MicroProfile JWT Bridge

[Emily Jiang]

I would like to start the conversation regarding the release of MicroProfile JWT Bridge. It seems the spec is nearly there.

Sergey, can you provide an ETA for the first release? Arjan, can you take a look at the spec and confirm whether this has addressed your use case in Jakarta Security?

--

Thanks
Emily

[Sergey Beryozkin]

Hi Emily, Arjan, All

On Mon, Oct 14, 2024 at 10:52 PM 'Emily Jiang' via MicroProfile <microp...@googlegroups.com> wrote:

I would like to start the conversation regarding the release of MicroProfile JWT Bridge. It seems the spec is nearly there.

Sergey, can you provide an ETA for the first release?

Right now, we only have an annotation mirroring MP JWT properties.

I'm expecting IBM colleagues to proceed with the agreed plan to start porting MP JWT TCK tests to MP JWT Bridge.

We only need a single TCK test, which is now in the MP JWT Bridge, running in the MP JWT Bridge aware OpenLiberty implementation, I can help with copying the rest of them

from MP JWT to MP JWT Bridge .

Once the OpenLiberty implementation has the first test passing, the rest will also pass, because MP JWT Bridge annotation is just, essentially, a ConfigSouice, alternative to the application.properties.

The other planned MP JWT Bridge parts like Jakarta EE tests for EJB, servlets, etc are not going to happen without the contributions from others (Arjan, Tometribe team, etc).

I don't expect it to happen in the MP JWT Bridge 1.0.

I've also been thinking about getting MP JWT 2.2 out first, to make the signature and encryption algorithms consistently represented as List at the MP JWT Bridge annotation level, but my MP JWT 2.2 PR dealing with it is like 4 months old, with zero feedback... I guess MP JWT Bridge can evolve independently in this particular case

Thanks, Sergey

 

Arjan, can you take a look at the spec and confirm whether this has addressed your use case in Jakarta Security?

--

Thanks
Emily

--
You received this message because you are subscribed to the Google Groups "MicroProfile" group.
To unsubscribe from this group and stop receiving emails from it, send an email to microprofile...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/microprofile/CAECq3A99SPCgo7MzJBjDELamzkPcxQyd%3DXtEL4GyFna2SKL0_w%40mail.gmail.com.

[Emily Jiang]

Hi Sergey,

Thanks for the explanation!

On Tuesday, October 15, 2024 at 12:49:31 PM UTC+1 Siarhei Biarozkin wrote:

Hi Emily, Arjan, All

On Mon, Oct 14, 2024 at 10:52 PM 'Emily Jiang' via MicroProfile <microp...@googlegroups.com> wrote:

I would like to start the conversation regarding the release of MicroProfile JWT Bridge. It seems the spec is nearly there.

Sergey, can you provide an ETA for the first release?

Right now, we only have an annotation mirroring MP JWT properties.

I'm expecting IBM colleagues to proceed with the agreed plan to start porting MP JWT TCK tests to MP JWT Bridge.

Unfortunately, this might not work due to the resource issues. Would it be possible to use SmallRye JWT or other runtimes to do the tests porting?

We only need a single TCK test, which is now in the MP JWT Bridge, running in the MP JWT Bridge aware OpenLiberty implementation, I can help with copying the rest of them

from MP JWT to MP JWT Bridge .

Once the OpenLiberty implementation has the first test passing, the rest will also pass, because MP JWT Bridge annotation is just, essentially, a ConfigSouice, alternative to the application.properties.

I think the spec team needs to revisit this plan due to the resource constraints I mentioned above. Would Wildfly be an option?

The other planned MP JWT Bridge parts like Jakarta EE tests for EJB, servlets, etc are not going to happen without the contributions from others (Arjan, Tometribe team, etc).

I don't expect it to happen in the MP JWT Bridge 1.0.

I would leave EJB out of this as it is the technology to be replaced by CDI in the future. Arjan, please provide your thoughts on this.

I've also been thinking about getting MP JWT 2.2 out first, to make the signature and encryption algorithms consistently represented as List at the MP JWT Bridge annotation level, but my MP JWT 2.2 PR dealing with it is like 4 months old, with zero feedback... I guess MP JWT Bridge can evolve independently in this particular case

Maybe getting MP JWT 2.2 out in MP 7.next is a better option. Do you mean this PR: https://github.com/eclipse/microprofile-jwt-auth/pull/333/files? I will get Adam Yoho from IBM to take a look at it .

