Fix for microprofile#118. Provide separate deployment to retrieve a key from a URL.

Signed-off-by: Roberto Cortez <[email protected]>

Author: radcortez

tck/src/test/java/org/eclipse/microprofile/jwt/tck/config/KeyApplication.java

@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2016-2018 Contributors to the Eclipse Foundation
+ *
+ *  See the NOTICE file(s) distributed with this work for additional
+ *  information regarding copyright ownership.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  You may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.eclipse.microprofile.jwt.tck.config;
+
+import org.eclipse.microprofile.auth.LoginConfig;
+
+import javax.ws.rs.ApplicationPath;
+import javax.ws.rs.core.Application;
+
+@LoginConfig(authMethod = "MP-JWT", realmName = "TCK-MP-JWT")
+@ApplicationPath("/key")
+public class KeyApplication extends Application {
+}

tck/src/test/java/org/eclipse/microprofile/jwt/tck/config/PublicKeyAsJWKLocationURLTest.java

@@ -44,6 +44,7 @@
 import org.eclipse.microprofile.jwt.tck.util.MpJwtTestVersion;
 import org.eclipse.microprofile.jwt.tck.util.TokenUtils;
 import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.OperateOnDeployment;
 import org.jboss.arquillian.container.test.api.RunAsClient;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.arquillian.testng.Arquillian;
@@ -69,14 +70,29 @@ public class PublicKeyAsJWKLocationURLTest extends Arquillian {
     @ArquillianResource
     private URL baseURL;
 
+    @Deployment(name = "keyEndpoint", order = 1)
+    public static WebArchive createKeyEndpoint() throws Exception {
+        URL publicKey = PublicKeyAsPEMLocationURLTest.class.getResource("/publicKey4k.pem");
+
+        final WebArchive webArchive = ShrinkWrap
+            .create(WebArchive.class, "KeyEndpoint.war")
+            .addAsResource(publicKey, "/publicKey4k.pem")
+            .addAsResource(publicKey, "/publicKey.pem")
+            .addClass(PublicKeyEndpoint.class)
+            .addClass(KeyApplication.class)
+            .addClass(SimpleTokenUtils.class)
+            .addAsWebInfResource("beans.xml", "beans.xml");
+        return webArchive;
+    }
+
     /**
      * Create a CDI aware base web application archive that includes a JWKS endpoint that
      * is referenced via the mp.jwt.verify.publickey.location as a URL resource property.
      * The root url is /jwks
      * @return the base base web application archive
      * @throws IOException - on resource failure
      */
-    @Deployment()
+    @Deployment(name = "testApp", order = 2)
     public static WebArchive createLocationURLDeployment() throws IOException {
         URL publicKey = PublicKeyAsJWKLocationURLTest.class.getResource("/publicKey4k.pem");
         // Setup the microprofile-config.properties content
@@ -85,7 +101,7 @@ public static WebArchive createLocationURLDeployment() throws IOException {
         String jwksBaseURL = System.getProperty("mp.jwt.tck.jwks.baseURL", "http://localhost:8080/");
         // Location points to the JWKS endpoint of the deployment
         System.out.printf("baseURL=%s\n", jwksBaseURL);
-        URL jwksURL = new URL(new URL(jwksBaseURL), "jwks/endp/publicKey4kAsJWKS?kid=publicKey4k");
+        URL jwksURL = new URL(new URL(jwksBaseURL), "key/endp/publicKey4kAsJWKS?kid=publicKey4k");
         System.out.printf("jwksURL=%s\n", jwksURL);
         configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, jwksURL.toExternalForm());
         configProps.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
@@ -108,6 +124,7 @@ public static WebArchive createLocationURLDeployment() throws IOException {
     }
 
     @RunAsClient()
+    @OperateOnDeployment("testApp")
     @Test(groups = TEST_GROUP_CONFIG,
         description = "Validate the http://localhost:8080/jwks/endp/publicKey4kAsJWKS JWKS endpoint")
     public void validateLocationUrlContents() throws Exception {
@@ -137,6 +154,7 @@ public void validateLocationUrlContents() throws Exception {
     }
 
     @RunAsClient
+    @OperateOnDeployment("testApp")
     @Test(groups = TEST_GROUP_CONFIG, dependsOnMethods = { "validateLocationUrlContents" },
         description = "Validate specifying the mp.jwt.verify.publickey.location as remote URL to a JWKS key")
     public void testKeyAsLocationUrl() throws Exception {

tck/src/test/java/org/eclipse/microprofile/jwt/tck/config/PublicKeyAsPEMLocationURLTest.java

@@ -40,9 +40,9 @@
 
 import org.eclipse.microprofile.jwt.config.Names;
 import org.eclipse.microprofile.jwt.tck.TCKConstants;
-import org.eclipse.microprofile.jwt.tck.util.MpJwtTestVersion;
 import org.eclipse.microprofile.jwt.tck.util.TokenUtils;
 import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.OperateOnDeployment;
 import org.jboss.arquillian.container.test.api.RunAsClient;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.arquillian.testng.Arquillian;
@@ -68,33 +68,43 @@ public class PublicKeyAsPEMLocationURLTest extends Arquillian {
     @ArquillianResource
     private URL baseURL;
 
