I provided a GraphQL interface with Smallrye Graphql in Quarkus with a query and a subscription:
import org.eclipse.microprofile.graphql.GraphQLApi;
import org.eclipse.microprofile.graphql.Query;
import io.quarkus.security.Authenticated;
import io.smallrye.graphql.api.Subscription;
...
@GraphQLApi
@Authenticated
public class MyGraphQL {
@Query(getInformation)
public List<MyInformation> getMyInformation(int id) { ... }
@Subscription(informationStream)
public Multi<MyInformation> getMyInformationStream() { ... }
}
If I try to run the application and call the query using the integrated graphql-ui of Quarkus everyting works quite well if I add the Authorization Header
Query
query getInformation {
getInformation(id: 1) {
....
}
Header
{
"Authorization": "Bearer <token>"
}
Now I try to do the same with the subscription: Subscription
subscription informationStream {
informationStream() {
...
}
}
And I also added the same Header:
{
"Authorization": "Bearer <token>"
}
Unfortunately for the subscription I get an error message:
{
"errors": [
{
"message": "System error",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"informationStream"
],
"extensions": {
"code": "unauthorized"
}
}
]
}
How can I authenticate correctly using against this subscription?
It turned out that the problem is not in the authorization of the GraphQL-Backend but rather in GraphQL-UI. If you connect with a regular client (like https://github.com/graphql-python/gql/blob/master/docs/code_examples/websockets_async.py) authentication works as expected.
Issue in the SmallRye GraphQL-UI is tracked at https://github.com/smallrye/smallrye-graphql/issues/2255