When refreshing or updating authentication tokens, always verify the new token maintains or exceeds the original token's security level. This applies to WebSocket connections, step-up authentication scenarios, or any case where tokens are refreshed during an active session.
When refreshing or updating authentication tokens, always verify the new token maintains or exceeds the original token’s security level. This applies to WebSocket connections, step-up authentication scenarios, or any case where tokens are refreshed during an active session.
For security integrity, implement these essential checks:
// Example for WebSocket token refresh
@OnTextMessage
String processMessage(RequestDto request) {
// 1. Verify same principal/subject
if (!securityIdentity.getPrincipal().getName().equals(newTokenPrincipal)) {
throw new SecurityException("Principal mismatch during token refresh");
}
// 2. Re-apply security checks with new token
if (!hasRequiredRoles(newToken, originalRequiredRoles)) {
throw new SecurityException("Insufficient privileges in new token");
}
// 3. Check ACR values for step-up authentication
if (requiredAcr != null && !newToken.getClaim("acr").contains(requiredAcr)) {
throw new SecurityException("Required authentication level not met");
}
// Update token only after all checks pass
webSocketSecurity.updateSecurityIdentity(newToken);
}
Failing to verify these security properties when refreshing tokens could allow privilege escalation or unauthorized access if a compromised or less-privileged token replaces a more secure one.
Enter the URL of a public GitHub repository