oic-auth-1.6

What's Changed

Special release for #46 which shouldn't, but might break things - please report any issues you have with this version here: #62

In case of any troubles revert to 1.5 and report your issues

• Don't send scope parameter with a token request by @siepkes in #46

New Contributors

• @siepkes made their first contribution in #46

Full Changelog: oic-auth-1.5...oic-auth-1.6

oic-auth-1.5

What's Changed

• Use the .well-known/openid-configuration autodiscovery endpoint by @agentgonzo in #31
• Well known config - bugfixes and improvements by @mjmbischoff in #32
• #37 Prevents the immediate logout->login loop by @agentgonzo in #38
• Nested field mapping #34 by @fajran in #36
• [JENKINS-55654] Fix authentication loop by @Wadeck in #56
• Fix optional config failing by @mjmbischoff in #57
• Mask client secret field by @nickpetrovic in #52
• Nullpointer on nonexistent session by @mjmbischoff in #58

New Contributors

• @agentgonzo made their first contribution in #31
• @fajran made their first contribution in #36
• @Wadeck made their first contribution in #56
• @nickpetrovic made their first contribution in #52

Full Changelog: oic-auth-1.4...oic-auth-1.5

What's Changed

• Support for configuring by well known url (/.well-known/openid-configuration) see also https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
• fixed issue introduced with Jenkins 2.150.2 with logout occurring immediately after login see: #5
• Masking client secret to avoid over the shoulder leaking of secret.
• Nested field mapping - permitting the use of values of non top-level keys, see  #36  and OicSecurityRealm.java#L630
• Returning a 401 instead of throwing an NullPointerException when there's no session at the end of the authentication interaction

Full Changelog: oic-auth-1.4...oic-auth-1.5

oic-auth-1.4

What's Changed

• check the userinfo endpoint for group information by @mjmbischoff in #28
• Use Jenkins proxy information #29 by @mjmbischoff in #30
• We can now also look for groups in the UserInfo endpoint when it's configured
• Added documentation about how scripted clients should authenticate given this plugin is active
• Now honoring Jenkins proxy settings see JenkinsBehindProxy

Full Changelog: oic-auth-1.3...oic-auth-1.4

oic-auth-1.3

What's Changed

• bugfix for #10 on absent expires_in by @mjmbischoff in #24

Full Changelog: oic-auth-1.2...oic-auth-1.3

oic-auth-1.2

What's Changed

• RP-Initiated Logout by @pdaw in #11
• Patched TokenResponse of the google oauth-client by @mjmbischoff in #16
• Add groups at login if provided in the idToken as an array of strings by @DriesVerachtert in #12
• Making httpTransport transient, preventing it from being serialized - explicitly initializing it after deserilization by @mjmbischoff in #18
• Adding test harness by @mjmbischoff in #20
• Fix for JEP-200 issues by @mjmbischoff in #21
• Implementing escape hatch by @mjmbischoff in #23
• Local Login / escape hatch
• Fix JEP-200 compatibility
• Added test harness
• Using role-based permissions
• Fix for 1.1 breaking on existing configuration and configuration saving issues
• Add groups at login if provided in the idToken as an array of strings
• Exception with Azure authority needs testing
• Patched TokenResponse of the google oauth-client for better compatibility with openid provider implementations
• On Logout have the option to log out of OpenId Provider
• Friendlier error when the user declines authorization

New Contributors

• @pdaw made their first contribution in #11
• @DriesVerachtert made their first contribution in #12

Full Changelog: oic-auth-1.1...oic-auth-1.2

oic-auth-1.1

What's Changed

• Support OIDC UserInfo Endpoint enhancement by @sboschman in #1
• fix save not resetting userNameField and scopes to default values (bug / User name field value not being updated) by @sboschman in #2
• Add new setting to disable sslVerification - for testing purposes by @triplem in #3

New Contributors

• @sboschman made their first contribution in #1
• @triplem made their first contribution in #3

Full Changelog: oic-auth-1.0...oic-auth-1.1

oic-auth-1.0

Initial release