Replies: 3 comments
-
|
I have run into this exact same issue. Did you find a solution? |
Beta Was this translation helpful? Give feedback.
-
|
I played around with it a bit and got somewhat of a workaround going. What you can do is use Now you can add your own DgsWebSocketConfig (based on DgsWebSocketAutoConfig) and return a CustomDgsWebSocketHandler (based on CustomDgsWebSocketHandler) from webSocketHandler. In there you can handle auth and populate the SecurityContext. I haven't figured out a good way to return a proper error message for unauthorized users yet, but should be possible since you have full control this way. |
Beta Was this translation helpful? Give feedback.
-
|
DGS subscription WebSocket framework should allow for custom WebSocketHandlers and WebSocketInterceptors. Not using graphql-dgs-subscriptions-websockets-autoconfigure and autoconfig WebSocketConfig in application is not a good solution! |
Beta Was this translation helpful? Give feedback.
-
Hi,
Currently I am implementing an application with GraphQL subscription (via websocket). The authentication is performed based on the JWT token sent from Apollo Client.
For that, I need to extend the DgsWebSocketHandler class, but it seems that it's private and can only be exposed through the auto-configuration class (then no customization is possible). Specifically, I want to be able to hook my own logic to parse the token, set Spring security context when a new connection is established... Basically something like this:
https://github.com/philip-jvm/learn-spring-boot-graphql/blob/master/src/main/java/com/learn/graphql/config/security/AuthenticationConnectionListener.java
Have you experienced this case and how did you solve it?
Thanks.
Hiep
Beta Was this translation helpful? Give feedback.
All reactions