janhoy commented on a change in pull request #139:
URL: https://github.com/apache/solr/pull/139#discussion_r637276860
##########
File path: solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
##########
@@ -477,4 +484,51 @@ public void initWithToplevelAndIssuersCombined() {
// Top-level (name=PRIMARY) issuer config does not need "iss" for back
compat
assertNull(plugin.getPrimaryIssuer().getIss());
}
+
+ @Test
+ public void initWithIdpCertString() {
+ HashMap<String, Object> authConf = new HashMap<>();
+ authConf.put("jwksUrl", "https://127.0.0.1:9999/foo.jwk";);
+ authConf.put("trustedCerts", trustedPemCert);
+ plugin = new JWTAuthPlugin();
+ plugin.init(authConf);
+ }
+
+ @Test
+ public void initWithIdpCertPath() {
+ HashMap<String, Object> authConf = new HashMap<>();
+ authConf.put("jwksUrl", "https://127.0.0.1:9999/foo.jwk";);
+ authConf.put("trustedCertsFile",
TEST_PATH().resolve("security").resolve("jwt_idpCert.pem").toString());
+ plugin = new JWTAuthPlugin();
+ plugin.init(authConf);
Review comment:
I added a test to check that there are 2 X509 certs in IssuerConfig. But
still need to test somehow that the certs are actually used on outbound traffic
to WellKnown endpoint as well as JWKS endpoint.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
