Releases: jenkinsci/oic-auth-plugin
Releases · jenkinsci/oic-auth-plugin
oic-auth-2.3
What's Changed
- Ised canada code by @michael-doubez in #161
- Bump plugin from 4.48 to 4.49 by @dependabot in #163
- Bump google-http-client from 1.42.2 to 1.42.3 by @dependabot in #164
- Bump google-http-client-jackson2 from 1.42.2 to 1.42.3 by @dependabot in #165
- Add checkstyle check by @michael-doubez in #166
- Log user without groups if group field is invalid by @michael-doubez in #167
- Make flags optionals in JenkinsAsCode configuration by @michael-doubez in #168
- Bump test-harness from 1559.v38a_b_2e3b_6b_b_7 to 1569.vb_72405b_80249 by @dependabot in #171
- Bump maven-checkstyle-plugin from 3.1.2 to 3.2.0 by @dependabot in #170
- Bump checkstyle from 10.3.3 to 10.4 by @dependabot in #169
- Add polish localization by @github-actions in #172
- Make secret optional by @michael-doubez in #173
- Improve plugin security by @michael-doubez in #174
- Bump plugin from 4.49 to 4.50 by @dependabot in #175
- Bump plugin from 4.50 to 4.51 by @dependabot in #177
- Add configuration to choose origin of root URL (Fix #151) by @michael-doubez in #176
Full Changelog: oic-auth-2.2...oic-auth-2.3
Contributors
michael-doubez and dependabot
Assets 2
oic-auth-2.2
What's Changed
- JENKINS-61609: Add a fallback parse attempt for groups by @lllmaa in #90
- Add option to use basic token auth method (#144) by @richardjq in #121
- Properly restore GrantedAuthorities by @jilyaluk in #115
- Documentation improvement by @michael-doubez in #150
- Extend internationalization and add crowdin link by @michael-doubez in #152
- Encode post-logout URL of logout redirect by @michael-doubez in #154
- Add French localisation by @github-actions in #157
New Contributors
- @lllmaa made their first contribution in #90
- @richardjq made their first contribution in #121
- @jilyaluk made their first contribution in #115
Full Changelog: oic-auth-2.1...oic-auth-2.2
Contributors
lllmaa, richardjq, and 2 other contributors
Assets 2
oic-auth-2.1
What's Changed
- Bump google-http-client from 1.42.1 to 1.42.2 by @dependabot in #138
- Docs migration by @timja in #86
- Bump google-http-client-jackson2 from 1.42.1 to 1.42.2 by @dependabot in #143
- Better Support of Reverse Proxy Chains by @jlamande in #85
Non-functional Changes
- Bump plugin from 4.47 to 4.48 by @dependabot in #141
- Deeper spotbugs checks by @michael-doubez in #135
- Automate dependency updates by @michael-doubez in #136
- Publish incremental development artifacts by @michael-doubez in #137
- Bump maven-release-plugin from 2.5.2 to 2.5.3 by @dependabot in #140
- Bump test-harness from 1.55.1 to 1512.vb_79d418d5fc8 by @dependabot in #139
- Allow incremental artifacts by @michael-doubez in #145
- Revert version scheme to 2 digits by @michael-doubez in #146
- Fix JSR-305 annotations by @michael-doubez in #147
- Bump test-harness from 1512.vb_79d418d5fc8 to 1559.v38a_b_2e3b_6b_b_7 by @dependabot in #148
New Contributors
- @michael-doubez made their first contribution in #135
- @dependabot made their first contribution in #138
- @timja made their first contribution in #86
- @jlamande made their first contribution in #85
Full Changelog: oic-auth-2.0...oic-auth-2.1
Contributors
michael-doubez, timja, and 2 other contributors
Assets 2
oic-auth-2.0
What's Changed
- Bump parent version to 4.47
- Support for Java 11+
- Support for Jenkins 2.366+ ( Closes #105 )
- Support for Jenkins matrix permission
New Contributors
Full Changelog: oic-auth-1.8...oic-auth-2.0
Contributors
Skiepp
Assets 3
oic-auth-1.8
What's Changed
