-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT guide: rewrite token generation part #9252
Comments
For @sberyozkin again? |
Hi @FroMage FYI, you only need a There will be more properties added (for kid, token lifespan, issuer, etc) and shorcuts added, so one would just do in simple cases, OK, I'll deal with some cleanup |
This doesn't appear to be useful for tests. I really dislike having a token saved on file, rather than programmatically created for the test, which is why I didn't want to see a token on disk. |
@FroMage Yeah, well, TCK tests use some JSON resources, I suppose, any JSON is a set of claims, JWT is just that JSON, where every top level property called a claim, is signed :-). So what is on the disk is some JSON. This shortcut like |
@FroMage By the way, I really like your original idea of having no arg |
On https://quarkus.io/guides/security-jwt#generating-a-jwt
We have a horrible main class meant to generate a token, which takes a token from a JSON file and requires we run a program to get a token which we use for testing.
The entire main class could be rewritten as:
And in the last section https://quarkus.io/guides/security-jwt#generate-jwt-tokens we describe this a bit, but we don't say that only the following payload is required for RBAC:
We're also missing a "Testing" section that could tell me this is all I need for testing:
The text was updated successfully, but these errors were encountered: