SEBSERV-417 fix autologin

2024-06-19 16:48:06 +02:00 · 2024-06-19 16:48:06 +02:00 · e0952da7f3
commit e0952da7f3
parent a31e001f69
1 changed files with 2 additions and 1 deletions
--- a/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
@ -128,12 +128,13 @@ public final class InstitutionalAuthenticationEntryPoint implements Authenticati
                    .getRequiredWebApplicationContext(request.getServletContext());
            final AuthorizationContextHolder authorizationContextHolder = webApplicationContext
                    .getBean(AuthorizationContextHolder.class);
-            final SEBServerAuthorizationContext authorizationContext = authorizationContextHolder
+            SEBServerAuthorizationContext authorizationContext = authorizationContextHolder
                    .getAuthorizationContext(request.getSession());

            // check first if we already have an active session if so, invalidate ir
            if (authorizationContext.isLoggedIn()) {
                authorizationContext.logout();
+                authorizationContext = authorizationContextHolder.getAuthorizationContext(request.getSession());
            }

            if (authorizationContext.autoLogin(jwt)) {