Branch: refs/heads/bugfix-JENKINS-57154
Home: https://github.com/jenkinsci/github-oauth-plugin
Commit: 428825bf6023e92edc6daffcc38f168f1f27bb89
https://github.com/jenkinsci/github-oauth-plugin/commit/428825bf6023e92edc6daffcc38f168f1f27bb89
Author: Sam Gleske <[email protected]>
Date: 2019-08-03 (Sat, 03 Aug 2019)
Changed paths:
M src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java
M src/main/java/org/jenkinsci/plugins/GithubSecurityRealm.java
Log Message:
-----------
[JENKINS-57154] Fix configureSecurity HTTP 403 err
If an admin visits the `configureSecurity` page in Jenkins, then every
user queried will attempt to be impersonated as part of determining if
they're a user. However, it's possible for some users to revoke the
OAuth app or no longer have access so impersonation is not possible due
to an invalid token.
The `GithubAuthenticationToken` class did not properly surface an error
when a token authentication was not valid.
See also:
- [JENKINS-57154][JENKINS-57154] Regression in github-oauth-plugin 0.32
breaks /configureSecurity page
[JENKINS-57154]: https://issues.jenkins-ci.org/browse/JENKINS-57154
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/github-oauth-plugin/push/refs/heads/bugfix-JENKINS-57154/921caf-428825%40github.com.
