Support for auth headers

[jexp]

It would be great if graphql-cli would always use the explicit EndpointExtension config format and not the URL-string one, and also asked for additional information like auth headers during graphql init.

When I try to run graphql ping I get this error message, which means that (of course) my authentication header is missing.

graphql ping
Sending { __typename } query to https://10-0-1-15-34134.neo4jsandbox.com/graphql/

GraphQL Error (Code: 502): {"response":{....

Unfortunately I didn’t think about looking through the graphql-config spec, so I delved into the code of graphql-cli and then graphql-config, looking for a place to add header information.
I found the code that treated the “endpoints” entries, either as URL if they are a string, or as “EndpointExtension” object otherwise, which then can also contain other information, like headers.
So I changed the entry manually into a JSON object and added my auth header information.

[schickling]

graphql-cli does support auth headers based on graphql-config (see here).

We evaluated to add for auth headers during the init process but decided against it. Happy to hear other opinions about this!

[linonetwo]

People trying this tool may use it against Github GrphQL API v4 for a try, which needs an auth header. I think asking whether to set this field on init process is reasonable.

And teach user to use ENV after init?

[DarkDust]

I was searching for the command line option to set the header, found none and was wondering how one is supposed to use OAuth with this tool. So I googled and ended up here. I understand the reasoning for doing it via the environment variable and it is a good solution but for a newbie it's utterly unintuitive without any pointers whatsoever.

One way to improve the situation might be to provide some help page that describes how to do the setup and reference that in the CLI tool.

[kbrandwijk]

Currently, the only endpoint configuration related command is add-endpoint. Should there be other commands to manage endpoints?

• graphql endpoint add (with the current add-endpoint as alias for backwards compatibility)
• graphql endpoint set header
• graphql endpoint remove header
• graphql endpoint set url

Or would it be sufficient to ask for headers during graphql add-endpoint and use manual editing of the .graphqlconfig.yml file afterwards?

[schickling]

I think for now the workflow should be centered around the graphqlconfig file until we've collected more use cases. graphql endpoint xxx subcommands might seem like a great idea for v2 of graphql-cli.

[kbrandwijk]

Thank you for all the feedback. This is added to the wishlist for v3: #73.