Closed go4cas closed 5 years ago
jakubknejzlik
commented
5 years ago Hi @go4cas envvars should be for validating what should or should not be passed? For example:
GRAPHL_PASS_HEADER_0=authorization
GRAPHL_PASS_HEADER_1=correlation-id
GRAPHL_PASS_HEADER_2=x-*
go4cas
commented
5 years ago Thanks, @jakubknejzlik. So, let's say I have a header x-my-custom-header that I need to forward to all my graphql endpoints, how would I do that?
jakubknejzlik
commented
5 years ago Currently there's no way to achieve this, I just needed to understand what you are up to :). This one should be actually pretty easy to implement as the gateway already passes authorization header:
https://github.com/graphql-services/graphql-gateway/blob/master/src/schema.ts#L33
So putting it to envvar like GRAPHQL_FORWARD_HEADERS=header1,header2,header3 should be ok (with default value authorizatin), right?
go4cas
commented
5 years ago That should work, yeah
jakubknejzlik
commented
5 years ago @go4cas please check the unstable version with the new GRAPHQL_FORWARD_HEADERS config option. If it works ok we can merge it to master.
go4cas
commented
5 years ago @jakubknejzlik ... thanks for the quick response!
I've build the new Docker image, using the develop branch. When starting the stack with docker-compose up, the gateway service fails with a 401. The reason for this is, when the service starts, it makes a call to each of the defined GraphQL endpoints. But, these expect a special header (with an access key - I'm using the Hasura framework), in my case.
So, although the feature to forward headers, once the service is up, is great, I think we'll need to add the option to set headers with values as part of the config, if possible.
Should I create a separate Feature Request issue for this?
go4cas
commented
5 years ago To test, I have hard coded the header. The gateway starts up successfully, but when I post to the gateway, I get:
SyntaxError: Unexpected token
in JSON at position 14
at JSON.parse (<anonymous>)
at parse (/code/node_modules/body-parser/lib/types/json.js:89:19)
at /code/node_modules/body-parser/lib/read.js:121:18
at invokeCallback (/code/node_modules/raw-body/index.js:224:16)
at done (/code/node_modules/raw-body/index.js:213:7)
at IncomingMessage.onEnd (/code/node_modules/raw-body/index.js:273:7)
at emitNone (events.js:106:13)
at IncomingMessage.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1056:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)Extract from my docker-compose:
graphql-gateway:
image: graphql/gateway:dev
links:
- tribes-service
- padlock-service
ports:
- 8080:80
environment:
- GRAPHQL_URL_0=http://host.docker.internal:8081/v1alpha1/graphql
- GRAPHQL_URL_1=http://host.docker.internal:8082/v1alpha1/graphql
- GRAPHQL_FORWARD_HEADERS=X-Hasura-Access-KeyRequest: POST http://localhost:8080/graphql, with body:
{
"query": "{
employees {
id
}
}"
}Okay, changing the body to this worked:
{
"query":"query {employees {name}}"
}Hmmm...I didn't play a lot with Hasura framework, but does it support to query for introspection query without authorization? Do you plan to send some default value for X-Hasura-Access-Key during startup and for user queries the user's access token? The way we are using the gateway is that it shields the public requests, so the underlying services don't require authorization (usually).
It would be great to be able (maybe through env vars) to pass trough headers to all of the defined GraphQL endpoints.