I’ve a project generated PayaraMicro MP 3.0, application, it has Mp JWT (private key generated in file).
I created a secured API [@RolesAllowed Method ]
when I test with Microshed, I noticed that when using @ RESTClient when I specify @ JwtConfig,
it fails to invoke my secured API, with 401 unauthorized error.
I noticed that @ JwtConfig uses jose4j library, which generates the Keys internally,
I need some way to provide the same keys I am using on my payaramicro project.
thanks in advance
I’m trying to figure out what’s causing the keys to not pick up correctly.
The keys are picked up correctly but the JWT token created by the MicroShed Testing framework is leaving out a few claims that we require (as they are recommended by the JWT specification).
You can have a look at the example in this Github Repository .
Important to know, also at the readme of the repository;
- Disable the check on the type header
- Add the jti claim in the @JWTConfig.
You cannot provide the keys for the test project your self (Payara Micro needs to public key, not the private key for normal operations)