{"id":18291079,"url":"https://github.com/hakdogan/jwt-rbac-quarkus","last_synced_at":"2026-04-29T00:34:01.094Z","repository":{"id":63284705,"uuid":"386631166","full_name":"hakdogan/jwt-rbac-quarkus","owner":"hakdogan","description":"This repository is a tutorial for JUG Istanbul's How to use JWT RBAC with Quarkus meetup that showing how to verify JSON Web Tokens and provide secured access to the HTTP endpoints using Bearer Token Authorization and RBAC in Quarkus","archived":false,"fork":false,"pushed_at":"2021-08-01T14:39:56.000Z","size":18,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-25T14:58:47.196Z","etag":null,"topics":["microprofile-jwt","quarkus"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hakdogan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-07-16T12:34:49.000Z","updated_at":"2021-08-01T14:39:58.000Z","dependencies_parsed_at":"2022-11-16T09:15:16.842Z","dependency_job_id":null,"html_url":"https://github.com/hakdogan/jwt-rbac-quarkus","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hakdogan/jwt-rbac-quarkus","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakdogan%2Fjwt-rbac-quarkus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakdogan%2Fjwt-rbac-quarkus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakdogan%2Fjwt-rbac-quarkus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakdogan%2Fjwt-rbac-quarkus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hakdogan","download_url":"https://codeload.github.com/hakdogan/jwt-rbac-quarkus/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hakdogan%2Fjwt-rbac-quarkus/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32405901,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-28T19:38:08.556Z","status":"ssl_error","status_checked_at":"2026-04-28T19:37:55.688Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["microprofile-jwt","quarkus"],"created_at":"2024-11-05T14:13:07.424Z","updated_at":"2026-04-29T00:34:01.078Z","avatar_url":"https://github.com/hakdogan.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# How to Use JWT RBAC in Quarkus\n\nThis repository is a tutorial for `JUG Istanbul`'s `How to use JWT RBAC with Quarkus` meetup that showing how to verify JSON Web Tokens and provide secured access to the HTTP endpoints using Bearer Token Authorization and Role-Based Access Control in Quarkus.\n\n```java\n@Provider\n@Secured\npublic class AuthenticationFilter implements ContainerRequestFilter\n{\n\n    private static final Logger LOG = LoggerFactory.getLogger(SignInResource.class);\n\n    @Context\n    HttpServerRequest httpServerRequest;\n\n    @Override\n    public void filter(ContainerRequestContext context) throws IOException {\n\n        var method = context.getMethod();\n        var uriInfo = context.getUriInfo();\n\n        var path = uriInfo.getPath();\n        var remoteAddress = httpServerRequest.remoteAddress().toString();\n        var auth = null != context.getHeaderString(HttpHeaders.AUTHORIZATION);\n\n        if(!auth) {\n            context.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());\n            return;\n        }\n\n        LOG.info(String.format(\"Request %s %s from IP %s User %s\", method, path, remoteAddress,\n                context.getSecurityContext().getUserPrincipal().getName()));\n    }\n}\n\n```\n\n```java\n@Path(\"/api/secured\")\n@RequestScoped\n@Secured\n@Consumes(MediaType.APPLICATION_JSON)\n@Produces(MediaType.APPLICATION_JSON)\npublic class AuthorizedUserResource {\n ....   \n}\n```\n\n```java\n@Provider\n@SecuredForAdmin\npublic class AdminAuthorizationFilter implements ContainerRequestFilter\n{\n\n    @Override\n    public void filter(ContainerRequestContext context) throws IOException {\n\n        if(!context.getSecurityContext().isUserInRole(\"admin\")) {\n            context.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());\n        }\n    }\n}\n```\n\n```java\n@POST\n@Path(\"/addUser\")\n@SecuredForAdmin\n@Transactional\npublic User addUser(final UserDTO dto){\n    return User.add(dto);\n}\n```\n## Usage examples\n\n```shell\nexport token=$(http POST localhost:8080/api/signIn/guest/12345)\nhttp POST http://localhost:8080/api/secured/addUser \\\n\"username\"=\"testUser\", \\\n\"password\"=\"12345\", \\\n\"role\"=\"user\" 'Authorization: Bearer '$token\nHTTP/1.1 401 Unauthorized\nContent-Length: 0\n\nexport token=$(http POST localhost:8080/api/signIn/hakdogan/12345)\nhttp POST http://localhost:8080/api/secured/addUser \\\n\"username\"=\"testUser\", \\\n\"password\"=\"12345\", \\\n\"role\"=\"user\" 'Authorization: Bearer '$token\nHTTP/1.1 200 OK\nContent-Length: 119\nContent-Type: application/json\n\n{\n    \"id\": 4,\n    \"password\": \"$2a$10$.x9NaYIin1EqI/C5nsxAD.6cisP4HghRgDNmfG/N0nQkk8AeAGAcW\",\n    \"role\": \"user\",\n    \"username\": \"testUser,\"\n}\n```\n\n## Requirements\n\n- JDK 11 or later\n- Maven 3.8.1 or later\n- Docker (for Postgresql)  \n\n## How to run\n```shell\n#You must run rsaKeyPair.sh script before running the application\nmvn quarkus:dev\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhakdogan%2Fjwt-rbac-quarkus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhakdogan%2Fjwt-rbac-quarkus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhakdogan%2Fjwt-rbac-quarkus/lists"}