Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Claims key: 'https://hasura.io/jwt/claims' not found when setting in firebase
See original GitHub issueI’m trying to use firebase auth for hasura.
I’ve set HASURA_GRAPHQL_ADMIN_SECRET and also HASURA_GRAPHQL_JWT_SECRET using the generator and referencing my project id.
I then have this cloud function
`const functions = require(‘firebase-functions’); const admin = require(‘firebase-admin’);
exports.addDefaultUserRole = functions.auth.user().onCreate((user) => {
let uid = user.uid;
//add custom claims
return admin.auth().setCustomUserClaims(uid,{
'https://hasura.io/jwt/claims': {
'x-hasura-default-role': 'user',
'x-hasura-allowed-roles': ['user'],
'x-hasura-user-id': user.uid
}
})
.then(() => {
return admin.auth().getUser(uid);
})
.then(userRecord => {
console.log(uid);
console.log(userRecord);
return null;
});
}); admin.initializeApp(functions.config().firebase); `
…this successfully prints out in the firebase console the custom claims
passwordSalt: undefined, customClaims: { 'https://hasura.io/jwt/claims': { 'x-hasura-default-role': 'user', 'x-hasura-allowed-roles': [Array], 'x-hasura-user-id': '7hlqtPrQviaAFPZBKqGdk0L6R1J2' } }, tokensValidAfterTime: 'Mon, 16 Mar 2020 12:03:13 GMT' }
But if I then take the token generated and set it with: Authorization: Bearer $token either in Hasura API explorer or in my client code I just get the following error
{ "errors": [ { "extensions": { "path": "$", "code": "jwt-invalid-claims" }, "message": "claims key: 'https://hasura.io/jwt/claims' not found" } ] }
I’m not sure what else I can debug to try and get to the route cause of this
Issue Analytics
- State:
- Created 4 years ago
- Comments:13 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Ok so I’ve basically got this in the cloud function
`exports.processSignUp = functions.auth.user().onCreate(async user => {
let customClaims; return admin.auth().setCustomUserClaims(user.uid, { ‘https://hasura.io/jwt/claims’: { ‘x-hasura-default-role’: ‘user’, ‘x-hasura-allowed-roles’: [‘user’], ‘x-hasura-user-id’: user.uid } }) .then(async () => { await firestore.collection(‘users’).doc(user.uid).set({ createdAt: admin.firestore.FieldValue.serverTimestamp() }); }) .catch(error => { console.log(error); }); }); `
So once the user claims are set I then write a vale into firestore (just the userid and the time). Then on the client side I’m subscribing to firestore to see when that data exists
`
DocumentReference userDocRef = Firestore.instance.collection(‘users’).document(currentUser.uid); Stream<DocumentSnapshot> docs = userDocRef.snapshots(includeMetadataChanges: false);
`
So before actually trying to set the bearer in hasura I await for this to finish and then use the idTokenResult which will have the custom claims added to it.
If you try and use the token before that it won’t have been registered with the custom claims that were set on firebase as the “create user” returns before they’ve been set
@tirumaraiselvan How do you update “x-hasura-allowed-roles” dynamically with this approach?