Self-Introduction
Hello,
My name is Adham Mahrous. I am a software engineer currently working at NCR Atleos on Java-based enterprise banking systems. I graduated with honors in Computer Science from Cairo University.
I am an active open-source contributor with merged contributions to Jenkins Core and Keycloak (An Open Source Identity and Access Management System).
Motivation & Project Interest
I have previously implemented OAuth2 (client credentials flow) in a Spring Boot project, including secure token handling and lifecycle management. Based on this experience, I am interested in exploring enhancements to improve token management within the plugin and would appreciate guidance on design direction.
Proposed High-Level Approach (Exploratory)
At a high level, I am considering the following direction for client credentials flow support:
-
Store credentials securely
Storeclient_idandclient_secretsecurely as Jenkins credentials. -
Before accessing email
- Check whether a valid access token is available.
- If expired, call Microsoft token endpoint to obtain a new access token.
- Update the token value in its Jenkins credential.
- Continue normal flow.
-
Microsoft specific considerations
- Maybe we can use MSAL for token acquisition and lifecycle handling.
Open Source Contributions
- Jenkins (Core) – Merged contributions improving exception handling in plugin manager and test reliability.
- Keycloak – Merged contribution refactoring backend logic to expose WebAuthn transport data.
Links
GitHub: https://github.com/adhamahmad