+    @Deployment(name = "keyEndpoint", order = 1)
+    public static WebArchive createKeyEndpoint() throws Exception {
+        URL publicKey = PublicKeyAsPEMLocationURLTest.class.getResource("/publicKey4k.pem");
+
+        final WebArchive webArchive = ShrinkWrap
+            .create(WebArchive.class, "KeyEndpoint.war")
+            .addAsResource(publicKey, "/publicKey4k.pem")
+            .addAsResource(publicKey, "/publicKey.pem")
+            .addClass(PublicKeyEndpoint.class)
+            .addClass(KeyApplication.class)
+            .addClass(SimpleTokenUtils.class)
+            .addAsWebInfResource("beans.xml", "beans.xml");
+        return webArchive;
+    }
+
     /**
      * Create a CDI aware base web application archive that includes an embedded JWK public key that
      * is referenced via the mp.jwt.verify.publickey.location as a URL resource property.
      * The root url is /pem
+     *
      * @return the base base web application archive
      * @throws IOException - on resource failure
      */
-    @Deployment()
+    @Deployment(name = "testApp", order = 2)
     public static WebArchive createLocationURLDeployment() throws IOException {
         URL publicKey = PublicKeyAsPEMLocationURLTest.class.getResource("/publicKey4k.pem");
         // Setup the microprofile-config.properties content
         Properties configProps = new Properties();
-        // Read in the base URL of deployment since it cannot be injected for use by this method
-        String jwksBaseURL = System.getProperty("mp.jwt.tck.jwks.baseURL", "http://localhost:8080/");
-        // Location points to the PEM endpoint of the deployment
-        System.out.printf("baseURL=%s\n", jwksBaseURL);
-        URL pemURL = new URL(new URL(jwksBaseURL), "pem/endp/publicKey4k");
-        System.out.printf("pemURL=%s\n", pemURL);
-        configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, pemURL.toExternalForm());
+        // Location points to an endpoint that returns a PEM key
+        configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "http://localhost:8080/key/endp/publicKey4k");
         configProps.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
         StringWriter configSW = new StringWriter();
         configProps.store(configSW, "PublicKeyAsPEMLocationURLTest microprofile-config.properties");
         StringAsset configAsset = new StringAsset(configSW.toString());
 
         WebArchive webArchive = ShrinkWrap
             .create(WebArchive.class, "PublicKeyAsPEMLocationURLTest.war")
-            .addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_1.name()), MpJwtTestVersion.MANIFEST_NAME)
             .addAsResource(publicKey, "/publicKey4k.pem")
             .addAsResource(publicKey, "/publicKey.pem")
             .addClass(PublicKeyEndpoint.class)
@@ -103,13 +113,13 @@ public static WebArchive createLocationURLDeployment() throws IOException {
             .addAsWebInfResource("beans.xml", "beans.xml")
             .addAsManifestResource(configAsset, "microprofile-config.properties")
             ;
-        System.out.printf("WebArchive: %s\n", webArchive.toString(true));
         return webArchive;
     }
 
     @RunAsClient()
+    @OperateOnDeployment("testApp")
     @Test(groups = TEST_GROUP_CONFIG,
-        description = "Validate the http://localhost:8080/pem/endp/publicKey4k PEM endpoint")
+          description = "Validate the http://localhost:8080/pem/endp/publicKey4k PEM endpoint")
     public void validateLocationUrlContents() throws Exception {
         URL locationURL = new URL(baseURL, "pem/endp/publicKey4k");
         Reporter.log("Begin validateLocationUrlContents");
@@ -129,8 +139,9 @@ public void validateLocationUrlContents() throws Exception {
     }
 
     @RunAsClient
+    @OperateOnDeployment("testApp")
     @Test(groups = TEST_GROUP_CONFIG, dependsOnMethods = { "validateLocationUrlContents" },
-        description = "Validate specifying the mp.jwt.verify.publickey.location as remote URL to a PEM key")
+          description = "Validate specifying the mp.jwt.verify.publickey.location as remote URL to a PEM key")
     public void testKeyAsLocationUrl() throws Exception {
         Reporter.log("testKeyAsLocationUrl, expect HTTP_OK");
 
@@ -141,9 +152,9 @@ public void testKeyAsLocationUrl() throws Exception {
 
         String uri = baseURL.toExternalForm() + "pem/endp/verifyKeyLocationAsPEMUrl";
         WebTarget echoEndpointTarget = ClientBuilder.newClient()
-            .target(uri)
+                                                    .target(uri)
             ;
-        Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
+        Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
         Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
         String replyString = response.readEntity(String.class);
         JsonReader jsonReader = Json.createReader(new StringReader(replyString));