• Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • github-oauth-plugin
    • None
    • 0.38

      The plugin caches (https://github.com/jenkinsci/github-oauth-plugin/pull/100) some user's information for a period of time.

      If Github is using SSO for a specific organization, it's possible that user authenticates with Github but has an expired SSO. In such a scenario, the plugin will not be able to receive the list of teams under this organization. This information is then cached for one hour.

      If the teams are being used in managing permissions, the users will effectively lose all these permissions during this period of time without any way of fixing it (except for restarting jenkins).

      I hope there can be a way to better manage this cache (option to control the cache time, etc.). Better, if it's possible, to refresh the cache if the user is trying to perform a reauthentication.

          [JENKINS-60200] More control over cache

          Steven Lumos added a comment -

          This is a huge problem for my team. Multiple times per week I end up penalized for an hour because I didn't realize it had been too long since I reloaded my company SSO page and then reloaded our GitHub org page before attempting to use Jenkins. Anything we can do to get movement on this?

          Steven Lumos added a comment - This is a huge problem for my team. Multiple times per week I end up penalized for an hour because I didn't realize it had been too long since I reloaded my company SSO page and then reloaded our GitHub org page before attempting to use Jenkins. Anything we can do to get movement on this?

          Carson Gee added a comment -

          I created a PR to clear the user cache after an interactive logout->login while leaving the cache in place for tokens to keep API limits and performance high for token auth. https://github.com/jenkinsci/github-oauth-plugin/pull/171

          Carson Gee added a comment - I created a PR to clear the user cache after an interactive logout->login while leaving the cache in place for tokens to keep API limits and performance high for token auth.  https://github.com/jenkinsci/github-oauth-plugin/pull/171

          Basil Crow added a comment -

          Fixed in jenkinsci/github-oauth-plugin#171. Released in 0.38.

          Basil Crow added a comment - Fixed in jenkinsci/github-oauth-plugin#171 . Released in 0.38 .

            cgee Carson Gee
            sockmister poh koh
            Votes:
            7 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: