Full reauthentication after server-side session expiration
diff --git a/org.eclipse.userstorage/src/org/eclipse/userstorage/internal/Session.java b/org.eclipse.userstorage/src/org/eclipse/userstorage/internal/Session.java
index bd37922..1dc50ff 100644
--- a/org.eclipse.userstorage/src/org/eclipse/userstorage/internal/Session.java
+++ b/org.eclipse.userstorage/src/org/eclipse/userstorage/internal/Session.java
@@ -376,6 +376,7 @@
}
}
+ boolean authenticated = false;
for (;;)
{
body = null;
@@ -383,7 +384,9 @@
try
{
+ authenticated = false;
authenticate(credentials, credentialsProvider, reauthentication);
+ authenticated = true;
Request request = prepareRequest();
HttpResponse response = sendRequest(request, uri);
@@ -404,6 +407,14 @@
if (protocolException.getStatusCode() == AUTHORIZATION_REQUIRED && --authenticationAttempts > 0)
{
reauthentication = true;
+
+ if (authenticated)
+ {
+ // This means that the initial authenticate() call was skipped because we already have a session,
+ // but this session is no longer valid on the server. So reset() to force a full reauthentication.
+ reset();
+ }
+
continue;
}
}