The GitHub Actions job "Java CI with Gradle" on ofbiz-framework.git/trunk has succeeded. Run started by GitHub user jacopoc (triggered by jacopoc).
Head commit for run: 2841c16e492a7f57da5d9d352d322cb35befc0a6 / Jacopo Cappellato <[email protected]> Implemented: JWT validation for tokens issued by an external authentication server. The system now supports two token validation modes: 1) External authentication server (JWK-based): if an issuer is configured in the "security.token.issuer" property, the token is verified using a JWK provider and the issuer's public key used to sign the token. 2) Local HMAC verification: If no issuer is configured, the token is verified locally using an HMAC key derived from the secret key configured in the "security.token.key" (and optionally a salt). This is the legacy mode whose behavior is not affected by this change. With the default configuration, this is the method used by OFBiz for token verification. Change access modifiers and method signatures for token validation methods to allow upcoming implementation for external JWT validation. Thanks: Anahita Goljahani for the analysis and research about OAuth 2.0/OpenID Connect providers and for the tests with Keycloak and its deployment and configuration. Report URL: https://github.com/apache/ofbiz-framework/actions/runs/19292137310 With regards, GitHub Actions via GitBox
