Graphql error after upgrade to RW 7

I am getting the following error after upgrading to RW 7.x (tried 7.1.3 and latest RC):

{
“level”: 50,
“time”: 1710989863419,
“pid”: 8,
“hostname”: “xxxxxxxx”,
“name”: “graphql-server”,
“msg”: “Error building context. Error: Exception in getAuthenticationContext: The Authorization header is not valid.”
}
{
“level”: 50,
“time”: 1710989863419,
“pid”: 8,
“hostname”: “xxxxxxx”,
“err”: {
“type”: “Error”,
“message”: “Exception in getAuthenticationContext: The Authorization header is not valid.”,
“stack”: “Error: Exception in getAuthenticationContext: The Authorization header is not valid.\n at onContextBuilding (/var/task/node_modules/@redwoodjs/graphql-server/dist/plugins/useRedwoodAuthContext.js:37:15)\n at async Object.contextFactory (/var/task/node_modules/@envelop/core/cjs/orchestrator.js:206:45)\n at async processRequest (/var/task/node_modules/graphql-yoga/cjs/process-request.js:46:26)\n at async YogaServer.getResultForParams (/var/task/node_modules/graphql-yoga/cjs/server.js:269:26)\n at async handle (/var/task/node_modules/graphql-yoga/cjs/server.js:324:25)\n at async handlerFn (/var/task/node_modules/@redwoodjs/graphql-server/dist/functions/graphql.js:86:24)\n at async execFn (/var/task/node_modules/@redwoodjs/graphql-server/dist/functions/graphql.js:125:16)”
},
“msg”: “Exception in getAuthenticationContext: The Authorization header is not valid.”
}

We use a custom auth through a separate auth function. Have confirmed that that is working correclty and the output from that function is exactly the same between 6.6.4 and 7.x.

Works perfectly in dev. Downgrading to 6.6.4 (but keeping node 20 etc) fixes the issue. How do I go about even debugging this?

I should add - I have confirmed that the right headers are being pushed through to the graphql route. Authorization and auth-provider are set up correctly (no difference between 6.6.4 and 7.x instances).

We have the same issue as well.

It looks like only ‘authorization’ (no capital A) works as a part of this change - feat(dbAuth): Refactor dbAuthHandler to support WebAPI Request events… · redwoodjs/redwood@765f585 · GitHub

I was able to test hitting the API with the bearer token passed into lowercase ‘authorization’ request header and it worked.

The Redwood team is aware of the issue currently and should be making a patch available soon.

Hi @nivivive and @jwwisgerhof - thanks for reporting and apologies for the lateness of this fix but we have a PR approved and merged that will correct this behavior:

We’ll work to get a patch out soon and will update here.

Cheers.

1 Like