public async Task InvokeAsync(IMiddlewareContext context)
{
var queryAuthorizationService = context.Service <IServiceProvider>().GetService <IQueryAuthorizationService>();
if (queryAuthorizationService != null)
{
var authorizationResult = await queryAuthorizationService.IsAllowedAsync(queryType);
if (authorizationResult != AuthorizationResult.Allowed)
{
var eb = ErrorBuilder.New()
.SetMessage(authorizationResult == AuthorizationResult.Unauthorized ? "Unauthorized" : "Forbidden")
.SetCode("AuthorizationResult")
.SetExtension("StatusCode", authorizationResult == AuthorizationResult.Unauthorized ? "401" : "403")
.SetPath(context.Path)
.AddLocation(context.Selection.SyntaxNode);
context.Result = eb.Build();
return;
}
}
await _next.Invoke(context);
}
public async Task InvokeAsync(IMiddlewareContext context)
{
var queryArgument = context.ArgumentValue <object>("params");
if (queryArgument != null)
{
var service = context.Service <IGraphQLValidationService>();
var result = await service.ValidateObjectAsync(queryArgument, context.RequestAborted);
if (!result.IsValid)
{
var eb = ErrorBuilder.New()
.SetMessage("There are some validations errors")
.SetCode("ValidationError")
.SetPath(context.Path)
.AddLocation(context.Selection.SyntaxNode);
foreach (var error in result.Errors)
{
eb.SetExtension(error.Field, error.Errors);
}
context.Result = eb.Build();
return;
}
}
await _next.Invoke(context);
}
public async Task InvokeAsync(IMiddlewareContext context)
{
DelegateDirective delegateDirective = context.Field
.Directives[DirectiveNames.Delegate]
.FirstOrDefault()?.ToObject <DelegateDirective>();
if (delegateDirective != null)
{
IImmutableStack <SelectionPathComponent> path =
delegateDirective.Path is null
? ImmutableStack <SelectionPathComponent> .Empty
: SelectionPathParser.Parse(delegateDirective.Path);
IReadOnlyQueryRequest request =
CreateQuery(context, delegateDirective.Schema, path);
IReadOnlyQueryResult result = await ExecuteQueryAsync(
context, request, delegateDirective.Schema)
.ConfigureAwait(false);
UpdateContextData(context, result, delegateDirective);
context.Result = new SerializedData(
ExtractData(result.Data, path.Count()));
ReportErrors(context, result.Errors);
}
await _next.Invoke(context).ConfigureAwait(false);
}
public ValueTask InvokeAsync(IMiddlewareContext context)
{
if (context.Result is SerializedData s)
{
context.Result = s.Data is IReadOnlyDictionary <string, object> d
? d
: DictionaryDeserializer.DeserializeResult(
context.Selection.Type,
s.Data,
context.Service <InputParser>(),
context.Path);
}
else if (context.Result is null &&
!context.Selection.Field.Directives.Contains(DirectiveNames.Computed) &&
context.Parent <object>() is IReadOnlyDictionary <string, object> dict)
{
string responseName = context.Selection.SyntaxNode.Alias == null
? context.Selection.SyntaxNode.Name.Value
: context.Selection.SyntaxNode.Alias.Value;
dict.TryGetValue(responseName, out var obj);
context.Result = DictionaryDeserializer.DeserializeResult(
context.Selection.Type,
obj,
context.Service <InputParser>(),
context.Path);
}
return(_next.Invoke(context));
}
public async Task InvokeAsync(IMiddlewareContext context)
{
var fieldName = context.Field.Name;
var objectType = context.ObjectType.Name;
var contextAccessor = context.Service <IHttpContextAccessor>();
if (!contextAccessor.HttpContext.User.Identity.IsAuthenticated)
{
context.Result = ErrorBuilder.New()
.SetMessage("Forbidden")
.SetCode("503")
.SetPath(context.Path)
.AddLocation(context.FieldSelection)
.Build();
return;
}
