As JwtAuthFilter was changed in 0.9->1.0, the Authenticator no more get called if token has been expired.
In my app I handle it as a "soft" error, and provide user easy path to re-authenticate. However now as the filter already detects it and directly throws InvalidJwtException => WebApplicationException, and hides the fact that it was only expired. There is no way in intervene.
ToastShaman
commented
7 years ago
As JwtAuthFilter was changed in 0.9->1.0, the Authenticator no more get called if token has been expired.
In my app I handle it as a "soft" error, and provide user easy path to re-authenticate. However now as the filter already detects it and directly throws InvalidJwtException => WebApplicationException, and hides the fact that it was only expired. There is no way in intervene.