Skip to content

Make FactorGrantedAuthority Builder Constructor Public #18975

@re1709

Description

@re1709

Allow use of the FactorGrantedAuthority.Builder constructor outside of the FactorGrantedAuthority class.

This would allow creating a FactorGrantedAuthority and setting an issuedAt value which isn't just the current date & time, which is currently the only possibility when creating a FactorGrantedAuthority.

For example, mfa last issued at (along with user agent and ip address) can be stored (for example in a database) so the user isn't prompted for X amount of time when next logging in.

It would make sense to then grant the FactoryAuthority with the issued at time stored in the database. So endpoints protected by a time duration for mfa would then trigger - e.g. user logs in the following day but isn't prompted for mfa at log in but should be for a secure page such as api token (which is configured in security to have mfa recently, such as 15 mins).

Metadata

Metadata

Assignees

No one assigned

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions