insomnia icon indicating copy to clipboard operation
insomnia copied to clipboard

Published 20 hours ago verified publisher icon Kong

GraphQL schema documentation doesn't load if an OAuth2 access token tag is used.

Open smacktoid opened this issue 3 years ago • 10 comments

Describe the bug If a GraphQL request is configured to use OAuth 2 authentication via an OAuth 2 token tag, then Insomnia will always fail to load the schema documentation.

It doesn't matter if the token has been refreshed and is valid, the schema documentation loading request will always fail. An error message appears below the request body which reads "Failed to fetch schema: No OAuth 2.0 tokens found for request".

It appears to be caused specifically by the tag that is set on the request header. If I manually paste the token value into the Authorization header, then the schema documentation will start to load successfully.

It's also worth noting that the GraphQL request itself does work when the OAuth 2.0 token tag is used. It's just the schema documentation fetching that seems to be affected.

To Reproduce Steps to reproduce the behavior:

  1. Create a GraphQL request against an OAuth 2.0 protected GraphQL API
  2. Configure OAuth2 authentication for the request. Make sure that a token has been successfully loaded.
  3. Set the Authorization header of the request to use the "Request -> OAuth 2.0 Token - access token" tag
  4. Make the GraphQL request and confirm that it works correctly.
  5. Go back to the GraphQL body tab. Click schema -> refresh schema
  6. Observe the error appears at the bottom of the tab
  7. Go to the Headers tab and remove the OAuth2 token tag. Paste in the access token manually.
  8. Go back and refresh the schema documentation again.
  9. This time the schema will load correctly.

Expected behavior Schema documentation should load if the request is configured with a valid access token. It should fail to load if that token is invalid for some reason.

Screenshots Error message : image

Authorization header config: image

Desktop (please complete the following information):

  • OS: Ubuntu
  • Installation Method: snap
  • App Version 2020.5.2

smacktoid avatar Jan 20 '21 12:01 smacktoid

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar May 27 '21 21:05 stale[bot]

This is still an issue, as far as I know. It should stay open

smacktoid avatar May 27 '21 21:05 smacktoid

It is still an issue today as well.

zachbugay avatar Feb 28 '22 21:02 zachbugay

Marking this one as a candidate for the insomnia-stream.

There have been quite a few of these reported, always around the same theme "loading GraphQL schema behind some form of authentication" - and we should look at it more deeply.

filfreire avatar Jun 23 '22 13:06 filfreire

On the stream today, we were able to debug this as far as we're aware, and it seems to work (now). Not sure if something changed recently to cause this to start working.

Note then below screenshots the url is an oidc protected graphql endpoint: http://127.0.0.1:4010/oidc/graphql:

Screenshot_20220809_110921

Screenshot_20220809_110941

@smacktoid: Any chance you can give it another look and let us know?

dimitropoulos avatar Aug 09 '22 15:08 dimitropoulos

Yeah I certainly can.

smacktoid avatar Aug 09 '22 15:08 smacktoid

side note to @filfreire: it was much easier than I had expect to protect the graphql endpoint with oidc with our test server. We might want to take a look at this in the future: https://github.com/Kong/insomnia/pull/5063

dimitropoulos avatar Aug 09 '22 15:08 dimitropoulos

also of note: more info here: https://github.com/Kong/insomnia/issues/2807

dimitropoulos avatar Aug 09 '22 15:08 dimitropoulos

It still seems to be a problem for me, testing against 2022.5.0 of Insomnia.

When the OAuth tab has been populated and a token has been fetched I see an error that the schema could not be loaded. The error is as it was before, "Failed to fetch schema: No OAuth 2.0 access token found for request".

As I mentioned before, the issue appears to go away when the Authorization header is populated without using the OAuth 2 token tag i.e. entering the token directly

In my team, we worked around this by setting up a standalone request in the collection called "Get OIDC token", which does the POST to get the access token. All of the other requests in the collection then use the response from that to set the Authorization token. The schema loads fine with this workaround, we just have to ensure to run the "Get OIDC token" request before any of the GraphQL operations.

image

image

smacktoid avatar Aug 09 '22 15:08 smacktoid

Showing the schema documentation loading with the workaround described in my previous comment.

image

smacktoid avatar Aug 09 '22 15:08 smacktoid

Note that this problem occurs for me when simply using "Bearer Token" in the Authentication tab ("Auth" dropdown).

If I configure my GraphQL queries to use Bearer Token with an environment variable for the token, the schema is not retrieved and I get a red box at the bottom of the query: "Request failed with status code 401"

image

The workaround is similar to smacktoid's above...

If I add a header "Authorization" with value "Bearer " where is the same environment variable, it works correctly ("schema fetched just now").

image

Version: Insomnia 2022.7.0 Build date: 12/16/2022 OS: Darwin arm64 22.2.0 Electron: 22.0.0 Node: 16.17.1 V8: 10.8.168.20-electron.0 Architecture: arm64

nedmules-sked avatar Jan 28 '23 21:01 nedmules-sked

The problem is fixed when running the latest code from source:

Version: Insomnia 2023.1.0-beta.0 Build date: 1/29/2023 OS: Darwin arm64 22.2.0 Electron: 22.0.0 Node: 16.17.1 V8: 10.8.168.20-electron.0 Architecture: arm64

nedmules-sked avatar Jan 29 '23 02:01 nedmules-sked