Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Allow specifying headers in gateway serviceList (specifically Authorization header)

See original GitHub issue

In ApolloGateway, the getServiceDefinitionsFromRemoteEndpoint function in loadServicesFromRemoteEndpoint.ts has hardcoded headers. So graphql endpoints that are protected and accept only calls with a valid Authorization header cannot be accessed by the gateway. For example if you use AWS ApiGateway authorizers for filtering only authorised requests to your graphql endpoint, requests that don’t have an Authorization header are blocked and don’t even reach your endpoint.

I suggest that the ServiceEndpointDefinition object will also have a headers parameter that will allow passing such headers. Or that the code in getServiceDefinitionsFromRemoteEndpoint will also go through the buildService function to allow changing the headers.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:7
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

3reactions
mcohen75commented, Oct 10, 2019

I believe this issue can be closed. There are now two different mechanisms that can be used to accomplish this.

  1. Specify introspection headers. See https://www.apollographql.com/docs/apollo-server/api/apollo-gateway/#apollogateway
  2. Modify the headers before requests are sent to federated services by implementing the willSendRequest method of RemoteGraphQLDataSource. See here: https://www.apollographql.com/docs/apollo-server/federation/implementing/#customizing-incoming-requests
1reaction
codyspatecommented, Jul 8, 2019

@reinosutisno they’ve added an introspectioHeaders option to gateway

Read more comments on GitHub >

github_iconTop Results From Across the Web

API Reference: @apollo/gateway - Apollo GraphQL Docs
The core class of Apollo Server's federated gateway implementation. ... Providing a serviceList and headers to authorize introspection. TypeScript
Read more >
API Reference: @apollo/gateway - Apollo Federation
This API reference documents the exports from the @apollo/gateway package. ... Providing a serviceList and headers to authorize introspection.
Read more >
Pass custom headers through API Gateway to a Lambda ...
Then, the Lambda function returns one or more header values from the original API request. Resolution. Configure the required AWS Identity and ...
Read more >
webMethods API Gateway User's Guide
and information about gateway-specific events and API-specific events ... Ensure you enable this setting in the system where the SOAP API is.
Read more >
Access-Control-Allow-Headers - HTTP - MDN Web Docs
Note that the Authorization header can't be wildcarded and always needs to be listed explicitly. Examples. A custom header. Here's an example of ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Apollo Server Slow Performance when resolving large data

Next page

[2.6.0] TypeError: Cannot read property 'some' of undefined