Client certificate required no matter which option is selected

[fcorluka-burai]

Jenkins and plugins versions report

Environment

azure-ad:504.vc4785930e17a_
Jenkins: 2.414.3

What Operating System are you using (both controller, and any agents involved in the problem)?

Java: 11.0.20 - Red Hat, Inc. (OpenJDK 64-Bit Server VM)

Reproduction steps

I wanted to create an integration between Microsoft SSO and Jenkins. I was trying yesterday before the latest upgrade and there wasn't even an option for client certificate. Now when I want to use client_id and client_secret, it is still requiring me to enter client_certificate. Since it's a radio button, I would believe that only one of these two option is required and not both.

Expected Results

Be able to add client_secret without adding client_certificate

Actual Results

client_certificate required no matter the option selected

Anything else?

No response

Are you interested in contributing a fix?

No response

[timja]

Can you supply a screenshot / explain more?

I was able to configure from scratch with a client secret no problem

[matanelcohen]

Hi, @fcorluka-burai
Just did fresh install on Jenkins with the plugin and everything worked fine for me.
In order to help you and debug this can you provide more info? are you able to get the VM logs while you working in the plugin and try to save?

[mkopnsrc]

Hi @timja and @fcorluka-burai

I'm also having similar issue when trying to verify configuration after required fields are populated. Please see screenshot below or attached as well. Hope details provided will help troubleshoot faster.

Here are the all the version details:
OS: Rocky Linux 9.3
Jenkins Server: 2.426.2
Microsoft Entra ID Plugin: 504.vc4785930e17a

Azure SDK API Plugin: 174
Caffeine API Plugin: 3.1.8-133
commons-lang3 v3.x Jenkins API: 3.13.0-62
Gson API Plugin: 2.10.1-15
OkHttp Plugin: 4.11.0-172
Mailer Plugin: 470
Matrix Authorization Strategy Plugin: 3.2.2
[Configuration as Code Plugin: 1805
Folders Plugin: 6.858

Screenshot

[timja]

Can you open your browser console when you click Verify Configuration and send the JSON?

Replacing values with ****s of any user supplied info

From reading the code I don't see how this could happen and I've tested on an existing and from a clean setup again (I also tested this case yesterday)

What browser are you using? (I've tested Safari and Chrome)

[mkopnsrc]

@timja
I don't see any JSON blob in Console window when I click on Verify Configuration. But I do see an post request being made in network tab. I've tested using MS Edge Version 126.0.2592.102, Chrome Version 126.0.6478.128 and Firefox 126.0.1 (64-bit), both have same result.

Just FYI on side, I've deployed brand new AWS EC2 Rocky Linux with latest Jenkins Version 2.452.2 with MS EntraID plugin along with all dependencies which doesn't seems to have this issue which I find it odd. Possibly issue is related to older versions.

Notice in the second screenshot, even though I've selected Client Secret, somehow the credentialType comes as Certificate.

[timja]

Ah right.

I fixed this in Jenkins 2.443 jenkinsci/jenkins#8832

are you able to upgrade please?