I am trying to get jwk keyset from google for use with Apache Cxf OIDC and Jose Libs. The code works fine when I run it on a stand alone main method.
|public class Main { /** * @param args the command line arguments */ public static void main(String[] args) { final WebClient client = WebClient.create("https://www.googleapis.com/oauth2/v3/certs", Arrays.asList(new JsonWebKeysProvider()), true).accept(MediaType.APPLICATION_JSON); JsonWebKeys keys = client.get(JsonWebKeys.class); keys.getKeys().forEach(key -> { System.out.println("****************************************************************************"); System.out.println("ID........." + key.getKeyId()); System.out.println("Alg........" + key.getAlgorithm()); System.out.println("Key Type..." + key.getKeyType()); System.out.println("Use........" + key.getPublicKeyUse()); }); } } | The ID, algorithm, key type and use is printed properly meaning that the keys are property populated. Sample output: |**************************************************************************** ID.........79c809dd1186cc228c4baf9358599530ce92b4c8 Alg........RS256 Key Type...RSA Use........sig **************************************************************************** ID.........17d55ff4e10991d6b0efd392b91a33e54c0e218b Alg........RS256 Key Type...RSA Use........sig | pom.xml extract for Main class. |<dependencies> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-client</artifactId> <version>3.3.5</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-security-sso-oidc</artifactId> <version>3.3.5</version> </dependency> </dependencies> | The same code however doesn't work when deployed in Tomee 8. |@WebServlet(name = "NewServlet", urlPatterns = {"/x"}) public class NewServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter writer = response.getWriter(); final WebClient client = WebClient.create("https://www.googleapis.com/oauth2/v3/certs", Arrays.asList(new JsonWebKeysProvider()), true).accept(MediaType.APPLICATION_JSON); JsonWebKeys keys = client.get(JsonWebKeys.class); keys.getKeys().forEach(key -> { writer.println("****************************************************************************"); writer.println("ID........." + key.getKeyId()); writer.println("Alg........" + key.getAlgorithm()); writer.println("Key Type..." + key.getKeyType()); writer.println("Use........" + key.getPublicKeyUse()); }); } } | The ID, algorithm, key type and use is null when this code runs in Tomee 8. I have added cxf oidc lib and jose jars are installed in tomee/lib folder. Sample output: |**************************************************************************** ID.........null Alg........null Key Type...null Use........null **************************************************************************** ID.........null Alg........null Key Type...null Use........null | pom.xml extract for the servlet. |<dependencies> <dependency> <groupId>org.apache.tomee</groupId> <artifactId>javaee-api</artifactId> <version>8.0-3</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-frontend-jaxrs</artifactId> <version>${cxf.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-security-sso-oidc</artifactId> <version>${cxf.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-client</artifactId> <version>${cxf.version}</version> <scope>provided</scope> </dependency> </dependencies> | What is causing this issue?