Skip to content

quarkus and jwt token, application.properties var don’t work

I have a quarkus project I try to secure some of my endpoints with a Jwt token.

So far, it don’t work. everything is still accessible.

my application.properties:

quarkus.http.auth.permission.public.paths=/api/bo/authenticate
quarkus.http.auth.permission.public.policy=permit

quarkus.http.auth.policy.admin-role.roles-allowed=ADMINISTRATEUR_SYSTEME
quarkus.http.auth.permission.admin.paths=/api/bo/private/**
quarkus.http.auth.permission.admin.policy=admin-role
quarkus.http.auth.permission.admin.enabled=true

mp.jwt.verify.publickey.location=jwt/publicKey.pem
mp.jwt.verify.issuer=https://xxxxx.fr
quarkus.smallrye-jwt.enabled=true
smallrye.jwt.sign.key.location=jwt/privateKey.pem

it worth notting that the lines

mp.jwt.verify.publickey.location=jwt/publicKey.pem
mp.jwt.verify.issuer=https://xxxxx.fr
quarkus.smallrye-jwt.enabled=true
smallrye.jwt.sign.key.location=jwt/privateKey.pem

are in gray in my IDE ( Intellij), and my IDE say they are not used nor by my project nor it’s dependency.

Speaking of dependency, I have this in my pom:

<dependencies>
...
<dependency>
  <groupId>io.quarkus</groupId>
  <artifactId>quarkus-smallrye-jwt-build</artifactId>
</dependency>
<dependency>
  <groupId>io.quarkus</groupId>
  <artifactId>quarkus-smallrye-health</artifactId>
</dependency>
   <dependency>
  <groupId>io.quarkus</groupId>
  <artifactId>quarkus-smallrye-jwt</artifactId>
</dependency>
  <dependency>
  <groupId>io.quarkus</groupId>
  <artifactId>quarkus-smallrye-openapi</artifactId>
</dependency>

Any idea?

Answer

The issue was, the double “**” a simple * work just fine

quarkus.http.auth.permission.admin.paths=/api/bo/private/*