Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BAU: Bump com.nimbusds:oauth2-oidc-sdk from 10.13.2 to 11.20.1 #5489

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

BAU: Bump com.nimbusds:oauth2-oidc-sdk from 10.13.2 to 11.20.1 #5489

wants to merge 3 commits into from

Conversation

alhcomer
Copy link
Contributor

@alhcomer alhcomer commented Nov 5, 2024
edited
Loading

Bumps com.nimbusds:oauth2-oidc-sdk from 10.13.2 to 11.20.1.

updated-dependencies:

  • dependency-name: com.nimbusds:oauth2-oidc-sdk dependency-type: direct:production update-type: version-update:semver-major ...

What

Had to make changes alongside the upgrade replacing old deprecated methods with new ones, and updating the Token Request instantiation with null values for new optional parameters AuthorizationDetail and DeviceSecret.

See deprecations and replacements here.

See details for new optional AuthorizationDetail TokenRequest parameter here.

See details for device secret

How to review

Checklist

  • Impact on orch and auth mutual dependencies has been checked.
  • A UCD review has been performed.

Related PRs

@alhcomer alhcomer requested review from a team as code owners November 5, 2024 18:30
@alhcomer alhcomer force-pushed the BAU/bump-nimbus branch 6 times, most recently from 30df26d to 7c90b85 Compare November 7, 2024 12:44
@alhcomer alhcomer marked this pull request as draft November 7, 2024 12:52
@alhcomer alhcomer force-pushed the BAU/bump-nimbus branch 4 times, most recently from db12f4b to 00a9a3f Compare November 8, 2024 10:55
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Nov 8, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
4.2% Duplication on New Code (required ≤ 3%)

See analysis details on SonarCloud

dependabot bot and others added 3 commits December 12, 2024 14:49
@dependabot @alhcomer
BAU: Bump com.nimbusds:oauth2-oidc-sdk from 10.13.2 to 11.20.1
53f5fcc 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 10.13.2 to 11.20.1.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.20.1..10.13.2)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@alhcomer
wip
9d5f4cd
@alhcomer
BAU: update expired token test
9f2c438 
ID token claims sets can no longer be created as expired from instantiation. Because of this, the shouldNotFailSignatureValidationIfIdTokenHasExpired
test failed as it was trying to create an ID as already expired. I've deleted this test because it is difficult to test without using the sleep method,
and the test is testing the functionality of the packages we rely on (nimbus jose and oidc sdk v2) rather than anything to do with our implementation.
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
4.2% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@alhcomer