From 6d91d0cbd2345fcc8c3f537e178affdcb67ddf59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Besson?= <sbesson@glencoesoftware.com>
Date: Wed, 15 May 2024 08:28:19 +0100
Subject: [PATCH] Reset CSRF token to null when logging out from a server

With the current state of the extension, the CRSF token acquired on the first
invocation to authenticate is not cleared on logout and thus is getting reused
by follow-up authentication calls resulting in CSRF errors.
---
 .../java/qupath/lib/images/servers/omero/OmeroWebClient.java     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/qupath/lib/images/servers/omero/OmeroWebClient.java b/src/main/java/qupath/lib/images/servers/omero/OmeroWebClient.java
index cce735b7..0bb7410a 100644
--- a/src/main/java/qupath/lib/images/servers/omero/OmeroWebClient.java
+++ b/src/main/java/qupath/lib/images/servers/omero/OmeroWebClient.java
@@ -554,6 +554,7 @@ public void logOut() {
 			timer.cancel();
 			timer = null;
 			username.set("");
+			this.token = null;
 		} catch (IOException e) {
 			logger.error("Could not logout.", e.getLocalizedMessage());
 		}