Hi All
Right now the smallrye-jwt repository contains an implementation of the JWT build API [1].
While the API itself has had some good user feedback, the problems with the fact it is shipped as part of `smallrye-jwt` are as follows:
1. If the users just want to generate a JWT token and do not have MP JWT endpoints then it costs them by bringing the dependencies they don't need. I think it actually limits the reach of this API significantly
2. If the users do have MP JWT endpoints and do not plan to generate the tokens then they have the code around which they can't exclude - this is not a major problem because this generate code is quite lightweight and many libraries do have such code which is not of any interest to a given user as well :-)
Re point 1, I'd like it to be resolved for the OIDC client Quarkus branch I'm working upon to support the client_credentials JWT assertion authentications as in many case the users will not have the MP JWT servers but 'plain' Quarkus servers acting as OIDC service clients for ex.
This is why I'd like to move it into its own `smallrye-jwt-build` repository and have `smallrye-jwt` depend on `smallrye-jwt-build`: this will improve the modularization and give the users more options and should give this API more visibility.
Note I've opened an MP JWT PR to bring this JWT build API into MP JWT which I will have to refresh for MP JWT 2.0.
This implies, that once this PR is completed, MP JWT 2.0 TCK will have the JWT build tests. So smallrye-jwt by continuing depending on `smallrye-jwt-build`, will have these tests passing, while those users who don't really need to worry about TCKs can still exclude it if they prefer.
Roberto, others, does it sound reasonable ? Can a new `smallrye-jwt-build` repository if it sounds reasonable ?
Cheers, Sergey