Branch: refs/heads/bugfix-JENKINS-57154
Home: https://github.com/jenkinsci/github-oauth-plugin
Commit: 279dcf9de2788865a30bbb4045865515a1ea88f7
https://github.com/jenkinsci/github-oauth-plugin/commit/279dcf9de2788865a30bbb4045865515a1ea88f7
Author: Sam Gleske <sam.mxra...@gmail.com>
Date: 2019-08-05 (Mon, 05 Aug 2019)
Changed paths:
M src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java
M src/main/java/org/jenkinsci/plugins/GithubSecurityRealm.java
Log Message:
-----------
[JENKINS-57154] Fix configureSecurity HTTP 403 err
If an admin visits the `configureSecurity` page in Jenkins, then every
user queried will attempt to be impersonated as part of determining if
they're a user. However, it's possible for some users to revoke the
OAuth app or no longer have access so impersonation is not possible due
to an invalid token.
The `GithubAuthenticationToken` class did not properly surface an error
when a token authentication was not valid.
See also:
- [JENKINS-57154][JENKINS-57154] Regression in github-oauth-plugin 0.32
breaks /configureSecurity page
[JENKINS-57154]: https://issues.jenkins-ci.org/browse/JENKINS-57154
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/github-oauth-plugin/push/refs/heads/bugfix-JENKINS-57154/82ca63-279dcf%40github.com.
