Add RestEasy Reactive and OidcSecurity test #25798
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@geoand Np at all, let me know please if I can help somehow, check some reactive resteasy code, etc |
|
Will do! |
sberyozkin
force-pushed
the
test_jwt_security_resteasy_reactive
branch
from
6886861
to
6ddf2d2
Compare
sberyozkin
changed the title
|
@geoand I've updated the test to use And, also, locally, I've modified So it is a |
|
Understood, thanks for looking into it @sberyozkin! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #25722.
@geoand FYI, see
TestSecurityLazyAuthTest. The RestEasy Classic based test runs here: https://github.com/quarkusio/quarkus/blob/main/integration-tests/smallrye-jwt-token-propagation/src/test/java/io/quarkus/it/keycloak/TestSecurityLazyAuthTest.java,I've just copied that test and
ProtectedJwtResourcetointegration-tests/oidc-token-propagation-reactive.JwtSecurityextendsTestSecurityand offers one option for supporting testing the endpoints which have an injectedJsonWebtoken.It is processed here: https://github.com/quarkusio/quarkus/blob/main/test-framework/security-jwt/src/main/java/io/quarkus/test/security/jwt/JwtTestSecurityIdentityAugmentorProducer.java
and this test augmentor is initiated from here:
https://github.com/quarkusio/quarkus/blob/main/test-framework/security/src/main/java/io/quarkus/test/security/QuarkusSecurityTestExtension.java#L88.
So this
JwtTestSecurityIdentityAugmentorProduceradds aJsonWebTokeninstance to the currentSecurityIdentityand this producer, https://github.com/quarkusio/quarkus/blob/main/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcJsonWebTokenProducer.java#L40, is expected to support the injection ofJsonWebTokenusing this emulated token.this test gives NPE,
ProtectedJwtResourcethrows it becauseJsonWebTokenremains null and is not injected.Have a look please when you can get a chance