update auth-webhook boilerplates for node (#4885)

1) split nodejs-express boilerplate into nodejs-express and nodejs-firebase
2) update deploy instructions for heroku
This commit is contained in:
Tirumarai Selvan 2020-05-26 14:43:58 +05:30 committed by GitHub
parent b5ca6ec29f
commit 756614c326
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 166 additions and 3760 deletions

View File

@ -2,37 +2,27 @@
This is a sample auth webhook for authenticating requests to the Hasura GraphQL engine.
It has boilerplate code written for firebase auth. There is also a generic sample handler in `server.js` where you can handle your custom auth providers.
It has boilerplate code written in `server.js` where you can handle authentication.
## Quick deploy
<!--
### Deploy with Heroku (recommended)
1. Click the following button for deploying to Heroku.
Run the following commands:
[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/hasura/sample-auth-webhook)
2. Once it is deployed, go to `Manage App > Settings` of your app and set the following environment variables if you want to use Firebase.
- **FIREBASE_CONFIG**: Copy the contents of your serviceAccount JSON file for this field. Example:
```
{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}
git clone https://github.com/hasura/graphql-engine
cp -r graphql-engine/community/boilerplates/auth-webhooks/nodejs-express <some-dir>
cd <some-dir>
git init && git add . && git commit -m "init auth webhook"
```
If you are not using an auth provider, you need not enter the environment variable associated with it
-->
You need to setup a Heroku app:
```
heroku apps:create
git push heroku master
```
### Deploy using [Now](https://zeit.co/now)
@ -42,65 +32,17 @@ Run the following commands to deploy using Now.
git clone https://github.com/hasura/graphql-engine
cd graphql-engine/community/boilerplates/auth-webhooks/nodejs-express
npm install -g now
now -e \
FIREBASE_CONFIG='{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'
```
If you are not using an auth provider, you need not enter the environment variable associated with it. For example, if you are not using firebase, the last command you should run is,
```bash
$ now
now
```
### Deploy with Glitch
1. Click the following button to edit on glitch
Click the following button to edit on glitch
[![glitch-deploy-button](assets/deploy-glitch.png)](http://glitch.com/edit/#!/import/github/hasura/graphql-engine/community/boilerplates/auth-webhooks/nodejs-express)
2. Add the following environment variables in the `.env` file on glitch.
```env
FIREBASE_CONFIG='{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'
```
If you are not using an auth provider, you need not enter the environment variable associated with it.
## Usage with Hasura GraphQL engine
Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.
*[Read the docs](https://hasura.io/docs/1.0/graphql/manual/auth/authentication/webhook.html).*
### Firebase
Send the firebase `id_token` as a header while making queries to the `graphql-engine`.
```
{
"Authorization": "Bearer <id_token>"
}
```

File diff suppressed because it is too large Load Diff

View File

@ -3,6 +3,9 @@
"version": "1.0.0",
"description": "",
"main": "server.js",
"engines": {
"node": "10.16.x"
},
"scripts": {
"start": "node server.js",
"test": "echo \"Error: no test specified\" && exit 1"
@ -11,7 +14,6 @@
"license": "ISC",
"dependencies": {
"express": "^4.16.3",
"firebase-admin": "^5.12.1",
"request": "^2.87.0"
}
}

View File

@ -22,7 +22,7 @@ app.get('/', (req, res) => {
res.send('Webhooks are running');
});
app.get('/simple/webhook', (request, response) => {
app.get('/webhook', (request, response) => {
// Extract token from request
var token = request.get('Authorization');
@ -38,10 +38,6 @@ app.get('/simple/webhook', (request, response) => {
});
});
// Firebase handler
var firebaseRouter = require('./firebase/firebaseHandler');
app.use('/firebase', firebaseRouter);
// listen for requests :)
var listener = app.listen(port, function () {
console.log('Your app is listening on port ' + port);

View File

@ -0,0 +1 @@
*node_modules

View File

@ -0,0 +1 @@
web: node server.js

View File

@ -0,0 +1,104 @@
# Sample Auth Webhook with Firebase for Hasura GraphQL engine
This is a sample auth webhook for Hasura which forwards requests to Firebase auth and transforms the response.
## Quick deploy
### Deploy with Heroku (recommended)
Run the following commands:
```
git clone https://github.com/hasura/graphql-engine
cp -r graphql-engine/community/boilerplates/auth-webhooks/nodejs-express <some-dir>
cd <some-dir>
git init && git add . && git commit -m "init auth webhook"
```
You need to setup a Heroku app:
```
heroku apps:create
git push heroku master
```
Once it is deployed, go to `Manage App > Settings` of your app and set the following environment variables for Firebase:
- **FIREBASE_CONFIG**: Copy the contents of your serviceAccount JSON file for this field. Example:
```
{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}
```
### Deploy using [Now](https://zeit.co/now)
Run the following commands to deploy using Now.
```bash
git clone https://github.com/hasura/graphql-engine
cd graphql-engine/community/boilerplates/auth-webhooks/nodejs-express
npm install -g now
now -e \
FIREBASE_CONFIG='{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'
```
### Deploy with Glitch
1. Click the following button to edit on glitch
[![glitch-deploy-button](assets/deploy-glitch.png)](http://glitch.com/edit/#!/import/github/hasura/graphql-engine/community/boilerplates/auth-webhooks/nodejs-express)
2. Add the following environment variables in the `.env` file on glitch.
```env
FIREBASE_CONFIG='{
"type": "service_account",
"project_id": "testapp-2222",
"private_key_id": "f02aca08952f702de43ed577b428f405efe2d377",
"private_key": "-----BEGIN PRIVATE KEY-----\n<your-private-key>\n-----END PRIVATE KEY-----\n",
"client_email": "firebase-adminsdk-t4sik@testapp-24a60.iam.gserviceaccount.com",
"client_id": "113608616484852272199",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-t4sik%40testapp-22222.iam.gserviceaccount.com"
}'
```
## Usage with Hasura GraphQL engine
Once you have deployed this webhook, you can use it along with the GraphQL engine. You have to set the webhook URL as an environment variable in the docker container that runs the GraphQL engine.
*[Read the docs](https://hasura.io/docs/1.0/graphql/manual/auth/authentication/webhook.html).*
### Firebase
Send the firebase `id_token` as a header while making queries to the `graphql-engine`.
```
{
"Authorization": "Bearer <id_token>"
}
```

Binary file not shown.

After

Width:  |  Height:  |  Size: 8.4 KiB

View File

@ -0,0 +1,20 @@
{
"name": "sample-auth-webhook",
"version": "1.0.0",
"description": "",
"main": "server.js",
"engines": {
"node": "10.16.x"
},
"scripts": {
"start": "node server.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "wawhal",
"license": "ISC",
"dependencies": {
"express": "^4.16.3",
"firebase-admin": "^5.12.1",
"request": "^2.87.0"
}
}

View File

@ -0,0 +1,20 @@
// Sample webhook showing what a hasura auth webhook looks like
// init project
var express = require('express');
var app = express();
var requestClient = require('request');
var port = process.env.PORT || 3000;
app.get('/', (req, res) => {
res.send('Webhooks are running');
});
// Firebase handler
var firebaseRouter = require('./firebase/firebaseHandler');
app.use('/firebase', firebaseRouter);
// listen for requests :)
var listener = app.listen(port, function () {
console.log('Your app is listening on port ' + port);
});