Payaramicro with MicroShed JWT issue

Osama · November 12, 2021, 3:24pm

Hi,
I’ve a project generated PayaraMicro MP 3.0, application, it has Mp JWT (private key generated in file).
I created a secured API [@RolesAllowed Method ]
when I test with Microshed, I noticed that when using @ RESTClient when I specify @ JwtConfig,
it fails to invoke my secured API, with 401 unauthorized error.
I noticed that @ JwtConfig uses jose4j library, which generates the Keys internally,
I need some way to provide the same keys I am using on my payaramicro project.

@rudy.de.busscher
thanks in advance

rudy.de.busscher · November 19, 2021, 8:20am

Hi,

I’m trying to figure out what’s causing the keys to not pick up correctly.

Rudy

rudy.de.busscher · November 20, 2021, 5:48pm

Hi,

The keys are picked up correctly but the JWT token created by the MicroShed Testing framework is leaving out a few claims that we require (as they are recommended by the JWT specification).

You can have a look at the example in this Github Repository .

Important to know, also at the readme of the repository;

Disable the check on the type header
Add the jti claim in the @JWTConfig.

You cannot provide the keys for the test project your self (Payara Micro needs to public key, not the private key for normal operations)

Regards
Rudy

Topic		Replies	Views
PayaraMicro - deploy with certbot SSL (HTTPS) Payara Micro	2	135	April 20, 2024
How to disable JWT? Technical Discussion	0	351	March 18, 2022
Error staring microservice when using jackson-core Technical Discussion	2	75	September 3, 2024
Can't launch Payara Micro from payara-micro-maven-plugin, getting "unsupported JDK" Payara Micro	1	1404	May 12, 2022
MicroProfile Metrics with Prometheus in Kubernetes Technical Discussion	3	519	November 8, 2021

Payaramicro with MicroShed JWT issue

Related topics