Vert.x 4 Graphql Websocket Authentication
144 views
Skip to first unread message
Aleksandar Pavlovic
Mar 19, 2021, 11:47:14 AM3/19/21
to vert.x
Hi everyone,
I've wait for months to migrate one of our projects to vertx 4.
One of the main reasons to upgrade is that with vertx 3 graphql subscription authentication wasn't easy at all. We did some very bad "blocking" code to validate JWT passed during CONNECTION_INIT from the web client.
Now, I'll be so happy to remove that internal code with non-blocking validation of WebSocket message during the CONNECTION_INIT stage.
Use case is very simple:
* if the token is valid on CONNECTION_INIT everything is ok
* If the token is not valid I need to close/reject the connection
* JWT validation must be asynchronous (AuthenticationProvider)
I found the PR that was merged into vertx 4 milestone branch. During revision, see github issue, some changes were applied. The problem is that I can't find any example that shows how to implement JWT validation, that is completely asynchronous, due to AuthenticationProvider method:
```java
Future<User> authenticate(JsonObject credentials)
```
Any tip/example is welcome
Thanks
Thomas SEGISMONT
Mar 19, 2021, 1:49:52 PM3/19/21
to vert.x
Hi,
In the tests there is an example: https://github.com/vert-x3/vertx-web/blob/c878537f36468c9eafdca16521f085037f959211/vertx-web-graphql/src/test/java/io/vertx/ext/web/handler/graphql/ApolloTestsServer.java#L63-L71
In a few words you have to set a connectionInitHandler on the ApolloWSHandler. The connection init handler gives you an event object that extends Promise.
You have to complete the promise if your auth promise is successful. Otherwise, fail it.
Would you mind contributing an example to the docs? I can help you in this process.
Regards
--
You received this message because you are subscribed to the Google Groups "vert.x" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vertx+un...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/vertx/fff01780-70c7-4f27-8429-23dac4c3fae4n%40googlegroups.com.
Aleksandar Pavlovic
Mar 19, 2021, 3:19:37 PM3/19/21
to vert.x
Thanks for the answer.
I'll try it tomorrow in our code base.
For the documentation contribution no problem at all. Of course, I need an explanation of how to do it.
Thomas SEGISMONT
Mar 22, 2021, 9:34:40 AM3/22/21
to vert.x
Le ven. 19 mars 2021 à 20:19, Aleksandar Pavlovic <aleksandar...@gmail.com> a écrit :
Thanks for the answer.I'll try it tomorrow in our code base.For the documentation contribution no problem at all. Of course, I need an explanation of how to do it.
Great!
The source of the doc is here: https://github.com/vert-x3/vertx-web/blob/master/vertx-web-graphql/src/main/asciidoc/index.adoc
The source for the example code: https://github.com/vert-x3/vertx-web/blob/master/vertx-web-graphql/src/main/java/examples/GraphQLExamples.java
You need to update these files. I'll review the PR.
To view this discussion on the web, visit https://groups.google.com/d/msgid/vertx/910cf772-fe48-48c8-85ee-a47b3b8a3a38n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages