Releases: jenkinsci/oic-auth-plugin
Releases · jenkinsci/oic-auth-plugin
oic-auth-3.0
What's Changed
- Fix for SECURITY-2979 / CVE-2023-50771 by @tumbl3w33d in #261
- Align POM with minimal requirements and fix tests by @michael-doubez in #274
🚩 Known issues
- Regression(#285): wrong redirect after login when jenkins base url contains path
- Regression(#236): group configuration not taken into account (see workaround in issue)
📦 Dependency updates
- Bump google-http-client from 1.43.2 to 1.43.3 by @dependabot in #239
- Bump maven-release-plugin from 2.5.3 to 3.0.1 by @dependabot in #234
- Bump git-changelist-maven-extension from 1.6 to 1.7 by @dependabot in #242
New Contributors
- @tumbl3w33d made their first contribution in #261
Full Changelog: oic-auth-2.6...oic-auth-3.0
Contributors
tumbl3w33d, michael-doubez, and dependabot
Assets 2
oic-auth-2.6
Various security enhancements and updating dependencies.
What's Changed
- Add config option to enable PKCE by @michael-doubez in #191
- Use a nonce by @jglick in #110
- Make nonce verification optional by @michael-doubez in #192
- Allow data containing groups from SSO server to be a List of Maps in addition to a List of Strings. by @bsmoyers in #198
- Reload wellknown configuration at regular interval by @michael-doubez in #194
- expires can be 0 so manage this case (easily for now) by @olamy in #212
📦 Dependency updates
- Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1 by @dependabot in #195
- Bump git-changelist-maven-extension from 1.4 to 1.5 by @dependabot in #201
- Bump git-changelist-maven-extension from 1.5 to 1.6 by @dependabot in #204
- Bump google-http-client from 1.42.3 to 1.43.0 by @dependabot in #207
- Bump google-http-client-jackson2 from 1.42.3 to 1.43.0 by @dependabot in #208
- Bump google-http-client-jackson2 from 1.43.0 to 1.43.1 by @dependabot in #211
- Bump google-http-client from 1.43.0 to 1.43.1 by @dependabot in #209
- Bump maven-checkstyle-plugin from 3.2.2 to 3.3.0 by @dependabot in #231
- Bump google-http-client from 1.43.1 to 1.43.2 by @dependabot in #226
- Bump maven-checkstyle-plugin from 3.2.1 to 3.2.2 by @dependabot in #224
🚩 Known issues
- Regression(#236): group configuration not taken into account (see workaround in issue)
New Contributors
- @jglick made their first contribution in #110
- @bsmoyers made their first contribution in #198
- @olamy made their first contribution in #212
Full Changelog: oic-auth-2.5...oic-auth-2.6
Contributors
olamy, jglick, and 3 other contributors
Assets 2
oic-auth-2.5
Fixing session fixation vulnerability SECURITY-2978.
What's Changed
- Recreate Jenkins session during login by @michael-doubez
Full Changelog: oic-auth-2.4...oic-auth-2.5
Contributors
michael-doubez
Assets 2
oic-auth-2.4
What's Changed
- Use google library response parsing instead or reimplementing it by @michael-doubez in #178
- Support application/jwt when invoking userinfo by @michael-doubez in #162
- Bump httpclient from 4.5.13 to 4.5.14 by @dependabot in #181
- Use own token for generic OIDConnect by @michael-doubez in #184
- Override wellknown parameters by @michael-doubez in #187
- Add configuration flag to send scopes in token request by @michael-doubez in #188
- Post logout URL configurable in GUI even in automatic mode by @michael-doubez in #189
- Lookup user fields in IdToken when not present in userinfo endpoint by @michael-doubez in #190
Full Changelog: oic-auth-2.3...oic-auth-2.4
Contributors
michael-doubez and dependabot
Assets 2
oic-auth-2.3
What's Changed
- Ised canada code by @michael-doubez in #161
- Bump plugin from 4.48 to 4.49 by @dependabot in #163
- Bump google-http-client from 1.42.2 to 1.42.3 by @dependabot in #164
- Bump google-http-client-jackson2 from 1.42.2 to 1.42.3 by @dependabot in #165
- Add checkstyle check by @michael-doubez in #166
- Log user without groups if group field is invalid by @michael-doubez in #167
- Make flags optionals in JenkinsAsCode configuration by @michael-doubez in #168
- Bump test-harness from 1559.v38a_b_2e3b_6b_b_7 to 1569.vb_72405b_80249 by @dependabot in #171
