Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add JWT middleware and me query #21

Merged
merged 3 commits into from
Jun 13, 2022
Merged

Add JWT middleware and me query #21

merged 3 commits into from
Jun 13, 2022

Conversation

KillerX
Copy link
Member

@KillerX KillerX commented Jun 13, 2022
edited
Loading

The middleware is applied to all requests. If the Authorization header is not set the request is marked as Anonymous.
The middleware is not responsible for preventing access, it is only supposed to validate the token (if it exists) and extract claims into the context. Claims retrieved from the context later can thus be considered valid and used to Authorization purposes.

fredrikvedvik
fredrikvedvik reviewed Jun 13, 2022
View reviewed changes
backend/graph/schema.graphqls Outdated
@@ -247,6 +247,14 @@ type FAQCategory {
questions: [FAQ!]!
}

type User {
personId: ID
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want this to be called personId? One could argue that this is a bad naming originally in Members...?

I'd either go with "id" or "userId".

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Of course if this is just a "forward" of what we get from auth0, then we don't have much of a choice

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I'll move this to ID, makes more sense, even if members i "wrong".

@andreasgangso
Copy link
Member

andreasgangso commented Jun 13, 2022
edited
Loading

I'm curious if we need to check hasMembership.
I've never done that
https://github.com/bcc-code/bcc-code.github.io/blob/master/_docs/signon/openid-connect.md
edit: those docs are for idtoken but the accesstokens have that as well
"https://members.bcc.no/app_metadata": {
"personId": 12345,
"hasMembership": true
},

@KillerX
Copy link
Member Author

KillerX commented Jun 13, 2022

I'm curious if we need to check hasMembership. I've never done that https://github.com/bcc-code/bcc-code.github.io/blob/master/_docs/signon/openid-connect.md

I will use this for https://github.com/bcc-code/brunstadtv/pull/21/files#diff-fcaa1411fa7893dd366fed7c9738f2dc0b054503ed682c3df089fbd7946155b0R22 thanks

@KillerX KillerX merged commit dcf183a into master Jun 13, 2022
fredrikvedvik pushed a commit that referenced this pull request Jun 24, 2022
@KillerX
Merge pull request #21 from bcc-code/feat/jwt-validation
6ade252 
Add JWT middleware and `me` query
@fredrikvedvik fredrikvedvik deleted the feat/jwt-validation branch July 1, 2022 08:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fredrikvedvik fredrikvedvik fredrikvedvik approved these changes

@andreasgangso andreasgangso Awaiting requested review from andreasgangso

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@KillerX @andreasgangso @fredrikvedvik