if (fieldName.Value == "PostalCode" && objectType.Value == "Restaurant")
{
context.Result = ErrorBuilder.New()
.SetMessage("Forbidden")
.SetCode("503")
.SetPath(context.Path)
.AddLocation(context.FieldSelection)
.Build();
return;
}
await _next.Invoke(context);
}
public async Task InvokeAsync(IMiddlewareContext context)
{
await _next.Invoke(context);
if (context.Result is string s)
{
context.Result = s.ToUpperInvariant();
}
}
public async Task InvokeAsync(IMiddlewareContext context)
{
var queryArgument = context.ArgumentValue <object>("params");
if (queryArgument == null)
{
context.Result = ErrorBuilder.New()
.SetMessage("mutation argument is required")
.SetCode("400")
.SetPath(context.Path)
.AddLocation(context.Selection.SyntaxNode)
.Build();
return;
}
await _next.Invoke(context);
}
public async Task InvokeAsync(IMiddlewareContext context)
{
DelegateDirective?delegateDirective = context.Field
.Directives[DirectiveNames.Delegate]
.FirstOrDefault()?.ToObject <DelegateDirective>();
if (delegateDirective != null)
{
IImmutableStack <SelectionPathComponent> path;
IImmutableStack <SelectionPathComponent> reversePath;
if (delegateDirective.Path is null)
{
path = ImmutableStack <SelectionPathComponent> .Empty;
reversePath = ImmutableStack <SelectionPathComponent> .Empty;
}
else
{
path = SelectionPathParser.Parse(delegateDirective.Path);
reversePath = ImmutableStack.CreateRange(path);
}
IReadOnlyQueryRequest request =
CreateQuery(context, delegateDirective.Schema, path, reversePath);
IReadOnlyQueryResult result = await ExecuteQueryAsync(
context, request, delegateDirective.Schema)
.ConfigureAwait(false);
UpdateContextData(context, result, delegateDirective);
object?value = ExtractData(result.Data, reversePath, context.ResponseName);
context.Result = new SerializedData(value);
if (result.Errors is not null)
{
ReportErrors(delegateDirective.Schema, context, result.Errors);
}
}
await _next.Invoke(context).ConfigureAwait(false);
}
public ValueTask InvokeAsync(IMiddlewareContext context)
{
if (context.Result is SerializedData s)
{
context.Result = s.Data is IDictionary <string, object> d
? d
: DictionaryDeserializer.DeserializeResult(context.Field.Type, s.Data);
}
else if (context.Result is null &&
!context.Field.Directives.Contains(DirectiveNames.Computed) &&
context.Parent <object>() is IDictionary <string, object> dict)
{
string responseName = context.FieldSelection.Alias == null
? context.FieldSelection.Name.Value
: context.FieldSelection.Alias.Value;
dict.TryGetValue(responseName, out object?obj);
context.Result = DictionaryDeserializer.DeserializeResult(context.Field.Type, obj);
}
return(_next.Invoke(context));
}
public Task Run(IMiddlewareContext context, FieldDelegate next)
{
var rootCtx = new FieldValidationContext(context.Field.Name);
foreach (var inputField in context.Field.Arguments)
{
var directives = GetValidationDirectives(inputField.Directives);
var value = context.Argument <object>(inputField.Name);
var ctx = new FieldValidationContext(inputField.Name);
HandleInput(value, inputField.Type, directives, ctx);
rootCtx.AddErrored(ctx);
}
if (rootCtx.HasErrors())
{
var errorsProperty = new ErrorProperty("FieldValidationError", rootCtx);
var error = new QueryError("Invalid input data", errorsProperty);
throw new QueryException(error);
}
return(next.Invoke(context));
}
public virtual void EachField(FieldDelegate fieldDelegate)
{
foreach (Class @class in classHierarchy)
{
foreach (FieldInfo field in @class.ClassType.GetFields(bindingFlag))
{
fieldDelegate.Invoke(field);
}
}
}
