Questions about Quarkus OpenID Connect Extension. This component protects your JAX-RS applications using Bearer Token Authorization where Bearer Tokens are issued by OpenId Connect and OAuth 2.0 compliant Authorization Servers such as Keycloak.
Questions tagged [quarkus-oidc]
51 questions
0
votes
1 answer
OpenID access token sent in body, put it in the header
I have a legacy jax-rs request. I can't change it. It's body has OpenID access token. I want to validate it using quarkus-oidc. My idea is to read the body and put token to Authorization header.
I tried to use ContainerRequestFilter with and without…
trusteduser
- 29
- 1
- 4
0
votes
1 answer
Quarkus Resource Test with preconditon of Resource
Writing Component/Integration Tests. Using Quarkus 2.0 with rest-assured, quarkus-junit5-mockito and quarkus-test-security-oidc
I want to test a Resource Method with a precondtion (create) because i want to test GET.
The problem is the calls work…
Dave M
- 31
- 1
- 9
0
votes
0 answers
Quarkus SmallRye-JWT JSON Web Key Sets refresh-interval
I am using SmallRye JWT to generate and verify the JWT token.
With microservice A, I generate the JWT token.
With microservice B, I have to verify the JWT token.
Inside microservice B, I use the properties:
smallrye:
jwt:
verify:
…
Giuseppe Scaramuzzino
- 113
- 1
- 9
0
votes
1 answer
Multiple authentications (Basic Auth + Keycloak)
I have 2 different rest endpoints in my Quarkus project:
/api/ws/...
/api/web/...
according to my understanding, it is so with Keycloak that I get a bearer token before and with this token I can access the endpoints.
But how do I do that if I want…
Kai
- 1
0
votes
1 answer
Protect all endpoints automatically
I am following Quarkus OpenID Connect tutorial here.
But I don't need to check roles.
I want all endpoints except health-check and swagger-ui to check if the token is valid. Some times I may inject the JsonWebToken to use a claim. How can I do that…
AmsterdamLuis
- 341
- 3
- 21
0
votes
1 answer
Is there a way to exclude some paths from the Quarkus OIDC verification
I'm using the quarkus-oidc component to enforce the JWT token validation in calls to a microservice.
The point is there are some paths (/api/public/*) that can be invoked publicly (without needing an Authorization: Bearer JWT).
Is there a way to…
codependent
- 23,193
- 31
- 166
- 308