mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-24 16:03:37 +03:00
504f13725f
> High-Level TODO: * [x] Code Changes * [x] Tests * [x] Check that pro/multitenant build ok * [x] Documentation Changes * [x] Updating this PR with full details * [ ] Reviews * [ ] Ensure code has all FIXMEs and TODOs addressed * [x] Ensure no files are checked in mistakenly * [x] Consider impact on console, cli, etc. ### Description > This PR adds support for adding set-cookie header on the response from the auth webhook. If the set-cookie header is sent by the webhook, it will be forwarded in the graphQL engine response. Fixes a bug in test-server.sh: testing of get-webhook tests was done by POST method and vice versa. To fix, the parameters were swapped. ### Changelog - [x] `CHANGELOG.md` is updated with user-facing content relevant to this PR. ### Affected components - [x] Server - [ ] Console - [ ] CLI - [x] Docs - [ ] Community Content - [ ] Build System - [x] Tests - [ ] Other (list it) ### Related Issues -> Closes [#2269](https://github.com/hasura/graphql-engine/issues/2269) ### Solution and Design > ### Steps to test and verify > Please refer to the docs to see how to send the set-cookie header from webhook. ### Limitations, known bugs & workarounds > - Support for only set-cookie header forwarding is added - the value forwarded in the set-cookie header cannot be validated completely, the [Cookie](https://hackage.haskell.org/package/cookie) package has been used to parse the header value and any unnecessary information is stripped off before forwarding the header. The standard given in [RFC6265](https://datatracker.ietf.org/doc/html/rfc6265) has been followed for the Set-Cookie format. ### Server checklist #### Catalog upgrade Does this PR change Hasura Catalog version? - [x] No - [ ] Yes - [ ] Updated docs with SQL for downgrading the catalog #### Metadata Does this PR add a new Metadata feature? - [x] No #### GraphQL - [x] No new GraphQL schema is generated - [ ] New GraphQL schema is being generated: - [ ] New types and typenames are correlated #### Breaking changes - [x] No Breaking changes PR-URL: https://github.com/hasura/graphql-engine-mono/pull/2538 Co-authored-by: Robert <132113+robx@users.noreply.github.com> GitOrigin-RevId: d9047e997dd221b7ce4fef51911c3694037e7c3f
54 lines
1.5 KiB
Python
54 lines
1.5 KiB
Python
"""
|
|
Sample auth webhook to receive a cookie and respond
|
|
"""
|
|
from http import HTTPStatus
|
|
from webserver import RequestHandler, WebServer, MkHandlers, Response
|
|
|
|
class CookieAuth(RequestHandler):
|
|
def get(self, request):
|
|
headers = {k.lower(): v for k, v in request.headers.items()}
|
|
|
|
print(headers)
|
|
cookieHdrs = []
|
|
if 'cookie' in headers and headers['cookie']:
|
|
res = {'x-hasura-role': 'admin'}
|
|
|
|
for k, v in headers.items():
|
|
if 'response-set-cookie' in k:
|
|
hdr = ('Set-Cookie', v)
|
|
cookieHdrs.append(hdr)
|
|
|
|
return Response(HTTPStatus.OK, res, cookieHdrs)
|
|
return Response(HTTPStatus.UNAUTHORIZED)
|
|
|
|
def post(self, request):
|
|
headers = {k.lower(): v for k, v in request.json['headers'].items()}
|
|
cookieHdrs = []
|
|
|
|
if 'cookie' in headers and headers['cookie']:
|
|
res = {'x-hasura-role': 'admin'}
|
|
|
|
for k, v in headers.items():
|
|
if 'response-set-cookie' in k:
|
|
hdr = ('Set-Cookie', v)
|
|
cookieHdrs.append(hdr)
|
|
|
|
return Response(HTTPStatus.OK, res, headers)
|
|
return Response(HTTPStatus.UNAUTHORIZED)
|
|
|
|
|
|
handlers = MkHandlers({
|
|
'/auth': CookieAuth,
|
|
})
|
|
|
|
def create_server(host='127.0.0.1', port=9876):
|
|
return WebServer((host, port), handlers)
|
|
|
|
def stop_server(server):
|
|
server.shutdown()
|
|
server.server_close()
|
|
|
|
if __name__ == '__main__':
|
|
s = create_server(host='0.0.0.0')
|
|
s.serve_forever()
|