Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: extractCookie from GraphiQLHeader (#6894) #6895

Closed
wants to merge 4 commits into from

Conversation

zaiyou12
Copy link
Contributor

Implement a fix for this issue: #6894

Steps to reproduce

  1. Follow dbAuth document
  2. Setup GraphiQL header
  3. Open http://localhost:8911/graphql in browser
  4. See the following error:
api | 21:44:52 🌲 incoming request POST xxx /graphql
api | 21:44:52 🐛 Parsing request to extract GraphQL parameters
api | 21:44:52 🌲 request completed 29ms
api | 21:44:52 🐛 Processing GraphQL Parameters
api | 21:44:52 🚨 graphql-server Error building context. Error: Exception in getAuthenticationContext: Cannot read properties of undefined (reading 'id')

Solution description:

event.headers.cookie || event.headers.Cookie overwrites cookieFromGraphiqlHeader in below, even if user has generated graphiql headers. (It will return event.headers.cookie, not cookieFromGraphiqlHeader)

return (
event.headers.cookie || event.headers.Cookie || cookieFromGraphiqlHeader
)

When graphiql headers has recognized, it should be returned immediately to prevent overwriting issue.

@dthyresson
Copy link
Contributor

Thanks @zaiyou12 for finding that and fixing.

Could you add a test in packages/auth-providers-api/src/dbAuth/__tests__/shared.test.js so that we don't get a regression -- test that when graphiql headers has recognized, it should be returned immediately to prevent overwriting issue?

@dthyresson dthyresson added bug/confirmed We have confirmed this is a bug release:fix This PR is a fix labels Nov 16, 2022
@dthyresson dthyresson linked an issue Nov 16, 2022 that may be closed by this pull request
1 task
@zaiyou12 zaiyou12 force-pushed the main branch 2 times, most recently from 9581815 to f1d67a5 Compare November 17, 2022 08:27
@zaiyou12
Copy link
Contributor Author

Sure, I've updated commit with the test code

@dthyresson
Copy link
Contributor

Thanks much @zaiyou12 for the tests! I'll have a look and also run by @cannikin as this touches dbAuth.

Copy link
Contributor

@dthyresson dthyresson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Had a few questions and will let @cannikin also review. Thanks!

Copy link
Member

@cannikin cannikin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't involved in adding the GraphiQL header stuff to dbAuth, so let me know if my comment about that logic is way off base, maybe I just don't understand how it works! 😅

@zaiyou12
Copy link
Contributor Author

I've fixed all the issues. Also, I added tests to make sure it works well under normal case when not using GraphiQLHeader.

@dthyresson
Copy link
Contributor

Thanks @zaiyou12 ... I grabbed this PR and did a little refactoring on the tests and added some tests from the shared utilities.

But, I cannot push to your remote:

  ! [remote rejected]     zaiyou12/main -> zaiyou12/main (permission denied)

Could I get permissions to push?

We'll be able to merge once I can. Thanks!

@zaiyou12
Copy link
Contributor Author

Hi @dthyresson , thank you for the updates. I’ve checked “Allow edits by maintainers” option and invited you to my repo as collaborator. I hope it will works. Thank you!

@dthyresson
Copy link
Contributor

@zaiyou12 Sorry, when I pushed changes to your branch, I got a new PR with both your and my updates here: #6969

I'll close this PR and track the newer one. Sorry about that.

@zaiyou12
Copy link
Contributor Author

It's okay. Thank you for your help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug/confirmed We have confirmed this is a bug release:fix This PR is a fix
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Bug?]: GraphiQL headers is not working
3 participants