Add OIDC Service Connection Authentication method

[EyalDelarea]

• All tests passed. If this feature is not already covered by the tests, I added new tests.
• This pull request is on the dev branch.
• I used npm run format for formatting the code before submitting the pull request.

---

🔒 Why This Matters

This PR introduces native support for OIDC authentication in the JFrog Azure DevOps extension, allowing pipelines to authenticate without long-lived credentials. By using Azure DevOps as a trusted identity provider, users can securely exchange OIDC tokens for temporary JFrog access tokens at runtime.

---

✅ Key Features Introduced

• OIDC token exchange via the JFrog CLI eot command (jf eot <provider> <id-token>)
• Output variables for username and access token are now exposed via:

  ##vso[task.setvariable variable=oidc_user;isOutput=true]<value>
  ##vso[task.setvariable variable=oidc_token;isOutput=true]<value>

• Full documentation added to the README.md:
  • How to configure JFrog OIDC integration
  • Setting up Identity Mappings
  • Creating a proper Service Connection with OIDC
• Support for all JFrog product types (Artifactory, Xray, Distribution) through new endpoint-auth-scheme-none definitions

---

⚙ Why Use jf eot Instead of jf c add --oidc-*?

The CLI’s jf c add --oidc-* approach adds OIDC configuration directly, but:

• ❌ It does not expose the resulting credentials (username, access token) for reuse
• ✅ jf eot explicitly exchanges the OIDC ID token and outputs the credentials, which can then be exported and reused for other tools (e.g., Docker login, Helm)

This makes jf eot more flexible for CI environments that rely on short-lived credentials being passed across multiple steps.

---

🧪 Example: Consuming Exported OIDC Variables in Pipelines

steps:
- task: JfrogCliV2@1
  name: jfStep
  inputs:
    jfrogPlatformConnection: 'azure-oidc'
    command: 'jf rt ping'

- task: PowerShell@2
  inputs:
    targetType: 'inline'
    script: |
        echo "OIDC Username (from output): $(jfStep.oidc_user)"
        echo "OIDC Token (from env): $env:oidc_token"
  displayName: 'Use OIDC Output Variables'

Variables are set using tl.setVariable('oidc_user', value, true) within the task logic.

---

📦 Other Notable Changes

• Added fetchAzureOidcToken() and exchangeOidcTokenAndSetStepVariables() utility methods
• Token parsing includes fallback logic (regex) in case CLI output isn’t valid JSON
• Bumped CLI default version to 2.75.0 to ensure compatibility with jf eot
• New service connection types and input descriptors added to vss-extension.json
• Added visual diagrams to README.md to aid with OIDC setup

---

🙌 Special Thanks

We’d like to recognize and thank the authors of the following PRs for paving the way with early implementations and valuable context:

#495 — Introduced the concept of OIDC integration in the extension

#520 — Added groundwork for platform URL-based token exchange

We delayed merging earlier solutions because we wanted to align this integration natively with the new --oidc-token-id mechanism introduced in the JFrog CLI.
That said, the contributions in both PRs were incredibly helpful in shaping this final implementation — thank you!

[bhanurp]

there is an issue with latest version of jfrog-cli in azure devops plugin better to revert to old version until the issue is resolved.

[EyalDelarea]

This is mandatory for the OIDC token exchange.
Maybe we can merge this and not release yet.

[bhanurp]

are we adding new dependencies ? Can't solution achieved without using this.
I know limit is 50MB checking if there is a possibility to avoid.

[EyalDelarea]

Even with it the size should be under 50MB, i think we are currently at around 31.
We could write a check for version manually without using semver, but if we have some room i think it's better.

[MikaLJF]

Looks great! I added some rephrasing suggestions

[cplee]

Awesome! When can we expect to see this published in the marketplace?