Hi! I managed to get all the MP-JWT-TCK 2.1-RC6 tests to pass. I created microprofile-jwt-2.1-RC6 branch in my forked tomee project. What should I do? Can I create a PR?
Thanks: Zoltán On Wed, Nov 2, 2022 at 10:30 PM David Blevins <[email protected]> wrote: > > On Nov 2, 2022, at 1:51 PM, Zoltán Tichov <[email protected]> > wrote: > > > > Hi! > > > > There is at least one new test method in TCK callEchoAgedToken() and > added > > a new feature > > 'mp.jwt.verify.token.age'. This method failed, because it should return > > with HttpURLConnection.HTTP_UNAUTHORIZED instead of > > HttpURLConnection.HTTP_OK. > > Am I right that this property should be checked in > > org.apache.tomee.microprofile.jwt.MPJWTFilter? > > That's exactly right. More than likely the jose4j library we use already > supports token age -- definitely post if it doesn't cause then the problem > is way harder. > > If it does already support something like token age, then the task becomes > reading the new property and feeding that into `MPJWTFilter`. > > - `JWTAuthConfigurationProperties` is where we're currently reading the > MP JWT properties > - `JWTAuthConfiguration` is where the above class puts those properties > once read (you'll need to make a new field there) > > Once that's done you can update `MPJWTFilter` to setup the > JwtConsumerBuilder using the data in JWTAuthConfiguration if the user set > it. > > > -David > >
