Janis
98c64fc0d5
The official-bots service enabled smallrye-jwt but never set mp.jwt.verify.publickey.location or issuer, so it could not validate any incoming token and rejected every authenticated request with 401. Add the verify public key (issuer nowchess) mirroring tournament/core, and ship keys/public.pem from the shared keypair. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Reviewed-on: #72
52 lines
1.0 KiB
YAML
52 lines
1.0 KiB
YAML
quarkus:
|
|
http:
|
|
port: 8088
|
|
application:
|
|
name: nowchess-official-bots
|
|
redis:
|
|
hosts: redis://${REDIS_HOST:localhost}:${REDIS_PORT:6379}
|
|
rest-client:
|
|
account-service:
|
|
url: http://localhost:8083
|
|
smallrye-jwt:
|
|
enabled: true
|
|
log:
|
|
level: INFO
|
|
mp:
|
|
jwt:
|
|
verify:
|
|
publickey:
|
|
location: ${JWT_PUBLIC_KEY_PATH:keys/public.pem}
|
|
issuer: nowchess
|
|
|
|
nowchess:
|
|
redis:
|
|
host: localhost
|
|
port: 6379
|
|
prefix: nowchess
|
|
internal:
|
|
secret: 123abc
|
|
|
|
"%deployed":
|
|
quarkus:
|
|
log:
|
|
console:
|
|
json: true
|
|
otel:
|
|
traces:
|
|
sampler: parentbased_traceidratio
|
|
sampler-arg: 0.1
|
|
exporter:
|
|
otlp:
|
|
endpoint: ${OTEL_EXPORTER_OTLP_ENDPOINT:http://localhost:4317}
|
|
rest-client:
|
|
account-service:
|
|
url: ${ACCOUNT_SERVICE_URL}
|
|
nowchess:
|
|
redis:
|
|
host: ${REDIS_HOST:localhost}
|
|
port: ${REDIS_PORT:6379}
|
|
prefix: ${REDIS_PREFIX:nowchess}
|
|
internal:
|
|
secret: ${INTERNAL_SECRET}
|