Enable Dual OIDC Integration Flow with Backward Compatibility

[EyalDelarea]

• All tests passed. If this feature is not already covered by the tests, I added new tests.
• I used npm run format for formatting the code before submitting the pull request.

---

🔐 OIDC Authentication Flow Support

This project now supports two OpenID Connect (OIDC) authentication flows, depending on the JFrog CLI version and how it is used:

---

✅ Native OIDC Integration (Recommended)

• Used when:

  • JFrog CLI version is >= 2.75.0 ( un-released )
  • You are not downloading the CLI from a remote Artifactory repository

• Behavior:

  • Uses the JFrog CLI's built-in --oidc-token-id support
  • No need to manually exchange tokens

---

🔁 Manual OIDC Fallback (Legacy or Remote CLI Download)

• Used when:

  • JFrog CLI version is older than 2.75.0, or
  • A CLI is downloaded using a remote Artifactory repository (via --download-repository)

• Behavior:

  • Uses GitHub’s OIDC token to manually fetch a JFrog access token via the REST API
  • Ensures backward compatibility and support for remote execution contexts

---

🧪 Integration Test Workflows

To ensure correct behavior across environments:

• cli-oidc-test.yml: Verifies native OIDC flow
• manual-oidc-test.yml: Verifies manual fallback path

---

✅ Improvements & Cleanup

• Deprecated and removed: setUsageEnvVars() legacy logic
• Added test coverage for:
  • CLI version fallbacks
  • OIDC failures
  • Remote download cases
• Introduced constants for clarity and maintainability:
  • MIN_CLI_OIDC_VERSION
  • DEFAULT_OIDC_AUDIENCE
  • CLI_REMOTE_ARG
• Enhanced logging and credential-handling transparency

---

🧼 Future Outlook

Once all JFrog CLI usage paths—including remote downloads—support --oidc-token-id, the manual fallback logic will be removed for cleaner and more secure operation.

[github-actions]

---

🐸 JFrog Frogbot