> On Nov 9, 2022, at 10:29 AM, Zoltán Tichov <[email protected]> wrote: > > Hi! > > Is there another task that could be taken care of?
There's a change in the same code that's on my "I should really find the time
to fix that" list if you want to dig in.
Basically, we added a TomEE-specific property `mp.jwt.tomee.allow.no-exp`. We
likely should avoid putting custom properties in the `mp.jwt.*` namespace and
likely we should:
- rename it to something that starts with `tomee` like say
`tomee.mp.jwt.allow.no-exp`
- ensure both properties work for backwards compatibility
- `tomee.mp.jwt.allow.no-exp` would win if both were defined
- any use of `mp.jwt.tomee.allow.no-exp` should get a warning log message
- create an itest or two in `itests/microprofile-jwt-itests/` that uses the
property
- update `docs/microprofile/jwt.adoc`
- File JIRA cause I haven't done that yet, LOL :)
The runtime change will be a piece of cake for you. Most the work would be in
the itest, which could be kind of new/fun to do.
Thoughts?
-David
> On Wed, Nov 9, 2022 at 10:19 AM Jean-Louis Monteiro <
> [email protected]> wrote:
>
>> We can get the CI system to build it.
>> Thanks Zoltan
>> --
>> Jean-Louis Monteiro
>> http://twitter.com/jlouismonteiro
>> http://www.tomitribe.com
>>
>>
>> On Wed, Nov 9, 2022 at 10:06 AM Richard Zowalla <[email protected]>
>> wrote:
>>
>>> Hi,
>>>
>>> good news! Yes - go for a PR.
>>>
>>> Gruß
>>> Richard
>>>
>>> Am Dienstag, dem 08.11.2022 um 23:30 +0100 schrieb Zoltán Tichov:
>>>> Hi!
>>>>
>>>> I managed to get all the MP-JWT-TCK 2.1-RC6 tests to pass. I created
>>>> microprofile-jwt-2.1-RC6 branch in my forked tomee project.
>>>> What should I do? Can I create a PR?
>>>>
>>>> Thanks:
>>>> Zoltán
>>>>
>>>> On Wed, Nov 2, 2022 at 10:30 PM David Blevins <
>>>> [email protected]>
>>>> wrote:
>>>>
>>>>>> On Nov 2, 2022, at 1:51 PM, Zoltán Tichov <
>>>>>> [email protected]>
>>>>> wrote:
>>>>>> Hi!
>>>>>>
>>>>>> There is at least one new test method in TCK callEchoAgedToken()
>>>>>> and
>>>>> added
>>>>>> a new feature
>>>>>> 'mp.jwt.verify.token.age'. This method failed, because it should
>>>>>> return
>>>>>> with HttpURLConnection.HTTP_UNAUTHORIZED instead of
>>>>>> HttpURLConnection.HTTP_OK.
>>>>>> Am I right that this property should be checked in
>>>>>> org.apache.tomee.microprofile.jwt.MPJWTFilter?
>>>>>
>>>>> That's exactly right. More than likely the jose4j library we use
>>>>> already
>>>>> supports token age -- definitely post if it doesn't cause then the
>>>>> problem
>>>>> is way harder.
>>>>>
>>>>> If it does already support something like token age, then the task
>>>>> becomes
>>>>> reading the new property and feeding that into `MPJWTFilter`.
>>>>>
>>>>> - `JWTAuthConfigurationProperties` is where we're currently
>>>>> reading the
>>>>> MP JWT properties
>>>>> - `JWTAuthConfiguration` is where the above class puts those
>>>>> properties
>>>>> once read (you'll need to make a new field there)
>>>>>
>>>>> Once that's done you can update `MPJWTFilter` to setup the
>>>>> JwtConsumerBuilder using the data in JWTAuthConfiguration if the
>>>>> user set
>>>>> it.
>>>>>
>>>>>
>>>>> -David
>>>>>
>>>>>
>>>
>>>
>>
smime.p7s
Description: S/MIME cryptographic signature
