Closed go4cas closed 5 years ago
Hi @go4cas envvars should be for validating what should or should not be passed? For example:
GRAPHL_PASS_HEADER_0=authorization
GRAPHL_PASS_HEADER_1=correlation-id
GRAPHL_PASS_HEADER_2=x-*
Thanks, @jakubknejzlik. So, let's say I have a header x-my-custom-header
that I need to forward to all my graphql endpoints, how would I do that?
Currently there's no way to achieve this, I just needed to understand what you are up to :). This one should be actually pretty easy to implement as the gateway already passes authorization
header:
https://github.com/graphql-services/graphql-gateway/blob/master/src/schema.ts#L33
So putting it to envvar like GRAPHQL_FORWARD_HEADERS=header1,header2,header3
should be ok (with default value authorizatin
), right?
That should work, yeah
@go4cas please check the unstable version with the new GRAPHQL_FORWARD_HEADERS
config option. If it works ok we can merge it to master.
@jakubknejzlik ... thanks for the quick response!
I've build the new Docker image, using the develop
branch. When starting the stack with docker-compose up
, the gateway service fails with a 401
. The reason for this is, when the service starts, it makes a call to each of the defined GraphQL endpoints. But, these expect a special header (with an access key - I'm using the Hasura framework), in my case.
So, although the feature to forward headers, once the service is up, is great, I think we'll need to add the option to set headers with values as part of the config, if possible.
Should I create a separate Feature Request issue for this?
To test, I have hard coded the header. The gateway starts up successfully, but when I post to the gateway, I get:
SyntaxError: Unexpected token
in JSON at position 14
at JSON.parse (<anonymous>)
at parse (/code/node_modules/body-parser/lib/types/json.js:89:19)
at /code/node_modules/body-parser/lib/read.js:121:18
at invokeCallback (/code/node_modules/raw-body/index.js:224:16)
at done (/code/node_modules/raw-body/index.js:213:7)
at IncomingMessage.onEnd (/code/node_modules/raw-body/index.js:273:7)
at emitNone (events.js:106:13)
at IncomingMessage.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1056:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
Extract from my docker-compose
:
graphql-gateway:
image: graphql/gateway:dev
links:
- tribes-service
- padlock-service
ports:
- 8080:80
environment:
- GRAPHQL_URL_0=http://host.docker.internal:8081/v1alpha1/graphql
- GRAPHQL_URL_1=http://host.docker.internal:8082/v1alpha1/graphql
- GRAPHQL_FORWARD_HEADERS=X-Hasura-Access-Key
Request: POST
http://localhost:8080/graphql
, with body:
{
"query": "{
employees {
id
}
}"
}
Okay, changing the body to this worked:
{
"query":"query {employees {name}}"
}
Hmmm...I didn't play a lot with Hasura
framework, but does it support to query for introspection query without authorization? Do you plan to send some default value for X-Hasura-Access-Key
during startup and for user queries the user's access token? The way we are using the gateway is that it shields the public requests, so the underlying services don't require authorization (usually).
It would be great to be able (maybe through env vars) to pass trough headers to all of the defined GraphQL endpoints.