oic-auth-1.5
·
400 commits
to master
since this release
What's Changed
- Use the .well-known/openid-configuration autodiscovery endpoint by @agentgonzo in #31
- Well known config - bugfixes and improvements by @mjmbischoff in #32
- #37 Prevents the immediate logout->login loop by @agentgonzo in #38
- Nested field mapping #34 by @fajran in #36
- [JENKINS-55654] Fix authentication loop by @Wadeck in #56
- Fix optional config failing by @mjmbischoff in #57
- Mask client secret field by @nickpetrovic in #52
- Nullpointer on nonexistent session by @mjmbischoff in #58
New Contributors
- @agentgonzo made their first contribution in #31
- @fajran made their first contribution in #36
- @Wadeck made their first contribution in #56
- @nickpetrovic made their first contribution in #52
Full Changelog: oic-auth-1.4...oic-auth-1.5
What's Changed
- Support for configuring by well known url (/.well-known/openid-configuration) see also https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
- fixed issue introduced with Jenkins 2.150.2 with logout occurring immediately after login see: #5
- Masking client secret to avoid over the shoulder leaking of secret.
- Nested field mapping - permitting the use of values of non top-level keys, see #36 and OicSecurityRealm.java#L630
- Returning a 401 instead of throwing an NullPointerException when there's no session at the end of the authentication interaction
Full Changelog: oic-auth-1.4...oic-auth-1.5
Contributors
fajran, agentgonzo, and 3 other contributors