GithubHelp home page GithubHelp logo

sample-auth-webhook's Introduction

Important: Moved to hasura/graphql-engine

The contents of this repo have been moved to hasura/graphql-engine. Please create all issues and pull requests there.

Sample Auth Webhook for Hasura GraphQL engine

This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.

It has boilerplate code written for auth0 and firebase auth. There is also a generic sample handler in server.js where you can handle your custom auth providers.

Quick deploy

Deploy with Heroku (recommended)

  1. Click the following button for deploying to Heroku.

    Deploy

  2. Once it is deployed, go to Manage App > Settings of your app and set the following environment variables if you want to use the associated providers.

    • AUTH_ZERO_DOMAIN: Example test.auth0.com
    • FIREBASE_CONFIG: Copy the contents of your serviceAccount JSON file for this field. Example: 
         {
     "type": "service_account",
     "project_id": "testapp-2222",
     "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
     "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
     "client_email": "[email protected]",
     "client_id": "113608616484852272199",
     "auth_uri": "https://accounts.google.com/o/oauth2/auth",
     "token_uri": "https://accounts.google.com/o/oauth2/token",
     "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
     "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
   }

    If you are not using an auth provider, you need not enter the environment variable associated with it

Deploy using Now

Run the following commands to deploy using Now.

$ git clone https://github.com/hasura/sample-auth-webhook && cd sample-auth-webhook
$ npm install -g now
$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com' -e \
  FIREBASE_CONFIG='{
          "type": "service_account",
          "project_id": "testapp-2222",
          "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
          "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
          "client_email": "[email protected]",
          "client_id": "113608616484852272199",
          "auth_uri": "https://accounts.google.com/o/oauth2/auth",
          "token_uri": "https://accounts.google.com/o/oauth2/token",
          "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
          "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
        }'

If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com'

Deploy with Glitch

  1. Click the following button to edit on glitch

    glitch-deploy-button

  2. Add the following environment variables in the .env file on glitch.

    AUTH_ZERO_DOMAIN='test.auth0.com'
FIREBASE_CONFIG='{
  "type": "service_account",
  "project_id": "testapp-2222",
  "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
  "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
  "client_email": "[email protected]",
  "client_id": "113608616484852272199",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'

    If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

      AUTH_ZERO_DOMAIN='test.auth0.com'

Usage with Hasura GraphQL engine

Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.

Read the docs.

Auth0

Send the auth0 access_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <access_token>"
}

Firebase

Send the firebase id_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <id_token>"
}

sample-auth-webhook's People

Contributors

coco98 avatar moksahero avatar shahidhk avatar wawhal avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

moksahero shahidhk raheelriax bhaidar himanshu-dixit gun-jack diazhh mykoabe

sample-auth-webhook's Issues

Only "simple webhook" is working

Hey,

I deployed this repository in Now trying to add authentication to my backend.
Only the endpoint /simple/webhook worked and I cannot use GET on the other two endpoints: /auth0 and /firebase.

My main interest is auth0 and I believe to have set the variable AUTH_ZERO_DOMAIN correctly.

Here is the link to the webhook: https://sample-auth-webhook-omfuteznfi.now.sh

Can you please help me pinpoint the source of the error?

I have also deployed the GraphQL engine and pointed it to the simple webhook endpoint by setting the environment variable:

"HASURA_GRAPHQL_AUTH_HOOK": "https://sample-auth-webhook-omfuteznfi.now.sh/simple/webhook"

I still can not access data and get the following response that states : "Error: Invalid response from authorization hook"
image

I really liked the GraphQL engine and am trying to explore it further and strongly considering it for production.
I would appreciate your help on this issue.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.