From bd2a6a601bcfef75dd962314181bcf938a4e0233 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 5 Apr 2026 12:40:49 +0200
Subject: [PATCH] test: update TestSecurityConfig with org and role claims for
 Logto tokens

---
 .../java/net/siegeln/cameleer/saas/TestSecurityConfig.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/test/java/net/siegeln/cameleer/saas/TestSecurityConfig.java b/src/test/java/net/siegeln/cameleer/saas/TestSecurityConfig.java
index b305ae9..cbf78aa 100644
--- a/src/test/java/net/siegeln/cameleer/saas/TestSecurityConfig.java
+++ b/src/test/java/net/siegeln/cameleer/saas/TestSecurityConfig.java
@@ -6,7 +6,7 @@ import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 
 import java.time.Instant;
-import java.util.Map;
+import java.util.List;
 
 @TestConfiguration
 public class TestSecurityConfig {
@@ -14,9 +14,12 @@ public class TestSecurityConfig {
     @Bean
     public JwtDecoder jwtDecoder() {
         return token -> Jwt.withTokenValue(token)
-                .header("alg", "RS256")
+                .header("alg", "ES384")
                 .claim("sub", "test-user")
                 .claim("iss", "https://test-issuer.example.com/oidc")
+                .claim("organization_id", "test-org-id")
+                .claim("roles", List.of("platform-admin"))
+                .claim("organization_roles", List.of("admin"))
                 .issuedAt(Instant.now())
                 .expiresAt(Instant.now().plusSeconds(3600))
                 .build();