SEBSERV-417 fix autologin

src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java

@@ -130,6 +130,12 @@ public final class InstitutionalAuthenticationEntryPoint implements Authenticati
                     .getBean(AuthorizationContextHolder.class);
             final SEBServerAuthorizationContext authorizationContext = authorizationContextHolder
                     .getAuthorizationContext(request.getSession());
+
+            // check first if we already have an active session if so, invalidate ir
+            if (authorizationContext.isLoggedIn()) {
+                authorizationContext.logout();
+            }
+
             if (authorizationContext.autoLogin(jwt)) {
                 forwardToEntryPoint(request, response, this.guiEntryPoint, true);
                 return;

src/main/java/ch/ethz/seb/sebserver/gui/service/remote/webservice/auth/OAuth2AuthorizationContextHolder.java

@@ -270,10 +270,6 @@ public class OAuth2AuthorizationContextHolder implements AuthorizationContextHol
         @Override
         public boolean autoLogin(final String oneTimeToken) {
             try {
-                // check first if we already have an active session if so, invalidate ir
-                if (this.isLoggedIn()) {
-                    this.logout();
-                }
 
                 // Create ad-hoc RestTemplate and call token verification
                 final RestTemplate verifyTemplate = new RestTemplate(this.clientHttpRequestFactory);