Skip to content

Added bearer token support #159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 9, 2024
Merged

Added bearer token support #159

merged 2 commits into from
Oct 9, 2024

Conversation

chcg
Copy link

@chcg chcg commented Sep 30, 2024
edited by basil
Loading

Fixes #140

  • added global option for usage of password field for Bearer Token as described in Support PAT token #140, similar to jira plugin
  • harmonized whitespace usage within the file and changes tabs to spaces.

Testing done

Tested with Jenkins https://www.jenkins.io/changelog-stable/#v2.462.2 and none cloud aka enterprise Jira. Change should be backwards compatible and the default behaviour is not to use the bearer token but basic auth as before.

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

@chcg
- fixed jenkinsci#140
84169e7 
- added global option for usage of password field for Bearer Token as described in jenkinsci#140, similar to jira plugin
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 30, 2024
View reviewed changes
src/main/java/org/jenkinsci/plugins/JiraTestResultReporter/BearerAuthenticationHandler.java

private static final String AUTHORIZATION_HEADER = "Authorization";

private final String token;

Check warning

Code scanning / Jenkins Security Scan

Jenkins: Plaintext password storage Warning

Field should be reviewed whether it stores a password and is serialized to disk: token
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Token here is transferred to jira server. The input therefore comes from the password field which is stored to disk.

@chcg
Copy link
Author

chcg commented Oct 8, 2024

@basil Is this PR ok to be integrated?

basil
basil approved these changes Oct 9, 2024
View reviewed changes
Copy link
Member

@basil basil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR!

@basil basil merged commit 87b530e into jenkinsci:master Oct 9, 2024
16 checks passed
@chcg chcg deleted the feature_140 branch October 10, 2024 19:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@basil basil basil approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support PAT token
2 participants
@chcg @basil