Quarkus: GraphQL: JsonWebToken not being detected

Created on 13 Jun 2020  路  7Comments  路  Source: quarkusio/quarkus

Describe the bug
When executing a @Query of a @GraphQLApi, an injected org.eclipse.microprofile.jwt.JsonWebToken is always an instance of io.smallrye.jwt.auth.cdi.NullJsonWebToken.
There also doesn't seem to be any other way to check the Authorization Header of the underlying HTTP Request.

Expected behavior
It should be possible to inject a JsonWebToken into a @GraphQLApi bean, in the same way it works for a JAX-RS Resource.

aresmallrye kinquestion
Source
picture bearbytes
👍2

Most helpful comment

Great! Let me close the issue then.
If someone still faces it, we can always reopen.

picture jmartisk on 14 Jul 2020
👍2

All 7 comments

Looks like a context propagation issue.

sberyozkin picture sberyozkin on 15 Jun 2020

I can't reproduce this with current Quarkus master, I think this was fixed as a side effect of https://github.com/quarkusio/quarkus/pull/10004
Can you retry with Quarkus 1.5.2.Final?

jmartisk picture jmartisk on 22 Jun 2020

Tested with 1.5.2 Final and can confirm that injected org.eclipse.microprofile.jwt.JsonWebToken is still being null.

guardianblue picture guardianblue on 26 Jun 2020
👍1

Then I have to ask for a reproducer, because with 1.5.2 it works for me.
My GraphQL api looks like this:

@GraphQLApi
public class MyGraphQLApi {

    @Inject
    JsonWebToken token;

    @Query
    public String foo() {
        System.out.println("TOKEN ==== " + token);
        System.out.println("ID = " + token.getTokenID());
        return "bar";
    }
}

With 1.5.1, when executing the query, I get

TOKEN ==== io.smallrye.jwt.auth.cdi.NullJsonWebToken@a66f6dc
ID = null

With 1.5.2, I get

TOKEN ==== DefaultJWTCallerPrincipal{id='a-123', name='[email protected]', expiration=1594109631, notBefore=0, issuedAt=1594109331, issuer='https://quarkus.io/using-jwt-rbac', audience=[using-jwt-rbac], subject='jdoe-using-jwt-rbac', type='JWT', issuedFor='null', authTime=1594109331, givenName='null', familyName='null', middleName='null', nickName='null', preferredUsername='jdoe', email='null', emailVerified=null, allowedOrigins=null, updatedAt=0, acr='null', groups=[Echoer,Group2MappedRole,Tester,Subscriber,group2]}
ID = a-123
jmartisk picture jmartisk on 7 Jul 2020

@jmartisk Thanks for looking into this.

After digging deeper into my code, I realized what I am encountering is slightly different from what @bearbytes wrote.

In my case, it is token being null instead. I suspect I have not configured properly at all. Similar injection _does_ work on REST API endpoint though.

Is some kind of application properties required to trigger the injection on Graph API endpoints?

guardianblue picture guardianblue on 9 Jul 2020

@jmartisk We have refactored our code (moving the package dependencies around), and that the issue is no longer reproducible. While we cannot confirm the original cause of the problem we faced, it is quite likely that we have missing dependencies in some of our pom files.

guardianblue picture guardianblue on 14 Jul 2020

Great! Let me close the issue then.
If someone still faces it, we can always reopen.

jmartisk picture jmartisk on 14 Jul 2020
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

lbernardomaia picture lbernardomaia  路  3Comments
gastaldi picture gastaldi  路  3Comments
hantsy picture hantsy  路  3Comments
dansiviter picture dansiviter  路  3Comments
rodrigofujioka picture rodrigofujioka  路  3Comments