Uploaded image for project: 'AeroGear'
  1. AeroGear
  2. AEROGEAR-7866

Server drops security when schema is reloaded

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • None
    • None
    • None
    • Service Team 2 - Sprint 12
    • Hide

      1. Start server with Keycloak enabled
      2. Call to /graphql endpoint invokes Keycloak login
      3. Do schema update (using for example data-sync-ui)

      Expected: Call to `/graphql` endpoint invokes Keycloak login (when not logged in)
      Actual: It shows `/graphql` UI and allow run queries without authentication

      Show
      1. Start server with Keycloak enabled 2. Call to /graphql endpoint invokes Keycloak login 3. Do schema update (using for example data-sync-ui) Expected: Call to `/graphql` endpoint invokes Keycloak login (when not logged in) Actual: It shows `/graphql` UI and allow run queries without authentication

    Description

      Server was dropping security when schema was reloaded.

      What

      Some parameters are not passed in server/server.js in newApolloServer() and newExpressApp() while schema is being reloaded.

      How

      Pass the missing parameters.

      Attachments

        Activity

          People

            vsazel Vojtěch Sázel (Inactive)
            vsazel Vojtěch Sázel (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: