Closed giovannicandido closed 2 years ago
@giovannicandido , this lib is intended to be used in unit-tests only.
It is not producing actual JWT (I mean encoded, signed, valid, ... claim-set), but just "hacking" test security context with Authentication
instances that contain just the data the test needs. The all process of JWT decoding, validition and mapping to authentication instance is skipped.
What you request would require to create a valid JWT, which includes a signature. Only the authorisation server your app is configured to use can sign the payload.
If you're writing integration tests, you should have an authorization server running (your app is going to need it to fetch OpenID configuration at start). I'm affraid, you'll have to write utility functions using a REST client to get valid tokens from this authorization server and then add this tokens to your requests authorization headers.
Is your feature request related to a problem? Please describe. When writing integration tests with keycloak auth enabled, the only approach I find is to disable authentication entirely. It would be nice if we could inject auth token to TestRestTemplate
Describe the solution you'd like The same integration we have with MockMvc in TestRestTemplate
Describe alternatives you've considered No alterantives