Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GraphQL security scopes #729

Closed
Pavel910 opened this issue Feb 28, 2020 · 0 comments
Closed

GraphQL security scopes #729

Pavel910 opened this issue Feb 28, 2020 · 0 comments
Assignees
Labels
bug work-in-progress (wip) The issue is not yet finished, please wait the author to confirm its definition is complete.

Comments

@Pavel910
Copy link
Collaborator

Before moving to Apollo Federation we were able to list all system security scopes via a simple query on security field:

{
    security {
        scopes
    }
}

Now that all services are standalone, we no longer have the ability to see all existing scopes.

Proposed solution

Each @webiny/api-* package that defines GQL schema, should provide a plugin which contains a list of scopes (and possibly a description of each scope?). Then in serverless.yml we will use those plugins when deploying the security service, like this:

security:
  component: "@webiny/serverless-apollo-service"
  inputs:
    region: ${vars.region}
    memory: 512
    timeout: 30
    debug: ${vars.debug}
    plugins:
      - factory: "@webiny/api-plugin-create-apollo-handler"
        options: ${vars.apollo}
      - factory: "@webiny/api-plugin-commodo-db-proxy"
        options:
          functionArn: ${dbProxy.arn}
      - factory: "@webiny/api-security/plugins"
        options: ${vars.security}
      - factory: "@webiny/api-plugin-security-cognito"
        options:
          region: ${vars.region}
          userPoolId: ${cognito.userPool.Id}
      - factory: "@webiny/api-page-builder/plugins/scopes"
      - factory: "@webiny/api-form-builder/plugins/scopes"
      - factory: "@webiny/api-i18n/plugins/scopes"

If there are better ways to implement this, I'm open to suggestions.

@Pavel910 Pavel910 added the bug label Feb 28, 2020
@adrians5j adrians5j added the work-in-progress (wip) The issue is not yet finished, please wait the author to confirm its definition is complete. label Mar 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug work-in-progress (wip) The issue is not yet finished, please wait the author to confirm its definition is complete.
Projects
None yet
Development

No branches or pull requests

2 participants