After the validation steps outlined above have passed, the token is renewed in the following way:
- A new ID is generated for the token.
- A new
IssueInstant
is set on the token. - A new Conditions Element replaces the old Conditions Element of the token, using the configured ConditionsProvider.
- The Assertion is (re)-signed if the
signToken
property is true.
The old token is removed from the cache, and the new token is added. Finally, the token is set on the TokenRenewerResponse, along with the token Id, and Lifetime.