search

jenkinsci / oic-auth-plugin

A Jenkins plugin which lets you login to Jenkins using your own, self-hosted or public openid connect server.
https://plugins.jenkins.io/oic-auth
MIT License
71 stars 94 forks source link

Add JWKS parameters for verifying web token signatures #297

Closed michael-doubez closed 6 months ago

michael-doubez commented 6 months ago

Activate verification of token signature. Fix #89

Testing done

### Submitter checklist
- [x] Make sure you are opening from a **topic/feature/bugfix branch** (right side) and not your main branch!
- [x] Ensure that the pull request title represents the desired changelog entry
- [x] Please describe what you did
- [x] Link to relevant issues in GitHub or Jira
- [ ] Link to relevant pull requests, esp. upstream and downstream changes
- [x] Ensure you have provided tests - that demonstrates feature works or fixes the issue
codecov[bot] commented 6 months ago

Codecov Report

Attention: Patch coverage is 67.24138% with 19 lines in your changes are missing coverage. Please review.

Project coverage is 73.27%. Comparing base (c3d9244) to head (9442607). Report is 12 commits behind head on master.

Files Patch % Lines
...va/org/jenkinsci/plugins/oic/OicSecurityRealm.java 57.89% 10 Missing and 6 partials :warning:
...jenkinsci/plugins/oic/OicJsonWebTokenVerifier.java 85.00% 3 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #297 +/- ## ============================================ + Coverage 73.16% 73.27% +0.11% - Complexity 189 209 +20 ============================================ Files 9 10 +1 Lines 775 872 +97 Branches 113 123 +10 ============================================ + Hits 567 639 +72 - Misses 151 170 +19 - Partials 57 63 +6 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.