- Add i10n support by @LinuxSuRen in #79
- Use HTTPS URLs in pom.xml by @daniel-beck-bot in #83
- Check for groups in idToken if groups are not found in userInfo by @spirius in #80
New Contributors
- @daniel-beck-bot made their first contribution in #83
- @spirius made their first contribution in #80
Full Changelog: oic-auth-1.7...oic-auth-1.8
Contributors
LinuxSuRen, spirius, and daniel-beck-bot
Assets 2
oic-auth-1.7
What's Changed
- fallback if endsessionurl is absent by @mjmbischoff in #61
- Fix: wrong return value of failedCheckOfTokenField by @halftan in #63
- Fix for #43 by @mjmbischoff in #60
- Adding exception for CSRF escapeHatch by @mjmbischoff in #64
- Fixing names, adding @author, removing unused imports by @mjmbischoff in #65
- Clean the unnecessary condition codes by @LinuxSuRen in #77
- Fix the incompatible with casc by @LinuxSuRen in #78
- Look for a known user, or return UsernameNotFoundException by @jovandeginste in #82
New Contributors
- @halftan made their first contribution in #63
- @jovandeginste made their first contribution in #82
Full Changelog: oic-auth-1.6...oic-auth-1.7
Contributors
LinuxSuRen, halftan, and 3 other contributors
Assets 2
oic-auth-1.6
What's Changed
Special release for #46 which shouldn't, but might break things - please report any issues you have with this version here: #62
In case of any troubles revert to 1.5 and report your issues
New Contributors
Full Changelog: oic-auth-1.5...oic-auth-1.6
Contributors
siepkes
Assets 2
oic-auth-1.5
What's Changed
- Use the .well-known/openid-configuration autodiscovery endpoint by @agentgonzo in #31
- Well known config - bugfixes and improvements by @mjmbischoff in #32
- #37 Prevents the immediate logout->login loop by @agentgonzo in #38
- Nested field mapping #34 by @fajran in #36
- [JENKINS-55654] Fix authentication loop by @Wadeck in #56
- Fix optional config failing by @mjmbischoff in #57
- Mask client secret field by @nickpetrovic in #52
- Nullpointer on nonexistent session by @mjmbischoff in #58
New Contributors
- @agentgonzo made their first contribution in #31
- @fajran made their first contribution in #36
- @Wadeck made their first contribution in #56
- @nickpetrovic made their first contribution in #52
Full Changelog: oic-auth-1.4...oic-auth-1.5
What's Changed
- Support for configuring by well known url (/.well-known/openid-configuration) see also https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
- fixed issue introduced with Jenkins 2.150.2 with logout occurring immediately after login see: #5
- Masking client secret to avoid over the shoulder leaking of secret.
- Nested field mapping - permitting the use of values of non top-level keys, see #36 and OicSecurityRealm.java#L630
- Returning a 401 instead of throwing an NullPointerException when there's no session at the end of the authentication interaction
Full Changelog: oic-auth-1.4...oic-auth-1.5
Contributors
fajran, agentgonzo, and 3 other contributors
Assets 2
oic-auth-1.4
What's Changed
- check the userinfo endpoint for group information by @mjmbischoff in #28
- Use Jenkins proxy information #29 by @mjmbischoff in #30
- We can now also look for groups in the UserInfo endpoint when it's configured
- Added documentation about how scripted clients should authenticate given this plugin is active
- Now honoring Jenkins proxy settings see JenkinsBehindProxy
Full Changelog: oic-auth-1.3...oic-auth-1.4
Contributors
mjmbischoff
Assets 2
oic-auth-1.3
What's Changed
- bugfix for #10 on absent expires_in by @mjmbischoff in #24
Full Changelog: oic-auth-1.2...oic-auth-1.3
Contributors
mjmbischoff