首页 文章

使用AWS Amplify登录时,将JWT添加到所有GraphQL / AppSynce请求

提问于
浏览
1

我有一个使用IAM身份验证的AppSync应用程序(连接到Cognito用户和身份池) . 使用IAM身份验证时,$ event.context.identity是一个Cognito Identity Pool对象,它没有用户的信息(没有用户名,子,电子邮件等)

我相信每当我发出graphQL请求时,我都需要将UserPoolID JWT(通过Amplify在客户端提供)传递给AppSync . 但是我还没弄清楚如何将JWT添加到(可能是) Headers 中 .
-------------编辑-------------- AppSyncClient是客户端(基于apollo构建) . App.js看起来像

import React from 'react';
import { BrowserRouter as Router, Route, Link } from 'react-router-dom';
import appSyncConfig from "./AppSync";
import { ApolloProvider } from "react-apollo";
import AWSAppSyncClient from "aws-appsync";
import { Rehydrated } from "aws-appsync-react";
import { Auth } from 'aws-amplify'
import AWS from'aws-sdk';

import AllPosts from './Components/AllPosts';
// more routes

const Home = () => (
  <div > <AllPosts /> </div>
);

const App = () => (
  <div> <Router> <div> 
        <Route exact={true} path="/" component={Home} /> 
        //more routes
   </div> </Router> </div>
);

const client = new AWSAppSyncClient({
  url: appSyncConfig.graphqlEndpoint,
  region: appSyncConfig.region,  
  auth: {
    type: appSyncConfig.authenticationType,  //AWS_IAM
    apiKey: appSyncConfig.apiKey,  
    credentials: () => Auth.currentCredentials(),
});

const WithProvider = () => (
  <ApolloProvider client={client}>
    <Rehydrated>
      <App />
    </Rehydrated>
  </ApolloProvider>
);

export default WithProvider;
header authorization jwt aws-appsync aws-amplify

1 回答

  • 1

    假设您的GraphQL客户端是Apollo,关键是使用 setContext 作为 apollo-link-context 库中的authLink .

    例:

    import ApolloClient from 'apollo-client';
import { ApolloLink } from 'apollo-link';
import { setContext } from 'apollo-link-context';
import { HttpLink } from 'apollo-link-http';
import { InMemoryCache } from 'apollo-cache-inmemory';
import { withClientState } from 'apollo-link-state';
import { clientState } from './clientState';
import { Auth } from 'aws-amplify';

const cache = new InMemoryCache();

//TODO:  need to cache token
const authLink = setContext((request) => new Promise( (resolve, reject) => {
  Auth.currentSession()
  .then(session => {
    const token = session.idToken.jwtToken;
    resolve({
      headers: { Authorization: token }
    });
  })
}));

const stateLink = withClientState({ ...clientState, cache });

const client = new ApolloClient({
  cache,
  link: ApolloLink.from([
    authLink,
    stateLink, //near end but before HttpLink
    new HttpLink({uri: process.env.REACT_APP_GRAPHQL_ENDPOINT })
  ])
});

export default client;

    (代码:https://github.com/aws/aws-amplify/issues/434#issuecomment-372349010

    回复于

相关问题