From 335fe843e4b16cf69e4094ad00fb9e9c9840a876 Mon Sep 17 00:00:00 2001
From: Lachlan Roberts <lachlan@webtide.com>
Date: Wed, 3 Jul 2024 19:25:05 +1000
Subject: [PATCH] Issue #241 - fix deferred authentication for Java21 EE10
 runtime

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
---
 .../runtime/jetty/EE10AppEngineAuthentication.java        | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/shared_sdk_jetty12/src/main/java/com/google/apphosting/runtime/jetty/EE10AppEngineAuthentication.java b/shared_sdk_jetty12/src/main/java/com/google/apphosting/runtime/jetty/EE10AppEngineAuthentication.java
index f502ba77..7e66d149 100644
--- a/shared_sdk_jetty12/src/main/java/com/google/apphosting/runtime/jetty/EE10AppEngineAuthentication.java
+++ b/shared_sdk_jetty12/src/main/java/com/google/apphosting/runtime/jetty/EE10AppEngineAuthentication.java
@@ -179,10 +179,6 @@ public AuthenticationState validateRequest(Request req, Response res, Callback c
         throw new ServerAuthException("validateRequest called with null response!!!");
       }
 
-      if (AuthenticationState.Deferred.isDeferred(res)) {
-        return null;
-      }
-
       try {
         UserService userService = UserServiceFactory.getUserService();
         // If the user is authenticated already, just create a
@@ -195,6 +191,10 @@ public AuthenticationState validateRequest(Request req, Response res, Callback c
           }
         }
 
+        if (AuthenticationState.Deferred.isDeferred(res)) {
+          return null;
+        }
+
         try {
           logger.atFine().log(
               "Got %s but no one was logged in, redirecting.", request.getRequestURI());