[Sergey Beryozkin]

Hi Emily

On Thu, Oct 17, 2024 at 9:05 AM 'Emily Jiang' via MicroProfile <microp...@googlegroups.com> wrote:

Hi Sergey,

Thanks for the explanation!

Np, thanks for moving the conversation about the MP JET Bridge here,

 

On Tuesday, October 15, 2024 at 12:49:31 PM UTC+1 Siarhei Biarozkin wrote:

Hi Emily, Arjan, All

On Mon, Oct 14, 2024 at 10:52 PM 'Emily Jiang' via MicroProfile <microp...@googlegroups.com> wrote:

I would like to start the conversation regarding the release of MicroProfile JWT Bridge. It seems the spec is nearly there.

Sergey, can you provide an ETA for the first release?

Right now, we only have an annotation mirroring MP JWT properties.

I'm expecting IBM colleagues to proceed with the agreed plan to start porting MP JWT TCK tests to MP JWT Bridge.

Unfortunately, this might not work due to the resource issues. Would it be possible to use SmallRye JWT or other runtimes to do the tests porting?

I work for Quarkus so we can't use SmallRye JWT with MP Bridge to verify it right now.

 

We only need a single TCK test, which is now in the MP JWT Bridge, running in the MP JWT Bridge aware OpenLiberty implementation, I can help with copying the rest of them

from MP JWT to MP JWT Bridge .

Once the OpenLiberty implementation has the first test passing, the rest will also pass, because MP JWT Bridge annotation is just, essentially, a ConfigSouice, alternative to the application.properties.

I think the spec team needs to revisit this plan due to the resource constraints I mentioned above. Would Wildfly be an option?

See, maybe it is possible and will require some further coordination and planning within Red Hat.

My problem as an MP JWT / JWT Bridge contributor is that having a spec created by a single man or company does not really create a spec, right ?

Adam helped a lot to get MP JWT Bridge off the ground, we don't have time to get into MP 7.1 anyway now, so perhaps we can try it for 8.0 ? 

Please discuss with the IBM team, at least, if I do the core spec partt, and IBM offerring an implementation (which is about getting MP JWT config properties from the annotation vs application properties), we can say, this is a spec created by MP participants working together...

The other planned MP JWT Bridge parts like Jakarta EE tests for EJB, servlets, etc are not going to happen without the contributions from others (Arjan, Tometribe team, etc).

I don't expect it to happen in the MP JWT Bridge 1.0.

I would leave EJB out of this as it is the technology to be replaced by CDI in the future. Arjan, please provide your thoughts on this.

Sure, +1, it can be added iteratively if/when needed.

 

I've also been thinking about getting MP JWT 2.2 out first, to make the signature and encryption algorithms consistently represented as List at the MP JWT Bridge annotation level, but my MP JWT 2.2 PR dealing with it is like 4 months old, with zero feedback... I guess MP JWT Bridge can evolve independently in this particular case

Maybe getting MP JWT 2.2 out in MP 7.next is a better option. Do you mean this PR: https://github.com/eclipse/microprofile-jwt-auth/pull/333/files? I will get Adam Yoho from IBM to take a look at it .

IMHO it can be quite realistic, I'll try to complete the TCK support for that PR

Cheers, Sergey

 

Thanks, Sergey

 

Arjan, can you take a look at the spec and confirm whether this has addressed your use case in Jakarta Security?

--

Thanks
Emily

--
You received this message because you are subscribed to the Google Groups "MicroProfile" group.
To unsubscribe from this group and stop receiving emails from it, send an email to microprofile...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/microprofile/CAECq3A99SPCgo7MzJBjDELamzkPcxQyd%3DXtEL4GyFna2SKL0_w%40mail.gmail.com.

--
You received this message because you are subscribed to the Google Groups "MicroProfile" group.
To unsubscribe from this group and stop receiving emails from it, send an email to microprofile...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/microprofile/6ed6a61d-f263-4671-b2a1-d452ea900ec6n%40googlegroups.com.