I am following Quarkus OpenID Connect tutorial here.
But I don't need to check roles.
I want all endpoints except health-check and swagger-ui to check if the token is valid. Some times I may inject the JsonWebToken to use a claim. How can I do that using the extension?
Currently I haven't found a straight forward way to achieve this but Quarkus provides the
io.quarkus.security.Authenticated
annotation that will permit any authenticated user to access the resource (equivalent to@RolesAllowed("**")
).Check this guide for more information: https://quarkus.io/guides/security-authorization