0

I generated an application with jhipster and perform all the settings of the lib com.microsoft.azure.

The login is working perfectly, my question is how can I handle when the azure AD token expires (it is set to expire in 1 hour).

Can I do this using a filter in SecurityConfiguration?

   @Override
    public void configure(HttpSecurity http) throws Exception {
        // @formatter:off
        http
            .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            .and()
            .addFilterBefore(corsFilter, CsrfFilter.class)
            .exceptionHandling()
            .accessDeniedHandler(problemSupport)
            .and()
            .headers()
            .contentSecurityPolicy("default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:")
            .and()
        .referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN)
        .and()
        .featurePolicy("geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'")
        .and()
        .frameOptions()
        .deny()
        .and()
        .authorizeRequests()
        .antMatchers("/api/users/**").hasRole("ADMIN")
        .and()
        .oauth2Login()
        .userInfoEndpoint()
        .oidcUserService(this.oidcUserService());
    // @formatter:on
}
Max Ferreira
  • 679
  • 1
  • 5
  • 21

1 Answers1

0

Two options when token expires: one is renewing the token with refresh token, another is requesting the /token endpoint again to get the new one.

Try to follow this: https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/DefaultTokenServices.java

If the access token is expired, it will call refreshAccessToken() function. And there is a similar issue, see here.

unknown
  • 6,778
  • 1
  • 5
  • 14