Support RS256 and HS256 algorithm aliases

Older versions of CF/XSA UAA used the identifiers
SHA256withRSA or HMACSHA256 to specify the algorithm
 used to sign OAuth 2 access tokens they issued.

Newer CF/XSA UAA versions, however, prefer the following

RS256 (common alias for SHA256withRSA)
HS256 (common alias for HMACSHA256)

Most other implementations of JSON web tokens (e.g. OpenId)
also prefer these aliases over the more specific identifiers.
Consequently, the cfoauth plugin should support them, too.

Change-Id: Ib1786552e08be8583c5360243acd215e7193abdd
Signed-off-by: Michael Ochmann <>
1 file changed
tree: edc21afa56f6c8d2025b84b1cd56e5f4dbcd6908
  1. lib/
  2. src/
  3. .buckconfig
  4. .gitignore
  5. BUCK
  6. BUILD
  7. external_plugin_deps.bzl
  9. LICENSE-scribe

Cloud Foundry UAA OAuth 2.0 Authentication Provider

With this plugin Gerrit can use OAuth2 protocol to authenticate users accessing Gerrit's Web UI with a CloudFoundry User Account and Authentication (UAA) server. The Sign In link will redirect the user to the UAA login screen.

For Git-over-HTTP communication users still need to generate and use an HTTP password.


Apache License 2.0