exceptionfactory opened a new pull request, #8126: URL: https://github.com/apache/nifi/pull/8126
# Summary [NIFI-12418](https://issues.apache.org/jira/browse/NIFI-12418) Corrects OpenID Connect Bearer Token refresh processing, preserving Identity Provider Group information after a token refresh occurs. Following refactoring in NiFi 1.24.0 to pass Identity Provider Group membership in the `groups` claim of Application Bearer Tokens, the group membership is lost when an automatic Bearer Token refresh occurs. This applies only to OpenID Connect integration, and only impacts users with Identity Provider Group membership that is not supplied through a User Group Provider. The correction streamlines the `LoginAuthenticationToken` class, removing unnecessary constructors to avoid ambiguity. It also introduces an Issuer Provider to return a standard application Bearer Token Issuer based on the configured host and port properties. Further changes to `LoginAuthenticationToken` include changing parameters to use `java.time.Instant` for greater clarity of the expiration time, as opposed to the primitive `long` number of seconds before expiration. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-00000` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-00000` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [X] Build completed using `mvn clean install -P contrib-check` - [X] JDK 21 ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
