Changelog
Server - Support for mapping session variables to default JWT claims
Some auth providers do not let users add custom claims in JWT. In such cases, the server can take a JWT configuration option called claims_map to specify a mapping of Hasura session variables to values in existing claims via JSONPath or literal values.
Example:-
Consider the following JWT claim:
{
"sub": "1234567890",
"name": "John Doe",
"admin": true,
"iat": 1516239022,
"user": {
"id": "ujdh739kd",
"appRoles": ["user", "editor"]
}
}
The corresponding JWT config can be:
{
"type":"RS512",
"key": "<The public Key>",
"claims_map": {
"x-hasura-allowed-roles": {"path":"$.user.appRoles"},
"x-hasura-default-role": {"path":"$.user.appRoles[0]","default":"user"},
"x-hasura-user-id": {"path":"$.user.id"}
}
}
You can also use this technique to avoid writing any custom code for adding Hasura claims in your JWT token.
Metadata Types SDK
The types and documentation comments for Metadata V2 have been converted into JSON/YAML Schema, and used to autogenerate type definitions for popular languages.
This enables users to build type-safe tooling in the language of their choice around Metadata interactions and automations.
Additionally, the JSON/YAML Schemas can be used to provide IntelliSense and autocomplete + documentation when interacting with Metadata YAML/JSON files.
For a more comprehensive overview, please see the readme located here
Sample Code
import { TableEntry } from "../generated/HasuraMetadataV2"
const newTable: TableEntry = {
table: { schema: "public", name: "user" },
select_permissions: [
{
role: "user",
permission: {
limit: 100,
allow_aggregations: false,
columns: ["id", "name", "etc"],
computed_fields: ["my_computed_field"],
filter: {
id: { _eq: "X-Hasura-User-ID" },
},
},
},
],
}IntelliSense Example
Bug fixes and improvements
- server: allow remote relationships joining
typecolumn with[type]input argument as spec allows this coercion (fixes #5133) - server: add action-like URL templating (i.e.
{{WEBHOOK_ENV_VAR}}) for event triggers and remote schemas (fixes #2483) - server: change
created_atcolumn type fromtimestamptotimestamptzfor scheduled triggers tables (fix #5722) - server: allow configuring timeouts for actions (fixes #4966)
- server: fix bug which arised when renaming a table which had a manual relationship defined (close #4158)
- server: limit the length of event trigger names (close #5786)
NOTE: If you have event triggers with names greater than 42 chars, then you should update their names to avoid running into Postgres identifier limit bug (#5786) - server: enable HASURA_GRAPHQL_PG_CONN_LIFETIME by default to reclaim memory
- server: fix issue with tracking custom functions that return
SETOFmaterialized view (close #5294) (#5945) - server: allow remote relationships with union, interface and enum type fields as well (fixes #5875) (#6080)
- server: Fix fine-grained incremental cache invalidation (fix #3759) (#6027)
This issue could cause enum table values to sometimes not be properly reloaded without restartinggraphql-engine. Now areload_metadataAPI call (or clicking “Reload enum values” in the console) should consistently force a reload of all enum table values. - server: fix event trigger cleanup on deletion via replace_metadata (fix #5461) (#6137)
WARNING: This can cause significant load on PG on startup if you were affected by this bug. Delay in starting up is expected. - cli: fix bug in metadata apply which made the server aquire some redundant and unnecessary locks (close #6115)
- cli: fix cli-migrations-v2 image failing to run as a non root user (close #4651, close #5333)
- cli: fix issue with cli binary on latest Mac (Big Sur) (fix #5462)
Using this release
Use the following docker image:
hasura/graphql-engine:v1.3.3