-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT VC Issuer Metadata /.well-known/jwt-vc-issuer to comply with SD-JWT VC Specification #29635
Conversation
…with SD-JWT VC Specification Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@mposolda - I assume this is in the area of core-clients to approve and review. |
Unreported flaky test detectedIf the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR. org.keycloak.testsuite.federation.ldap.LDAPUserLoginTest#loginLDAPUserCredentialVaultAuthenticationNoneEncryptionNoneKeycloak CI - Java Distribution IT (windows-latest - temurin - 19)
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unreported flaky test detected, please review
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@francis-pouatcha @wistefan Thanks for adding this and for the review!
Added comment inline regarding to avoid code duplication.
Is it also possible to add automated tests for this?
services/src/main/java/org/keycloak/protocol/oid4vc/issuance/JWTVCIssuerWellKnownProvider.java
Outdated
Show resolved
Hide resolved
…ctionality and verifying that the correct issuer and JWK set are returned. This addresses the request for tests in the review discussion: #29635 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unreported flaky test detected, please review
Unreported flaky test detectedIf the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR. org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithIntermediateRevocationListFromHttpKeycloak CI - FIPS IT (strict)
org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithInvalidSignatureCRLKeycloak CI - FIPS IT (strict)
org.keycloak.testsuite.x509.X509BrowserCRLTest#loginWithMultipleRevocationListsKeycloak CI - FIPS IT (strict)
|
@mposolda not sure how to proceed here. Will wait for your review comments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@francis-pouatcha Thanks for the updates!
The test is actually failing. It probably works with Keycloak on embedded undertow (so I guess it works for you when you run the test from your IDE), but it fails with quarkus distribution, which can be simulated probably by command like this:
mvn clean install
cd testsuite/integration-arquillian
mvn clean install -Pauth-server-quarkus -Dtest=JWTVCIssuerWellKnownProviderTest
I believe it will help to slightly update the test and test by actually sending real HTTP request instead of using "testing client" to directly call Java API. That's how OIDC well-known endpoint is also tested. Added inline comment with some details.
...st/java/org/keycloak/testsuite/oid4vc/issuance/signing/JWTVCIssuerWellKnownProviderTest.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>
@mposolda - tests are now green. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@francis-pouatcha @wistefan @ahus1 Thanks everyone for the work on this PR and reviews
closes #29634