diff options
author | John Estabrook <jestabro@vyos.io> | 2022-10-25 12:08:42 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-25 12:08:42 -0500 |
commit | 1265b15ffc8baa05177c707f30205d70528c5dc6 (patch) | |
tree | 8cb9715666250f8599147d066bd93a9a06df4962 /src/services/vyos-http-api-server | |
parent | ec82d60828500a56b6fe8357970bf839053ac0af (diff) | |
parent | 3db5ba8ef354d80f080cc1baacf33d77ccbb6222 (diff) | |
download | vyos-1x-1265b15ffc8baa05177c707f30205d70528c5dc6.tar.gz vyos-1x-1265b15ffc8baa05177c707f30205d70528c5dc6.zip |
Merge pull request #1613 from jestabro/graphql-hybrid-auth
graphql: T4574: add JWT token authentication
Diffstat (limited to 'src/services/vyos-http-api-server')
-rwxr-xr-x | src/services/vyos-http-api-server | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index 632c1e87d..3c390d9dc 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -647,20 +647,21 @@ def reset_op(data: ResetModel): ### def graphql_init(fast_api_app): - from api.graphql.bindings import generate_schema - + from api.graphql.libs.token_auth import get_user_context api.graphql.state.init() api.graphql.state.settings['app'] = app + # import after initializaion of state + from api.graphql.bindings import generate_schema schema = generate_schema() in_spec = app.state.vyos_introspection if app.state.vyos_origins: origins = app.state.vyos_origins - app.add_route('/graphql', CORSMiddleware(GraphQL(schema, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) + app.add_route('/graphql', CORSMiddleware(GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) else: - app.add_route('/graphql', GraphQL(schema, debug=True, introspection=in_spec)) + app.add_route('/graphql', GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec)) ### @@ -690,10 +691,15 @@ if __name__ == '__main__': app.state.vyos_origins = server_config.get('cors', {}).get('allow_origin', []) if 'graphql' in server_config: app.state.vyos_graphql = True - if isinstance(server_config['graphql'], dict) and 'introspection' in server_config['graphql']: - app.state.vyos_introspection = True - else: - app.state.vyos_introspection = False + if isinstance(server_config['graphql'], dict): + if 'introspection' in server_config['graphql']: + app.state.vyos_introspection = True + else: + app.state.vyos_introspection = False + # default value is merged in conf_mode http-api.py, if not set + app.state.vyos_auth_type = server_config['graphql']['authentication']['type'] + app.state.vyos_token_exp = server_config['graphql']['authentication']['expiration'] + app.state.vyos_secret_len = server_config['graphql']['authentication']['secret_length'] else: app.state.vyos_graphql = False |