Hi there, still looking into this. Is there a Stappler middleware to write in order to catch requests beforehand ?
Thanks, Martin Le ven. 10 juil. 2020 à 16:24, Goyot, Martin <[email protected]> a écrit : > Hi there, > > I'm working on an OAuth2 plugin integration on Jenkins. One question I > have in the OAuth2 context and haven't found an answer to in the GitHub or > BitBucket plugins is how to force the user through authentication again. > > Let me explain the context: > > In OAuth2 you're generally given 2 tokens, one short-lived, the Access > Token, and one (optional) which lives longer, the Refresh Token which lets > you get a new Access Token once the previous one expires. One use case that > can appear is that either both (access and refresh) tokens are expired or > you don't even have a refresh token. In this case, in the Matrix-based > security when we try to check usernames or groupnames we just fail because > we get rejected by the OAuth2 server. > > In this context, what we'd like to be able to do is that in the > loadUserByUsername > and loadGroupByGroupname methods of the SecurityRealm we would force the > user through re-authentication if we detect his token to be expired/revoked. > > Is there a way to do so, have the user go through authentication again > before accessing the page ? Some kind of Stapler middleware class ? > > Thanks, > Martin > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CA%2Bb6JB_OhLVb%2BPL7yFsYNo%2BEHnR8EeeFAC-PmPiSPay_j17kOg%40mail.gmail.com.
