[JENKINS-64870] Enhance GitHupAppCredentials to use JWTToken instead AppInstallation Token - Jenkins Jira

XML

Word

Printable

Details

Type: Improvement
Status: Closed (View Workflow)
Priority: Major
Resolution: Won't Do
Component/s: github-branch-source-plugin
Labels:
None

Similar Issues:

Show

Description

Currently GitHubAppCredentials is generating JWT token from the AppInstallationToken, I think only in few exceptional cases AppInstallationToken is needed.

We need to convert the logic to use the JWT token itself to support it across multiple organizations.

Given there are no issues with this implementation, this could solve other issues like JENKINS-64662 and JENKINS-62220.

JWT Token vs App Installation Token
https://github-api.kohsuke.org/githubappjwtauth.html
https://github-api.kohsuke.org/githubappappinsttokenauth.html

https://github.com/jenkinsci/github-branch-source-plugin/blob/master/src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubAppCredentials.java#L178-L198

Attachments

Issue Links

is related to

JENKINS-62220 GitHub App to support credentials with multiple organizations

Open

JENKINS-64662 Create GitHub App Credentials Binding to support owner override

In Review

Activity

Hide

Permalink

Naresh Rayapati added a comment - 2021-02-15 19:20

Nvm, I got this wrong, we need to get app before we actually create access token, jwt are only meant to authenticate app and then from app installation token we get the actual access token. Closing.

Show

Naresh Rayapati added a comment - 2021-02-15 19:20 Nvm, I got this wrong, we need to get app before we actually create access token, jwt are only meant to authenticate app and then from app installation token we get the actual access token. Closing.

People

Assignee:: Unassigned

Reporter:: Naresh Rayapati

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2021-02-15 13:06

Updated:: 2021-02-15 19:20

Resolved:: 2021-02-15 19:20