Authorization for file downloads: Small comment changes

2025-10-18 15:33:09 +00:00 · 2020-06-19 12:03:42 +02:00
parent b4b56750fd
commit 6c91e5acf0
2 changed files with 7 additions and 1 deletions
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/RestAuthenticationService.java
@@ -29,6 +29,12 @@ public interface RestAuthenticationService {
    void addAuthenticationDataForUser(HttpServletRequest request, HttpServletResponse response,
                                      DSpaceAuthentication authentication, boolean addCookie) throws IOException;

+    /**
+     * Retrieve a short lived authentication token, this can be used (among other things) for file downloads
+     * @param context the DSpace context
+     * @param request The current client request
+     * @return An AuthenticationToken that contains a string with the token
+     */
    AuthenticationToken getShortLivedAuthenticationToken(Context context, HttpServletRequest request);

    EPerson getAuthenticatedEPerson(HttpServletRequest request, Context context);
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.java
@@ -50,7 +50,7 @@ public class ShortLivedJWTTokenHandler extends JWTTokenHandler {
            Date expirationTime = jwtClaimsSet.getExpirationTime();
            return signedJWT.verify(verifier)
                && expirationTime != null
-                //Ensure expiration timestamp is after the current time, with a minute of acceptable clock skew.
+                //Ensure expiration timestamp is after the current time
                && DateUtils.isAfter(expirationTime, new Date(), 0);
        }
    }