Strawberry Shake graphql init - use ssl certificate

Question

I am just starting out using Strawberry Shake to generate a client for a GraphQL API.

I have run through the Getting Started, but the API I am connecting to requires SSL Cert authentication.

I can successfully connect to the API using Postman and curl but cannot find anything in the documentation for Strawberry Shake to specify cert / passphrase in the graphql init command

Is this possible?

score -1 · Answer 1 · answered Mar 02 '22 at 09:07

-1

Not 100% certain that this is the right way to do it, but the following worked for me

services.AddHttpClient<MyStrawberryShakeClient>(c =>
                {

                }).ConfigurePrimaryHttpMessageHandler(() =>
                {
                    return new HttpClientHandler
                    {
                        ClientCertificateOptions = ClientCertificateOption.Manual,
                        ServerCertificateCustomValidationCallback = (httpRequestMessage, cert, certChain, policyErrors) => true
                    };
                });
                services.AddMyStrawberryShakeClient()
                    .ConfigureHttpClient(client =>
                    {
                        ...
                    });

As far as I'm aware, this isn't secure however, as it just ignores certificate validation entirely

answered Mar 02 '22 at 09:07

Brickscrap

11
6

I'm not sure how this would work for me as I need to add my client certificate to the connection as its the server I am connecting too that will be validating it – Shevek Mar 02 '22 at 14:20
You would add your validation method to ServerCertificateValidationCallback – Brickscrap Mar 03 '22 at 15:51
As I said, I am not validating the server cert. The server is validating my client cert. The code you have posted allows a client to ignore a bad server certificate (i.e. out of date) – Shevek Mar 14 '22 at 13:18
Ah I see, I misunderstood, apologies – Brickscrap Mar 15 '22 at 18:08
also, my question is specifically about the init command which generates the schema classes, there is no code in use at all at this point :) – Shevek Mar 16 '22 at 06:45
@Shevek Have you found the fix for this? I'm getting a 422 error at this step and I suppose it's due to similar reasons. – Hugo May 11 '23 at 15:57
@Hugo nope, unfortunately not. We gave up using Strawberry Shake in the end – Shevek May 11 '23 at 21:44

Strawberry Shake graphql init - use ssl certificate

1 Answers1