I am aware that GraphDB itself provides several ways of authentication. Let's say I lock access to the GraphDB server and let only users with credentials access it. Let's say I create an authorized user with username and password.
I am using Node.js and in particular graphdb.js to establish an insecure connection. But how do I add the authentication between the communication from node server and graphdb server ? The documentation says:
If the library is going to be used against a secured server, then all API calls must be authenticated by sending an http authorization header with a token which is obtained after a call to rest/login/user_name with a password provided as a specific header. In case the server requires that requests should be authenticated, then in the ServerClientConfig and RepositoryClientConfig must be configured the username and password which to be used for the authentication. If those are provided, then the client assumes that authentication is mandatory and the login with the provided credentials is performed automatically before the first API call. After a successful login, user details which are received and the auth token are stored in the AuthenticationService. From that moment on, with every API call is sent also an authorization header with the token as value. If the token expires, then the first API call will be rejected with an http error with status 401. The client handles this automatically by re-login the user with the same credentials, updates the stored token and retries the API call. This behavior is the default and can be changed if the ServerClientConfig or RepositoryClientConfig are configured with keepAlive=false.
So what are the coding steps with sample code that need to be followed. I have not seen an example somewhere doing so. Can someone help please ?
Apart from what @Konstantin Petrov said, I'd mention also that native authentication with graphdbjs is a feature which is still work in progress. You can follow the PR There will be added examples as well. Until then, one can workaround this by issuing a login request and use the authorization token returned with the response to create a RDFRepositoryClient instance configured with the authorization header and the token. An example for this is given below.
const {RepositoryClientConfig, RDFRepositoryClient} = require('graphdb').repository;
const {RDFMimeType} = require('graphdb').http;
const {SparqlJsonResultParser} = require('graphdb').parser;
const {GetQueryPayload, QueryType} = require('graphdb').query;
const axios = require('axios');
axios.post('http://localhost:7200/rest/login/admin', null, {
headers: {
'X-GraphDB-Password': 'root'
}
}).then(function(token) {
const readTimeout = 30000;
const writeTimeout = 30000;
const repositoryClientConfig = new RepositoryClientConfig(['http://localhost:7200/repositories/testrepo'], {
'authorization': token.headers.authorization
}, '', readTimeout, writeTimeout);
const repositoryClient = new RDFRepositoryClient(repositoryClientConfig);
repositoryClient.registerParser(new SparqlJsonResultParser());
const payload = new GetQueryPayload()
.setQuery('select * where {?s ?p ?o}')
.setQueryType(QueryType.SELECT)
.setResponseType(RDFMimeType.SPARQL_RESULTS_JSON)
.setLimit(100);
return repositoryClient.query(payload);
})
.then(function(stream) {
// here is the query response stream
})
.catch(function(error) {
console.log('error', error);
});