feat: TCK SUT requires authentication

[jmesnil]

Use a simple properties file with 1 user
credential.

This requires the TCK to be configured to use HTTP basic authentication in its .env):

A2A_AUTH_TYPE=basic
A2A_AUTH_USERNAME=alice
A2A_AUTH_PASSWORD=a2a-p4ssw0rd

[gemini-code-assist]

Summary of Changes

Hello @jmesnil, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces basic authentication to the TCK's System Under Test (SUT). It integrates Quarkus's built-in security features to enable HTTP Basic Authentication, defining a simple user credential within the application properties. This change ensures that the TCK can properly test scenarios requiring authenticated access, enhancing the robustness of the test suite.

Highlights

• Authentication Enabled: The TCK System Under Test (SUT) now requires authentication, specifically HTTP Basic Authentication, to align with security requirements.
• Quarkus Security Integration: The quarkus-elytron-security-properties-file dependency has been added to enable properties file-based user management for authentication.
• AgentCard Configuration: The AgentCard produced by AgentCardProducer now declares an 'acme' security scheme using HTTP Basic Authentication and indicates support for ExtendedAgentCard.
• Embedded User Credentials: A test user 'alice' with a predefined password 'a2a-p4ssw0rd' has been configured in application.properties for basic authentication.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces basic authentication for the TCK SUT. The changes include adding the necessary Quarkus security dependency, updating the agent card to advertise the security scheme, and configuring an embedded user in application.properties. My review focuses on improving security practices by avoiding plain-text passwords, ensuring correctness in the agent card definition, and addressing an incomplete feature implementation. All comments align with project guidelines or are not covered by specific rules, and are therefore kept as is.