Support authentication through payas-test module #61

ramnivas · 2021-06-17T19:06:49Z

Introduce a mechanism to specify the requesting user. Perhaps something like:

operation: |
    query($id:Int!) {
        venue(id:$id) {
            name
        }
    } 
variable: |
    {
        "id": 1
    }
user: |
    {
       "sub": 20
       "role": "ROLE_ADMIN"
    }

Use a random string as the PAYAS_JWT_SECRET env variable and use that to both start the server and compute the JWT token after adding additional data needed to the "user" specified. For example,

JWT header:

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload:

{
  "sub":<user.sub>,
  "iat": <now in seconds since epoch>,
  "exp": <now+one hour in seconds since epoch>,
  "role": <user.role>
}

Make requests with the header Authorization: Bearer <the computed JWT token>

The text was updated successfully, but these errors were encountered:

fx-chun · 2021-06-18T14:04:29Z

Proposed format looks OK to me, will try to implement as-is

ramnivas added the auth label Jun 17, 2021

ramnivas assigned fx-chun Jun 17, 2021

ramnivas added the int-test label Jun 18, 2021

fx-chun mentioned this issue Jun 21, 2021

Initial implementation of integration tests with authentication #77

Merged

fx-chun closed this as completed in #77 Jun 22, 2021

ramnivas unassigned fx-chun Apr 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support authentication through payas-test module #61

Support authentication through payas-test module #61

ramnivas commented Jun 17, 2021 •

edited

fx-chun commented Jun 18, 2021

Support authentication through payas-test module #61

Support authentication through payas-test module #61

Comments

ramnivas commented Jun 17, 2021 • edited

fx-chun commented Jun 18, 2021

ramnivas commented Jun 17, 2021 •

edited