diff --git a/src/main/java/ch/ethz/seb/sebserver/gui/service/remote/webservice/auth/OAuth2AuthorizationContextHolder.java b/src/main/java/ch/ethz/seb/sebserver/gui/service/remote/webservice/auth/OAuth2AuthorizationContextHolder.java index 945ac620e..df48bdde6 100644 --- a/src/main/java/ch/ethz/seb/sebserver/gui/service/remote/webservice/auth/OAuth2AuthorizationContextHolder.java +++ b/src/main/java/ch/ethz/seb/sebserver/gui/service/remote/webservice/auth/OAuth2AuthorizationContextHolder.java @@ -293,7 +293,10 @@ public boolean autoLogin(final String oneTimeToken) { final TokenLoginInfo loginInfo = response.getBody(); this.resource.setUsername(loginInfo.username); this.resource.setPassword(loginInfo.userUUID); - this.restTemplate.getOAuth2ClientContext().setAccessToken(loginInfo.login); + + this.restTemplate.getOAuth2ClientContext().setAccessToken(null); + this.restTemplate.getAccessToken(); + //this.restTemplate.getOAuth2ClientContext().setAccessToken(loginInfo.login); loginForward = loginInfo.login_forward; return this.isLoggedIn(); diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/TeacherAccountServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/TeacherAccountServiceImpl.java index f573a5a59..8f39d144b 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/TeacherAccountServiceImpl.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/impl/TeacherAccountServiceImpl.java @@ -133,6 +133,8 @@ public Result getOneTimeTokenForTeacherAccount( final AdHocAccountData adHocAccountData, final boolean createIfNotExists) { + // TODO check if Exam is running, if not deny access + return this.userDAO .byModelId(getTeacherAccountIdentifier(exam, adHocAccountData)) .onErrorDo(error -> handleAccountDoesNotExistYet(createIfNotExists, exam, adHocAccountData))