这是indexloc提供的服务,不要输入任何密码
Skip to content

Allow custom namespace for JWT session variables #350

New issue
New issue
Closed
Closed
Allow custom namespace for JWT session variables#350
Labels
c/serverRelated to servere/quickfixcan be wrapped up in few hoursp/highcandidate for being included in the upcoming sprint
@dsemenovsky

Description

@dsemenovsky
dsemenovsky
opened on Sep 3, 2018

Hi!

We are exploring an option of using Auth0 + Hasura JWT authorization and there is a small, but very important piece that is missing.

Auth0 does not allow to have claims directly in the root of idToken object as Hasura docs ask:

{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true,
  "iat": 1516239022,
  "x-hasura-allowed-roles": ["editor","user", "mod"],
  "x-hasura-default-role": "user",
  "x-hasura-user-id": "1234567890",
  "x-hasura-org-id": "123",
  "x-hasura-custom": "custom-value"
}

Instead, Auth0 suggests creating custom namespace as follows:

{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true,
  "iat": 1516239022,
  "https://example.com/claims/hasura": {
    "x-hasura-default-role": "user",
    "x-hasura-allowed-roles": [
      "user"
    ],
    "x-hasura-user-id": "google-oauth2|000111222333444555666"
  }
}

Is it possible to add a configuration argument so it will be possible to specify a custom namespace to look for Hasura session variables, like this:

--jwt-claim-namespace "https://example.com/claims/hasura"

Thank you for you help!

Best,
Dmitry

Metadata

Metadata

Assignees

No one assigned

    Labels

    c/serverRelated to servere/quickfixcan be wrapped up in few hoursp/highcandidate for being included in the upcoming sprint

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions