Skip to content

feat(auth): Allow none signing for development environments #8066

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

feat(auth): Allow none signing for development environments #8066

wants to merge 1 commit into from

Conversation

Bob-Thomas
Copy link

@Bob-Thomas Bob-Thomas commented Oct 2, 2021
edited
Loading

"TL;DR"

Enable the "none" signing algorithm in the supported algorithms list in dgraph to allow the usage of unsigned tokens during development.
(https://discuss.dgraph.io/t/accepting-the-none-algorithm-in-dgraph-graphql-auth/15813)

I was developing dgraph locally and using the firebase emulator as an auth provider.
But I had to disable the authentication layer on my local environment because dgraph doesn't support the JWT none signing method.

This method is being used in the firebase emulator to generate unsigned tokens to use during development and is only able to generate these using the emulator and cannot be adjusted to created actual signed tokens.

But I would love to actually test authentication in dgraph locally as well using the emulated firebase authentication flow. So to solve this I am making this pull request to enable the "none" signing algorithm in the supported algorithm list in dgraph auth.

I haven't tested the implementation yet will do that later this week. But feel free to review and let me know if this is worth pursuing or requires a totally different approach.|

Thanks in advance for the review

This change is Reviewable

@CLAassistant
Copy link

CLAassistant commented Oct 2, 2021
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@Bob-Thomas Bob-Thomas marked this pull request as ready for review October 2, 2021 18:16
@Bob-Thomas
Copy link
Author

Ah also found the auth_test.go files so I will add test cases for this as well. After approval that this is something dgraph actually wants to support

@vanBrakel vanBrakel mentioned this pull request Oct 13, 2021
Closed
@Bob-Thomas
Copy link
Author

Updated the tests and added the ability to change the verificationKey in the graphql testutils with a new function.
AppendAuthInfoWithAlgoAndVerificationkey

@Bob-Thomas
Copy link
Author

@manishrjain is there a way to rerun the teamcity build?
It seems that the build failed on cleaning some directory or something

@MichelDiz
Copy link
Contributor

@Bob-Thomas Master doesn't exist anymore. Can you open a new PR pointing to Main? Thank you.
Closing and waiting a New PR.

@MichelDiz MichelDiz closed this Nov 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manishrjain manishrjain Awaiting requested review from manishrjain

Assignees
No one assigned
Labels
Check if resolved
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Bob-Thomas @CLAassistant @MichelDiz