled()) {
            LOG.debug(XMLUtils.prettyDocumentToString(build));
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        SamlAssertionValidator samlAssertionValidator = new SamlAssertionValidator();
        samlAssertionValidator.setRequireBearerSignature(false);
        newInstance.setValidator(WSConstants.SAML_TOKEN, samlAssertionValidator);
        newInstance.setValidator(WSConstants.SAML2_TOKEN, samlAssertionValidator);
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(sAML2CallbackHandler);
        ReplayCache createCache = createCache("wss4j.saml.one.time.use.cache-");
        requestData.setSamlOneTimeUseReplayCache(createCache);
        verify(build, newInstance, requestData);
        verify(build, newInstance, requestData);
        createCache.close();
    }

    @Test
    public void testEhCacheReplayedSAML2OneTimeUse() throws Exception {
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        ConditionsBean conditionsBean = new ConditionsBean();
        conditionsBean.setTokenPeriodMinutes(5);
        conditionsBean.setOneTimeUse(true);
        sAML2CallbackHandler.setConditions(conditionsBean);
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(sAML2CallbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        WSSecHeader wSSecHeader = new WSSecHeader(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        wSSecHeader.insertSecurityHeader();
        Document build = new WSSecSAMLToken(wSSecHeader).build(samlAssertionWrapper);
        String prettyDocumentToString = XMLUtils.prettyDocumentToString(build);
        Assertions.assertTrue(prettyDocumentToString.contains("OneTimeUse"));
        if (LOG.isDebugEnabled()) {
            LOG.debug(prettyDocumentToString);
        }
        WSSConfig newInstance = WSSConfig.getNewInstance();
        SamlAssertionValidator samlAssertionValidator = new SamlAssertionValidator();
        samlAssertionValidator.setRequireBearerSignature(false);
        newInstance.setValidator(WSConstants.SAML_TOKEN, samlAssertionValidator);
        newInstance.setValidator(WSConstants.SAML2_TOKEN, samlAssertionValidator);
        RequestData requestData = new RequestData();
        requestData.setWssConfig(newInstance);
        requestData.setCallbackHandler(sAML2CallbackHandler);
        ReplayCache createCache = createCache("wss4j.saml.one.time.use.cache-");
        requestData.setSamlOneTimeUseReplayCache(createCache);
        verify(build, newInstance, requestData);
        try {
            verify(build, newInstance, requestData);
            Assertions.fail("Expected failure on a replay attack");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        createCache.close();
    }

    private WSHandlerResult verify(Document document, WSSConfig wSSConfig, RequestData requestData) throws Exception {
        WSSecurityEngine wSSecurityEngine = new WSSecurityEngine();
        wSSecurityEngine.setWssConfig(wSSConfig);
        Element securityHeader = WSSecurityUtil.getSecurityHeader(document, (String) null);
        requestData.setSigVerCrypto(this.crypto);
        return wSSecurityEngine.processSecurityHeader(securityHeader, requestData);
    }
}
