From e0952da7f3223eb821d79c25300ed39a82aa9f16 Mon Sep 17 00:00:00 2001
From: anhefti <andreas.hefti@let.ethz.ch>
Date: Wed, 19 Jun 2024 16:48:06 +0200
Subject: [PATCH] SEBSERV-417 fix autologin

---
 .../sebserver/gui/InstitutionalAuthenticationEntryPoint.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java b/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
index 1fe53bf9..aafd2449 100644
--- a/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
@@ -128,12 +128,13 @@ public final class InstitutionalAuthenticationEntryPoint implements Authenticati
                     .getRequiredWebApplicationContext(request.getServletContext());
             final AuthorizationContextHolder authorizationContextHolder = webApplicationContext
                     .getBean(AuthorizationContextHolder.class);
-            final SEBServerAuthorizationContext authorizationContext = authorizationContextHolder
+            SEBServerAuthorizationContext authorizationContext = authorizationContextHolder
                     .getAuthorizationContext(request.getSession());
 
             // check first if we already have an active session if so, invalidate ir
             if (authorizationContext.isLoggedIn()) {
                 authorizationContext.logout();
+                authorizationContext = authorizationContextHolder.getAuthorizationContext(request.getSession());
             }
 
             if (authorizationContext.autoLogin(jwt)) {