Skip to content
This repository has been archived by the owner on Sep 13, 2018. It is now read-only.
/ sample-auth-webhook Public archive

Sample auth webhooks for the Hasura GraphQL engine

Notifications You must be signed in to change notification settings

hasura/sample-auth-webhook

Repository files navigation

Important: Moved to hasura/graphql-engine

The contents of this repo have been moved to hasura/graphql-engine. Please create all issues and pull requests there.

Sample Auth Webhook for Hasura GraphQL engine

This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.

It has boilerplate code written for auth0 and firebase auth. There is also a generic sample handler in server.js where you can handle your custom auth providers.

Quick deploy

Deploy with Heroku (recommended)

  1. Click the following button for deploying to Heroku.

    Deploy

  2. Once it is deployed, go to Manage App > Settings of your app and set the following environment variables if you want to use the associated providers.

    • AUTH_ZERO_DOMAIN: Example test.auth0.com
    • FIREBASE_CONFIG: Copy the contents of your serviceAccount JSON file for this field. Example:
         {
           "type": "service_account",
           "project_id": "testapp-2222",
           "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
           "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
           "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
           "client_id": "113608616484852272199",
           "auth_uri": "https://accounts.google.com/o/oauth2/auth",
           "token_uri": "https://accounts.google.com/o/oauth2/token",
           "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
           "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
         }
      

    If you are not using an auth provider, you need not enter the environment variable associated with it

Deploy using Now

Run the following commands to deploy using Now.

$ git clone https://github.com/hasura/sample-auth-webhook && cd sample-auth-webhook
$ npm install -g now
$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com' -e \
  FIREBASE_CONFIG='{
          "type": "service_account",
          "project_id": "testapp-2222",
          "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
          "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
          "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
          "client_id": "113608616484852272199",
          "auth_uri": "https://accounts.google.com/o/oauth2/auth",
          "token_uri": "https://accounts.google.com/o/oauth2/token",
          "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
          "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
        }'

If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

$ now -e \
  AUTH_ZERO_DOMAIN='test.auth0.com'

Deploy with Glitch

  1. Click the following button to edit on glitch

    glitch-deploy-button

  2. Add the following environment variables in the .env file on glitch.

    AUTH_ZERO_DOMAIN='test.auth0.com'
    FIREBASE_CONFIG='{
      "type": "service_account",
      "project_id": "testapp-2222",
      "private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
      "private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
      "client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
      "client_id": "113608616484852272199",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://accounts.google.com/o/oauth2/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
    }'

    If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the command last command you should run is,

      AUTH_ZERO_DOMAIN='test.auth0.com'

Usage with Hasura GraphQL engine

Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.

Read the docs.

Auth0

Send the auth0 access_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <access_token>"
}

Firebase

Send the firebase id_token as a header while making queries to the graphql-engine.

{
  "Authorization": "Bearer <id_token>"
}

About

Sample auth webhooks for the Hasura GraphQL engine

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •