Skip to content
This repository has been archived by the owner. It is now read-only.
Sample auth webhooks for the Hasura GraphQL engine
JavaScript
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
assets First commit Jul 5, 2018
auth0 Returning anonymous headers when the request cannot be authenticated Jul 10, 2018
code-samples move firebase-cloud-functions dir under code-samples Jul 30, 2018
firebase Returning anonymous headers when the request cannot be authenticated Jul 10, 2018
.gitignore First commit Jul 5, 2018
Procfile First commit Jul 5, 2018
README.md Update README.md Sep 13, 2018
app.json First commit Jul 5, 2018
package-lock.json First commit Jul 5, 2018
package.json
server.js

README.md

Important: Moved to hasura/graphql-engine

The contents of this repo have been moved to hasura/graphql-engine. Please create all issues and pull requests there.

Sample Auth Webhook for Hasura GraphQL engine

This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.

It has boilerplate code written for auth0 and firebase auth. There is also a generic sample handler in server.js where you can handle your custom auth providers.

Quick deploy

Deploy with Heroku (recommended)

  1. Click the following button for deploying to Heroku.

    Deploy

  2. Once it is deployed, go to Manage App > Settings of your app and set the following environment variables if you want to use the associated providers.

    • AUTH_ZERO_DOMAIN: Example test.auth0.com
    • FIREBASE_CONFIG: Copy the contents of your serviceAccount JSON file for this field. Example:
         {
           "type": "service_account",
           "project_id": "testapp-2222",
           "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
           "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
           "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
           "client_id": "113608616484852272199",
           "auth_uri": "https://accounts.google.com/o/oauth2/auth",
           "token_uri": "https://accounts.google.com/o/oauth2/token",
           "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
           "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
         }
      

    If you are not using an auth provider, you need not enter the environment variable associated with it

Deploy using Now

Run the following commands to deploy using Now.

$ git clone https://github.com/hasura/sample-auth-webhook && cd sample-auth-webhook
$ npm install -g now
$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com' -e \
  FIREBASE_CONFIG='{
          "type": "service_account",
          "project_id": "testapp-2222",
          "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
          "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
          "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
          "client_id": "113608616484852272199",
          "auth_uri": "https://accounts.google.com/o/oauth2/auth",
          "token_uri": "https://accounts.google.com/o/oauth2/token",
          "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
          "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
        }'

If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com'

Deploy with Glitch

  1. Click the following button to edit on glitch

    glitch-deploy-button

  2. Add the following environment variables in the .env file on glitch.

    AUTH_ZERO_DOMAIN='test.auth0.com'
    FIREBASE_CONFIG='{
      "type": "service_account",
      "project_id": "testapp-2222",
      "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
      "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
      "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
      "client_id": "113608616484852272199",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://accounts.google.com/o/oauth2/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
    }'
    

    If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

      AUTH_ZERO_DOMAIN='test.auth0.com'
    

Usage with Hasura GraphQL engine

Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.

Read the docs.

Auth0

Send the auth0 access_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <access_token>"
}

Firebase

Send the firebase id_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <id_token>"
}
You can’t perform that action at this time.