Graphql-engine: Include hostname in auth webhook?

Created on 23 Nov 2018  路  2Comments  路  Source: hasura/graphql-engine

This is a great project, thanks!

I'm experimenting with using it in a multi-tenant setup, where the tenant is decided by the subdomain (eg. foo.example.com is tenant foo), and the authentication webhook includes a x-hasura-tenant-id in the response. Unfortunately the headers passed to the webhook don't include the original hostname, so this approach is impossible.

I think it would be useful for the webhooks (and perhaps also the forthcoming schema stitching) to forward more details about the original request, so my server can make use of the original IP address, useragent etc.

Thanks.

server intermediate bug high
Source
picture bs1180

Most helpful comment

Using GET for the webhook and passing client headers as HTTP headers was a bad choice that we made, because of which when graphql-engine is making a request to the webhook it cannot send some of the original client headers as is, Host being one of them.
We'll add a new POST webhook call behavior, so that all the client headers can be sent in the POST body.

picture 0x777 on 23 Nov 2018
👍2

All 2 comments

Using GET for the webhook and passing client headers as HTTP headers was a bad choice that we made, because of which when graphql-engine is making a request to the webhook it cannot send some of the original client headers as is, Host being one of them.
We'll add a new POST webhook call behavior, so that all the client headers can be sent in the POST body.

0x777 picture 0x777 on 23 Nov 2018
👍2

This is fixed by https://github.com/hasura/graphql-engine/pull/1147 馃帀

bs1180 picture bs1180 on 3 Dec 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

tirumaraiselvan picture tirumaraiselvan  路  3Comments
anisjonischkeit picture anisjonischkeit  路  3Comments
macalinao picture macalinao  路  3Comments
jjangga0214 picture jjangga0214  路  3Comments
coco98 picture coco98  路  3Comments