Refresh token support was recently added to oic-auth-plugin and it works as expected for calls with API tokens.
However, even when offline token is available, client will get redirected to OIDC login page when Jenkins session expires, ending up in several offline tokens for a single user in the SSO, wasting storage and generating warnings from IT departments.
doCommenceLogin should be improved to check for an existing token, possibly in collaboration with RememberMeServices to securely identify the user and re-use the offline token, before redirecting to sign in page.
What feature do you want to see added?
Refresh token support was recently added to oic-auth-plugin and it works as expected for calls with API tokens.
However, even when offline token is available, client will get redirected to OIDC login page when Jenkins session expires, ending up in several offline tokens for a single user in the SSO, wasting storage and generating warnings from IT departments.
doCommenceLogin should be improved to check for an existing token, possibly in collaboration with RememberMeServices to securely identify the user and re-use the offline token, before redirecting to sign in page.
Upstream changes
No response
Are you interested in contributing this feature?
No response