use of eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication in project CzechIdMng by bcvsolutions.
the class ExtendExpirationFilter method doExtendExpiration.
/**
* Extends token expiration time. There two types of extensions,
* either by just setting new expiration time or by issuing
* a fresh token. A fresh token is issued only if the original
* one in HTTP request is expired or authorities change and
* user signed in by other means than IdM JWT token (remote OAuth / Basic...).
*
* The token with extended expiration is set into a response header.
*
* @param req
* @param res
*/
private void doExtendExpiration(HttpServletRequest req, HttpServletResponse res) {
if (ctx.isDisabledOrNotExists()) {
// he cannot be disabled or nonexistent
return;
}
IdmJwtAuthenticationDto token;
// this is a valid state and we only issue a fresh IdM token
if (ctx.isExpired() || ctx.isAuthoritiesChanged()) {
token = jwtTokenMapper.toDto((IdmJwtAuthentication) SecurityContextHolder.getContext().getAuthentication());
} else {
// prolong expiration
token = jwtTokenMapper.prolongExpiration(ctx.getToken());
}
//
res.setHeader(JwtAuthenticationMapper.AUTHENTICATION_TOKEN_NAME, jwtTokenMapper.writeToken(token));
}
Aggregations