feat+fix(lambda): allow access to access jwt in lambda (#8023)

* feat+fix(lambda): allow access to access jwt in lambda * remove usage of env.AUTH_TOKEN
hypermodeinc · Sep 15, 2021 · c668fef · c668fef
1 parent 1a4f74a
commit c668fef
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 12 deletions.
diff --git a/dgraph/cmd/alpha/dist/index.js b/dgraph/cmd/alpha/dist/index.js
diff --git a/lambda/lambda-types/types.d.ts b/lambda/lambda-types/types.d.ts
@@ -82,6 +82,7 @@ declare module "@dgraph-lambda/lambda-types" {
     parents: (Record<string, any>)[] | null,
     args: Record<string, any>,
     authHeader?: AuthHeaderField,
+    accessToken?: string, 
     event?: eventPayload,
     info?: InfoField
   }
@@ -97,6 +98,7 @@ declare module "@dgraph-lambda/lambda-types" {
       mutate: (s: string) => Promise<GraphQLResponse>;
     };
     authHeader?: AuthHeaderField;
+    accessToken?: string;
   };
 
   type GraphQLEvent = GraphQLEventCommonFields & {

diff --git a/lambda/src/buildApp.ts b/lambda/src/buildApp.ts
@@ -26,6 +26,7 @@ function bodyToEvent(b: any): GraphQLEventFields {
     parents: b.parents || null,
     args: b.args || {},
     authHeader: b.authHeader,
+    accessToken: b['X-Dgraph-AccessToken'],
     event: b.event || {},
     info: b.info || null,
   }
@@ -66,7 +67,7 @@ export function buildApp() {
               res.status(400)
           }
           res.json(result)
-        } catch(e) {
+        } catch(e: any) {
           console.error(logPrefix + e.toString() + JSON.stringify(e.stack))
           next(e)
         }

diff --git a/lambda/src/dgraph.ts b/lambda/src/dgraph.ts
@@ -17,11 +17,12 @@
 import fetch from 'node-fetch';
 import { GraphQLResponse, AuthHeaderField } from '@dgraph-lambda/lambda-types';
 
-export async function graphql(query: string, variables: Record<string, any> = {}, authHeader?: AuthHeaderField): Promise<GraphQLResponse> {
+export async function graphql(query: string, variables: Record<string, any> = {}, authHeader?: AuthHeaderField, accessToken?: string): Promise<GraphQLResponse> {
   const headers: Record<string, string> = { "Content-Type": "application/json" };
   if (authHeader && authHeader.key && authHeader.value) {
     headers[authHeader.key] = authHeader.value;
   }
+  headers['X-Dgraph-AccessToken'] = accessToken || ""
   const response = await fetch(`${process.env.DGRAPH_URL}/graphql`, {
     method: "POST",
     headers,
@@ -33,12 +34,12 @@ export async function graphql(query: string, variables: Record<string, any> = {}
   return response.json();
 }
 
-async function dqlQuery(query: string, variables: Record<string, any> = {}): Promise<GraphQLResponse> {
+async function dqlQuery(query: string, variables: Record<string, any> = {}, accessToken?:string): Promise<GraphQLResponse> {
   const response = await fetch(`${process.env.DGRAPH_URL}/query`, {
     method: "POST",
     headers: {
       "Content-Type": "application/json",
-      "X-Auth-Token": process.env.DGRAPH_TOKEN || ""
+      "X-Dgraph-AccessToken": accessToken || "",
     },
     body: JSON.stringify({ query, variables })
   })
@@ -48,12 +49,12 @@ async function dqlQuery(query: string, variables: Record<string, any> = {}): Pro
   return response.json();
 }
 
-async function dqlMutate(mutate: string | Object): Promise<GraphQLResponse> {
+async function dqlMutate(mutate: string | Object, accessToken?: string): Promise<GraphQLResponse> {
   const response = await fetch(`${process.env.DGRAPH_URL}/mutate?commitNow=true`, {
     method: "POST",
     headers: {
       "Content-Type": typeof mutate === 'string' ? "application/rdf" : "application/json",
-      "X-Auth-Token": process.env.DGRAPH_TOKEN || ""
+      "X-Dgraph-AccessToken": accessToken || "",
     },
     body: typeof mutate === 'string' ? mutate : JSON.stringify(mutate)
   })

diff --git a/lambda/src/evaluate-script.ts b/lambda/src/evaluate-script.ts
@@ -43,7 +43,7 @@ class GraphQLResolverEventTarget extends EventTarget {
         try {
           const event = e as unknown as GraphQLEvent;
           event.respondWith(resolver(event))
-        } catch(e) {
+        } catch(e: any) {
           this.console.error(e.toString() + JSON.stringify(e.stack))
           return
         }
@@ -57,7 +57,7 @@ class GraphQLResolverEventTarget extends EventTarget {
         try {
           const event = e as unknown as GraphQLEvent;
           event.respondWith(getParents(event).map(parent => resolver({...event, parent})))
-        } catch(e) {
+        } catch(e: any) {
           this.console.error(e.toString() + JSON.stringify(e.stack))
           return
         }
@@ -71,7 +71,7 @@ class GraphQLResolverEventTarget extends EventTarget {
         try {
           const event = e as unknown as WebHookGraphQLEvent;
           event.respondWith(resolver(event))
-        } catch(e) {
+        } catch(e: any) {
           this.console.error(e.toString() + JSON.stringify(e.stack))
           return
         }
@@ -174,8 +174,11 @@ export function evaluateScript(source: string, prefix: string) {
     const event = {
       ...e,
       respondWith: (x: ResolverResponse) => { retPromise = x },
-      graphql: (query: string, variables: Record<string, any>, ah?: AuthHeaderField) => graphql(query, variables, ah || e.authHeader),
-      dql,
+      graphql: (query: string, variables: Record<string, any>, ah?: AuthHeaderField, token?: string) => graphql(query, variables, ah || e.authHeader, token || e.accessToken),
+      dql: {
+        query: (query: string, variables: Record<string, any> = {}, token?:string) => dql.query(query, variables, token || e.accessToken),
+        mutate: (mutate: string | Object, token?: string) => dql.mutate(mutate, token || e.accessToken),
+      }
     }
     if (e.type === '$webhook' && e.event) {
       event.type = `${e.event?.__typename}.${e.event?.operation}`