Skip to content

Commit

Permalink
Merge pull request #1129 from michalvavrik/feature/disable-openapi
Browse files Browse the repository at this point in the history
Disable OpenAPI security scheme check in classic OIDC client
  • Loading branch information
michalvavrik authored Mar 24, 2023
2 parents d641be8 + 134fbe9 commit 3451d3d
Showing 1 changed file with 6 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -83,13 +83,15 @@ private void assertContent(JsonObject content) {
assertTrue(content.getJsonObject("paths").containsKey("/rest-pong"), "Missing expected path: /rest-pong");

// verify that path /secured/admin is only accessible by user with role 'admin'
var expectedRole = getRequiredRoleForPath(content, "/secured/admin");
assertEquals("admin", expectedRole);
// TODO: enable when https://github.com/quarkusio/quarkus/issues/32112 is fixed
// var expectedRole = getRequiredRoleForPath(content, "/secured/admin");
// assertEquals("admin", expectedRole);

// verify that path /secured/getClaimsFromBeans is accessible by any authenticated user
expectedRole = getRequiredRoleForPath(content, "/secured/getClaimsFromBeans");
// TODO: enable when https://github.com/quarkusio/quarkus/issues/32112 is fixed
// expectedRole = getRequiredRoleForPath(content, "/secured/getClaimsFromBeans");
// note: '**' is equivalent of @Authenticated and @RolesAllowed("**")
assertEquals("**", expectedRole);
// assertEquals("**", expectedRole);

// verify 'oidc' security schema
var securitySchema = content
Expand Down

0 comments on commit 3451d3d

Please sign in to comment.