Releases: jenkinsci/oic-auth-plugin
Releases · jenkinsci/oic-auth-plugin
oic-auth-1.8
What's Changed
- Add i10n support by @LinuxSuRen in #79
- Use HTTPS URLs in pom.xml by @daniel-beck-bot in #83
- Check for groups in idToken if groups are not found in userInfo by @spirius in #80
New Contributors
- @daniel-beck-bot made their first contribution in #83
- @spirius made their first contribution in #80
Full Changelog: oic-auth-1.7...oic-auth-1.8
Contributors
LinuxSuRen, spirius, and daniel-beck-bot
Assets 2
oic-auth-1.7
What's Changed
- fallback if endsessionurl is absent by @mjmbischoff in #61
- Fix: wrong return value of failedCheckOfTokenField by @halftan in #63
- Fix for #43 by @mjmbischoff in #60
- Adding exception for CSRF escapeHatch by @mjmbischoff in #64
- Fixing names, adding @author, removing unused imports by @mjmbischoff in #65
- Clean the unnecessary condition codes by @LinuxSuRen in #77
- Fix the incompatible with casc by @LinuxSuRen in #78
- Look for a known user, or return UsernameNotFoundException by @jovandeginste in #82
New Contributors
- @halftan made their first contribution in #63
- @jovandeginste made their first contribution in #82
Full Changelog: oic-auth-1.6...oic-auth-1.7
Contributors
LinuxSuRen, halftan, and 3 other contributors
Assets 2
oic-auth-1.6
What's Changed
Special release for #46 which shouldn't, but might break things - please report any issues you have with this version here: #62
In case of any troubles revert to 1.5 and report your issues
New Contributors
Full Changelog: oic-auth-1.5...oic-auth-1.6
Contributors
siepkes
Assets 2
oic-auth-1.5
What's Changed
- Use the .well-known/openid-configuration autodiscovery endpoint by @agentgonzo in #31
- Well known config - bugfixes and improvements by @mjmbischoff in #32
- #37 Prevents the immediate logout->login loop by @agentgonzo in #38
- Nested field mapping #34 by @fajran in #36
- [JENKINS-55654] Fix authentication loop by @Wadeck in #56
- Fix optional config failing by @mjmbischoff in #57
- Mask client secret field by @nickpetrovic in #52
- Nullpointer on nonexistent session by @mjmbischoff in #58
New Contributors
- @agentgonzo made their first contribution in #31
- @fajran made their first contribution in #36
- @Wadeck made their first contribution in #56
- @nickpetrovic made their first contribution in #52
Full Changelog: oic-auth-1.4...oic-auth-1.5
What's Changed
- Support for configuring by well known url (/.well-known/openid-configuration) see also https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
- fixed issue introduced with Jenkins 2.150.2 with logout occurring immediately after login see: #5
- Masking client secret to avoid over the shoulder leaking of secret.
- Nested field mapping - permitting the use of values of non top-level keys, see #36 and OicSecurityRealm.java#L630
- Returning a 401 instead of throwing an NullPointerException when there's no session at the end of the authentication interaction
Full Changelog: oic-auth-1.4...oic-auth-1.5
Contributors
fajran, agentgonzo, and 3 other contributors
Assets 2
oic-auth-1.4
What's Changed
- check the userinfo endpoint for group information by @mjmbischoff in #28
- Use Jenkins proxy information #29 by @mjmbischoff in #30
- We can now also look for groups in the UserInfo endpoint when it's configured
- Added documentation about how scripted clients should authenticate given this plugin is active
- Now honoring Jenkins proxy settings see JenkinsBehindProxy
Full Changelog: oic-auth-1.3...oic-auth-1.4
Contributors
mjmbischoff
Assets 2
oic-auth-1.3
What's Changed
- bugfix for #10 on absent expires_in by @mjmbischoff in #24
Full Changelog: oic-auth-1.2...oic-auth-1.3
Contributors
mjmbischoff
Assets 2
oic-auth-1.2
What's Changed
- RP-Initiated Logout by @pdaw in #11
- Patched TokenResponse of the google oauth-client by @mjmbischoff in #16
- Add groups at login if provided in the idToken as an array of strings by @DriesVerachtert in #12
- Making httpTransport transient, preventing it from being serialized - explicitly initializing it after deserilization by @mjmbischoff in #18
- Adding test harness by @mjmbischoff in #20
- Fix for JEP-200 issues by @mjmbischoff in #21
- Implementing escape hatch by @mjmbischoff in #23
- Local Login / escape hatch
- Fix JEP-200 compatibility
- Added test harness
- Using role-based permissions
- Fix for 1.1 breaking on existing configuration and configuration saving issues
- Add groups at login if provided in the idToken as an array of strings
- Exception with Azure authority needs testing
- Patched TokenResponse of the google oauth-client for better compatibility with openid provider implementations
- On Logout have the option to log out of OpenId Provider
- Friendlier error when the user declines authorization
New Contributors
- @pdaw made their first contribution in #11
- @DriesVerachtert made their first contribution in #12
Full Changelog: oic-auth-1.1...oic-auth-1.2
Contributors
DriesVerachtert, pdaw, and mjmbischoff
Assets 2
oic-auth-1.1
What's Changed
- Support OIDC UserInfo Endpoint enhancement by @sboschman in #1
- fix save not resetting userNameField and scopes to default values (bug / User name field value not being updated) by @sboschman in #2
- Add new setting to disable sslVerification - for testing purposes by @triplem in #3
New Contributors
- @sboschman made their first contribution in #1
- @triplem made their first contribution in #3
Full Changelog: oic-auth-1.0...oic-auth-1.1
Contributors
triplem and sboschman
Assets 2
oic-auth-1.0
Initial release