Install jwtenizr.sh by downloading jwtenizr.jar and execute java -jar jwtenizr.jar

JWTenizr will generate:

jwtenizr-config.json with public, private key and target folder of microprofile-config.properties jwt-token.json : with Minimum MP-JWT Required Claims, a sample principal and a few groups. UPN becomes the Java EE principal, the groups are automatically mapped to Java EE roles. token.jwt : with information loaded from: jwt-token.json and can be used as input for automated system tests microprofile-config.properties comprising the public key an the issuer: copy to your WAR/src/main/resources/META-INF curl command. Is ready to use for testing with Authorization header and included token: curl -i -H'Authorization: Bearer eyJraW¢...(generated JWT token)' https://localhost:8080[RESOURCE and SUB-RESOURCES]

The JWT's claims and Principal become directly injectable and you can rely on the stock @RolesAllowed or @PermitAll annotations to guard methods.

See jwtenizr.sh with quarkus in (from scratch) action: