JWT Doesn't seem to be passed into Lambda graphql() query for lambda mutations

gja · March 11, 2021, 5:04pm

Couple of things

We were not correctly passing authHeaders to lambdas. This has been fixed as of 48 hours ago. Please update your lambda script to see these changes. Yes, the bug is exactly what @chrisshaw mentioned’ bodyToEvent wasn’t passing the authHeader. I wish i’d seen this discuss post before implementing the fix, it would have made debugging this much easier.
graphql will automatically pass along the authHeader, so the security context is the same. However, you can override the security context by passing in the authHeaders explicitly. Before the above bug was fixed, this behaved as an unauthenticated request, so you would not have gotten back any data.
dql does not honour @auth headers, and thus a dql query can bypass auth rules written for GrapQL. Please consider this while writing your dql queries. (ACLs offers a way to potentially lock down dql queries as well, but GraphQL clients would also need to log in for ACLs to work)

Topic		Replies	Views
Slash Lambda Field addGraphQLResolvers not passing JWT Dgraph Cloud / Slash GraphQL	11	935	March 9, 2021
Auth rules for @lamdba queries/mutations GraphQL kind:question , auth , lambda	1	861	September 29, 2021
Problem with Lambda mutation GraphQL graphql , kind:question , lambda	8	615	March 10, 2021
Slash DGraph Lambdas Feature Requests / Small Change Dgraph Cloud / Slash GraphQL slash-graphql , dgraph , kind:feature	5	1267	March 22, 2021
Using JWT claim data outside of an auth rule? GraphQL kind:question	2	615	June 4, 2021