tailcallhq
Implement `@auth` directive for types and fields
- Support OAuth
- Support Basic
- Support JWT
Example
schema @auth(type: "OAUTH") {
query: Query
}
type Query {
users: [User] @http(path: "/users")
transaction: [Transaction] @http(path: "/transactions")
}
type User {
# ... usual fields
}
type Transaction @protected {
# ... usual fields
}
Technical Requirements
- Authentication should only happen once for a incoming GraphQL Request.
Action required: Issue inactive for 30 days. Status update or closure in 7 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@meskill Feel free to update the issue with relevant links around the design and architecture of the @auth feature.
Put the draft implementation https://github.com/tailcallhq/tailcall/pull/807 that currently implements only @protected directive for fields and types. For jwt currently use mocks inside the code.
For possible options for @auth directive I'm considering subset of options used by envoy that are related to jwt settings and validation.
@protected field could be left as is at the beginning and we could later add any parameters we need for example to specify provider and authorization options
For now I'm thinking to implement next structure of the schema directive:
schema
@auth(JWT: { jwks: { file: "jwks.json" } }) {
query: Query
}
this is to bypass restrictions for having only one auth directive, but still be able to define different providers. And the providers as different map entries to provide better intellisense in IDE