From 6c91e5acf05be11a60b8fa62d99b49099afbaf91 Mon Sep 17 00:00:00 2001
From: Kevin Van de Velde <kevin@mire.be>
Date: Fri, 19 Jun 2020 12:03:42 +0200
Subject: [PATCH] Authorization for file downloads: Small comment changes

---
 .../dspace/app/rest/security/RestAuthenticationService.java | 6 ++++++
 .../app/rest/security/jwt/ShortLivedJWTTokenHandler.java    | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java
index 6270fa2851..88b1d26524 100644
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java
@@ -29,6 +29,12 @@ public interface RestAuthenticationService {
     void addAuthenticationDataForUser(HttpServletRequest request, HttpServletResponse response,
                                       DSpaceAuthentication authentication, boolean addCookie) throws IOException;
 
+    /**
+     * Retrieve a short lived authentication token, this can be used (among other things) for file downloads
+     * @param context the DSpace context
+     * @param request The current client request
+     * @return An AuthenticationToken that contains a string with the token
+     */
     AuthenticationToken getShortLivedAuthenticationToken(Context context, HttpServletRequest request);
 
     EPerson getAuthenticatedEPerson(HttpServletRequest request, Context context);
diff --git a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java
index de8e851118..375bfe4ae5 100644
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java
@@ -50,7 +50,7 @@ public class ShortLivedJWTTokenHandler extends JWTTokenHandler {
             Date expirationTime = jwtClaimsSet.getExpirationTime();
             return signedJWT.verify(verifier)
                 && expirationTime != null
-                //Ensure expiration timestamp is after the current time, with a minute of acceptable clock skew.
+                //Ensure expiration timestamp is after the current time
                 && DateUtils.isAfter(expirationTime, new Date(), 0);
         }
     }