Support GraphQL websocket authentication via connection_init message

[milgner]

While one can currently set HTTP headers for authentication, some GraphQL servers expect authentication information for subscriptions to be part of the connection_init message.

Conceptually I think that this is correct, too: the websocket logic should be able to stand on its own and not be tied to the surrounding HTTP transport.

It would be great if Insomnia would support adding authentication information to connection_init instead of HTTP headers, too.

Similar discussion at Postman: postmanlabs/postman-app-support#13278 - from the comment I gather that Altair does support this feature, I haven't tried it yet, though.

[poojithap11]

Hi,

I have successfully reproduced this issue using a minimal Node.js server with graphql-ws.

The Issue: When setting a Bearer Token in Insomnia's Auth tab, the token is correctly attached to the initial HTTP Upgrade GET headers. However, the subsequent WebSocket connection_init message is sent with an empty or null payload.

As a workaround - Implement a fallback in the onConnect hook to check the HTTP Upgrade headers manually (ctx.extra.request.headers).

I'll raise a internal ticket to add support connection_init payload (Connection Params) for GraphQL Subscriptions

Thank you.