feat(jans-auth-server): make sessions time check configurable for high latency environments when defaultPromptLogin=true (original) (raw)
Description
feat(jans-auth-server): make sessions time check configurable for high latence environments
Original discussion is here: #12801
| private void addPromptLoginIfNeeded(AuthzRequest authzRequest, Client client) { |
|---|
| if (identity != null && identity.getSessionId() != null && identity.getSessionId().getState() == SessionIdState.AUTHENTICATED |
| && Boolean.TRUE.equals(client.getAttributes().getDefaultPromptLogin()) |
| && identity.getSessionId().getAuthenticationTime() != null |
| && new Date().getTime() - identity.getSessionId().getAuthenticationTime().getTime() > 500) { |
| authzRequest.addPrompt(Prompt.LOGIN); |
| } |
| } |
Test cases and code coverage
- Write unit test to cover added/changed code
- Update integration tests to cover added/changed code
- Documentation