jungm opened a new pull request, #1178: URL: https://github.com/apache/tomee/pull/1178
Opening as a draft PR for now as it's still WIP ### Doesn't work/WIP: - Token expiration checks `(@AutoApplySession` is used right now on the auth mechanism, I've mainly done this for testing purposes and will likely drop it) - redirectToOriginalResource=true, isn't implemented yet - Large parts of the code aren't covered by unit/integration tests ### What does work: - Authentication against Keycloak (Both in a real app and in `examples/openid-security` tests) and https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server (used in security TCK) - Passes TCK app-openid and app-openid2, app-openid3 tests redirectToOriginalResource which is not implemented yet: - ``` [INFO] Reactor Summary for Jakarta Security TCK - main 3.0.1: [INFO] [INFO] Jakarta Security TCK - main ........................ SUCCESS [ 2.672 s] [INFO] common ............................................. SUCCESS [ 0.699 s] [INFO] app-openid ......................................... SUCCESS [ 6.441 s] [INFO] app-openid2 ........................................ SUCCESS [ 16.031 s] [INFO] app-openid3 ........................................ FAILURE [ 6.057 s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ ``` I've been working on this on and off for a couple of weeks now, with this PR getting quite big by now. So I'd highly appreciate if someone can take a look and give some feedback 🙂 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
