feat(GraphQL): Allow standard claims into auth variables #7381
Conversation
github-actions
bot
added
the
area/graphql
minhaj-shakeel
changed the title
There was a problem hiding this comment.
Can we add an e2e test showing that a standard claim is accessible and can be used within an auth rule?
Reviewed 2 of 2 files at r1.
Reviewable status: all files reviewed, 5 unresolved discussions (waiting on @minhaj-shakeel)
graphql/resolve/auth_test.go, line 182 at r1 (raw file):
"ROLE": "ADMIN", "email_verified": true, "iss": "https://cognito-idp.ap-southeast-2.amazonaws.com/ap-southeast-2_GfmeHdFz4",
change to a dummy value
graphql/resolve/auth_test.go, line 189 at r1 (raw file):
"event_id": "31c9d684-1d45-46f7-8c2b-cc27b1f6f01b", "token_use": "id", "name": "David Peek",
change the name
graphql/resolve/auth_test.go, line 190 at r1 (raw file):
"token_use": "id", "name": "David Peek", "email": "david@typejoin.com",
change this to a dummy value
graphql/resolve/auth_test.go, line 258 at r1 (raw file):
"ROLE": "ADMIN", "email_verified": true, "iss": "https://cognito-idp.ap-southeast-2.amazonaws.com/ap-southeast-2_GfmeHdFz4",
same as above, obfuscate the values
graphql/resolve/auth_test.go, line 386 at r1 (raw file):
"token_use": "id", "name": "David Peek", "email": "david@typejoin.com",
add a case where there is a collision between default and user-defined namespace
There was a problem hiding this comment.
Reviewed 1 of 2 files at r2.
Reviewable status: 2 of 3 files reviewed, all discussions resolved (waiting on @minhaj-shakeel)
Fixes GRAPHQL-945.
This PR adds support for adding
standard claimsof ajwttoken in theAuth Variables.For eg, if the token contains claims given below and the namespace given in the authorization header is
https://xyz.io/jwt/claims:Then the auth variables will also include the rest of the given claims along with the claims provided under
https://xyz.io/jwt/claims.This change is