Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Injecting different header data on each request?

See original GitHub issue

I know that it’s possible to send extra headers when converting OAS to GraphQL by using https://github.com/strongloop/oasgraph/tree/master/packages/oasgraph#options, but this seems like it will only set it up once. And that’s great if you want to add static header, but what about something that would change on every request? Is it possible to inject something which could change on every request? In my instance I need to pass the Authorization header which more than likely to change on every request to the ‘/graphql’ end point.

My code currently looks a little something like:

module.exports = async function () {
    const app = express();

    // This will always be sent for every request and is static
    let oasOptions = {headers: {'X-Origin': 'GraphQL'}};

    // Would seem that this is a one-time thing done when Express kicks in?
    // The header is likely to be different on every call express takes, though.
    if (app.request.headers && app.request.headers.authorization) {
        oasOptions.headers.authorization = app.request.headers.authorization;
    }

    // I have an NPM package that handles using oasgrah
    const schema = await oas.toGraphQL(oasOptions);

    app.use(cors());
    app.options("*", cors());
    app.use(express.urlencoded({extended: true}));
    app.use(express.json());

    // I need to inject to the resolver every time this is called
    app.use(
        "/graphql",
        graphqlHTTP({
            schema,
            graphiql: process.env.NODE_ENV === "local"
        })
    );

    return app;
};

Apologies if I’ve missed something obvious in the docs or mis-understood how the options bit works.

Issue Analytics

State:
Created 5 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

1reaction

Alan-Chacommented, Mar 6, 2019

@amnuts Wow, thank you so much for the follow up! This is beyond cool! It is also very well documented! I will definitely check it out later but I already left it a Github star 😄

If you do make a blog post, please let us know as well! It would be interesting to see what your user experience was like so we know what to improve on in the future!

1reaction

amnutscommented, Mar 5, 2019

@Alan-Cha @ErikWittern I’ve been able to make public our usage of oasgraph that I mentioned, if you fancy checking it out; https://github.com/elucidat/elucidat-npm-skeleton

Hoping to write a blog post about it at some point and how easy it was to achieve with oasgraph.

Thanks for the excellent library and support!

Top Results From Across the Web

Injecting different header value upon each request to wcf ...

CreateChannel() I am able to cast to IContextChannel. Target is to be able to inject a header value upon each call to desiredGateway,...

Dependency Injection based on request headers

Change the dependency injection of our .NET Core Web API application based on request headers or cookie information, leveraging a scoped ...

HTTP response header injection - PortSwigger

HTTP response header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can...

Back to Basics: Custom HTTP Response Header Manipulation ...

The simplest way you can add custom headers to every request response is by using a generic Middleware handler which uses app.Use() ....

Custom request header insertions for non-blocking actions

Use cases for custom header insertion include signaling a downstream application to process the request differently based on the inserted headers, and flagging ......