Replies: 11 comments
-
@vetm73 Can you provide the code you are trying to parse into a schema? It look like you are not returning a value from a function, so Kotlin defaults to returning |
Beta Was this translation helpful? Give feedback.
-
Hi Shane, It is my Mutation:
|
Beta Was this translation helpful? Give feedback.
-
It is working without the annotation |
Beta Was this translation helpful? Give feedback.
-
I think your problem might be due to a proxy created by aspect (didn't get a chance to verify it). How are you creating your schema? i.e. when you create |
Beta Was this translation helpful? Give feedback.
-
Another thing to consider is that you probably want to expose this functionality through GraphQL directives, i.e. I'd assume you don't want to expose those queries/mutations to users if they don't have the proper role (vs throwing some unauthorized exception at runtime)) |
Beta Was this translation helpful? Give feedback.
-
I had the same error when working with spring, used AopUtils.getTargetClass in TopLevelObject: |
Beta Was this translation helpful? Give feedback.
-
Here is an example of auth directives from the grahpql-java docs https://www.graphql-java.com/documentation/v11/sdl-directives/ I am going to close the issue. If you need more help we can continue the discussion still |
Beta Was this translation helpful? Give feedback.
-
@dkuc84 I solved the problem with directives. Tnx |
Beta Was this translation helpful? Give feedback.
-
Hi!, I am not sure if it is the best place to ask this question but I am a little bit lost and it seems that you could help me, thank you in advance. I am using your server to implement an API and I want to authorize the queries and mutations I see that its better if I expose them in a directive based way and I am going to try it that way. Just out of curiosity, is there any filter in your implementation that removes the Authenticated user from the reactive security context, I am doing something like this: my query:
and my service
And the user I get when checking the authorities is always the default anonymous one. Thank you again for your great job! |
Beta Was this translation helpful? Give feedback.
-
Hi!, Could you please elaborate a bit on how you solved the problem I am facing the same issue and don't really know how to do it. Thx! |
Beta Was this translation helpful? Give feedback.
-
Hi All. See schema-first Kotlin Spring Boot GraphQL Server with Spring Security authentication and authorization example here: |
Beta Was this translation helpful? Give feedback.
-
Hi,
I would like to use spring security to 'protect' some of my mutations. When using the @PreAuthorize("hasRole('ROLE_USER')") annotation I get the message:
Do I need to configure something or am I doing something wrong? The @RolesAllowed("ROLE_ADMIN") annotation compiles but is not working and I found some examples that tell me to use PreAuthorize.
Kind regards,
Mike
Beta Was this translation helpful? Give feedback.
All reactions