- Bump maven-checkstyle-plugin from 3.1.2 to 3.2.0 by @dependabot in #170
- Bump checkstyle from 10.3.3 to 10.4 by @dependabot in #169
- Add polish localization by @github-actions in #172
- Make secret optional by @michael-doubez in #173
- Improve plugin security by @michael-doubez in #174
- Bump plugin from 4.49 to 4.50 by @dependabot in #175
- Bump plugin from 4.50 to 4.51 by @dependabot in #177
- Add configuration to choose origin of root URL (Fix #151) by @michael-doubez in #176
Full Changelog: oic-auth-2.2...oic-auth-2.3
Contributors
michael-doubez and dependabot
Assets 2
oic-auth-2.2
What's Changed
- JENKINS-61609: Add a fallback parse attempt for groups by @lllmaa in #90
- Add option to use basic token auth method (#144) by @richardjq in #121
- Properly restore GrantedAuthorities by @jilyaluk in #115
- Documentation improvement by @michael-doubez in #150
- Extend internationalization and add crowdin link by @michael-doubez in #152
- Encode post-logout URL of logout redirect by @michael-doubez in #154
- Add French localisation by @github-actions in #157
New Contributors
- @lllmaa made their first contribution in #90
- @richardjq made their first contribution in #121
- @jilyaluk made their first contribution in #115
Full Changelog: oic-auth-2.1...oic-auth-2.2
Contributors
lllmaa, richardjq, and 2 other contributors
Assets 2
oic-auth-2.1
What's Changed
- Bump google-http-client from 1.42.1 to 1.42.2 by @dependabot in #138
- Docs migration by @timja in #86
- Bump google-http-client-jackson2 from 1.42.1 to 1.42.2 by @dependabot in #143
- Better Support of Reverse Proxy Chains by @jlamande in #85
Non-functional Changes
- Bump plugin from 4.47 to 4.48 by @dependabot in #141
- Deeper spotbugs checks by @michael-doubez in #135
- Automate dependency updates by @michael-doubez in #136
- Publish incremental development artifacts by @michael-doubez in #137
- Bump maven-release-plugin from 2.5.2 to 2.5.3 by @dependabot in #140
- Bump test-harness from 1.55.1 to 1512.vb_79d418d5fc8 by @dependabot in #139
- Allow incremental artifacts by @michael-doubez in #145
- Revert version scheme to 2 digits by @michael-doubez in #146
- Fix JSR-305 annotations by @michael-doubez in #147
- Bump test-harness from 1512.vb_79d418d5fc8 to 1559.v38a_b_2e3b_6b_b_7 by @dependabot in #148
New Contributors
- @michael-doubez made their first contribution in #135
- @dependabot made their first contribution in #138
- @timja made their first contribution in #86
- @jlamande made their first contribution in #85
Full Changelog: oic-auth-2.0...oic-auth-2.1
Contributors
michael-doubez, timja, and 2 other contributors
Assets 2
oic-auth-2.0
What's Changed
- Bump parent version to 4.47
- Support for Java 11+
- Support for Jenkins 2.366+ ( Closes #105 )
- Support for Jenkins matrix permission
New Contributors
Full Changelog: oic-auth-1.8...oic-auth-2.0
Contributors
Skiepp
Assets 3
oic-auth-1.8
What's Changed
- Add i10n support by @LinuxSuRen in #79
- Use HTTPS URLs in pom.xml by @daniel-beck-bot in #83
- Check for groups in idToken if groups are not found in userInfo by @spirius in #80
New Contributors
- @daniel-beck-bot made their first contribution in #83
- @spirius made their first contribution in #80
Full Changelog: oic-auth-1.7...oic-auth-1.8
Contributors
LinuxSuRen, spirius, and daniel-beck-bot
Assets 2
oic-auth-1.7
What's Changed
- fallback if endsessionurl is absent by @mjmbischoff in #61
- Fix: wrong return value of failedCheckOfTokenField by @halftan in #63
- Fix for #43 by @mjmbischoff in #60
- Adding exception for CSRF escapeHatch by @mjmbischoff in #64
- Fixing names, adding @author, removing unused imports by @mjmbischoff in #65
- Clean the unnecessary condition codes by @LinuxSuRen in #77
- Fix the incompatible with casc by @LinuxSuRen in #78
- Look for a known user, or return UsernameNotFoundException by @jovandeginste in #82
New Contributors
- @halftan made their first contribution in #63
- @jovandeginste made their first contribution in #82
Full Changelog: oic-auth-1.6...oic-auth-1.7
Contributors
LinuxSuRen, halftan, and 3 other contributors