public static void AddGraphQl(this IApplicationBuilder app)
{
var openIdSettings = IocApi.Instance.Resolve <OpenIdSettings>();
var uriCombine = new Uri(openIdSettings.HostUrl.UriCombine("/graphql"));
var settings = new GraphQLHttpOptions
{
Path = uriCombine.PathAndQuery,
ExposeExceptions = true,
BuildUserContext = ctx =>
{
var userContext = new GraphQLUserContext
{
User = ctx.User
};
return(Task.FromResult(userContext));
}
};
var rules = app.ApplicationServices.GetServices <IValidationRule>();
rules.ForEach(x => settings.ValidationRules.Add(x));
app.UseGraphQLHttp <ISchema>(settings);
app.UseGraphQLPlayground(new GraphQLPlaygroundOptions()
{
GraphQLEndPoint = uriCombine.PathAndQuery
});
}
public Task RunInputQuery()
{
var field = new Query().GetField("inputQuery");
var userContext = new GraphQLUserContext();
userContext.AddValidatorCache(ValidatorCacheBuilder.Instance);
var input = new MyInput
{
Content = "TheContent"
};
var dictionary = input.AsDictionary();
var fieldContext = new ResolveFieldContext
{
Arguments = new Dictionary <string, object>
{
{
"input", dictionary
}
},
UserContext = userContext
};
var result = (Result)field.Resolver.Resolve(fieldContext);
return(Verify(result));
}
public void NotThrowOnInRole()
{
//Given
var claimsPrincipal = GetClaimPrincipalMockForRoles();
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
userContext.EnsureIsInRole("GrantedRole");
}
private static GraphQLUserContext CreateUserContext(HttpContext httpContext)
{
var userContext = new GraphQLUserContext
{
User = httpContext.User
};
userContext.Add("Example", "Can be accessed & used in AuthValidationRule");
return(userContext);
}
public void ReturnIdForEmptyUser()
{
//Given
var userContext = new GraphQLUserContext();
//When
var id = userContext.Id;
//Then
Assert.Null(id);
}
public void ReturnIsNotInRoleForEmptyUser()
{
//Given
var userContext = new GraphQLUserContext();
//When
var isInRole = userContext.IsInRole("AnyRole");
//Then
Assert.False(isInRole);
}
public void NotThrowOnNonNumericTenantId()
{
//Given
var userContext = new GraphQLUserContext();
//When
var id = userContext.TenantId;
//Then
Assert.Null(id);
}
public void ReturnIsNotInRoleForUser()
{
//Given
var claimsPrincipal = GetClaimPrincipalMockForRoles();
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
var isInRole = userContext.IsInRole("NotGrantedRole");
//Then
Assert.False(isInRole);
}
public async Task <IActionResult> Post([FromBody] GraphQLQuery query, [FromHeader] string Authorization)
{
if (query == null)
{
throw new ArgumentNullException(nameof(query));
}
var validUsername = AuhtenticationManager.ValidateToken(Authorization);
if (Authorization == null || validUsername == null)
{
return(Unauthorized());
}
var userContext = new GraphQLUserContext();
userContext.User = AuhtenticationManager.GetPrincipal(Authorization);
var complexityConfiguration = new ComplexityConfiguration {
// MaxDepth = 1,
MaxComplexity = 85,
FieldImpact = 5.0
};
var executionOptions = new ExecutionOptions {
Schema = _schema,
Query = query.Query,
OperationName = query.OperationName,
Inputs = query.Variables.ToInputs(),
ComplexityConfiguration = complexityConfiguration,
UserContext = userContext,
ValidationRules = _validationRules,
ExposeExceptions = true
};
try
{
var result = await _documentExecuter.ExecuteAsync(executionOptions).ConfigureAwait(false);
if (result.Errors?.Count > 0)
{
return(BadRequest(result));
}
return(Ok(result));
}
catch (Exception ex)
{
return(BadRequest(ex));
}
}
public void ReturnTenantIdForEmptyUser()
{
//Given
var claimsPrincipal = new Mock <ClaimsPrincipal>();
claimsPrincipal.Setup(x => x.Claims).Returns(new[] { new Claim("tenantid", "five") });
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
var id = userContext.TenantId;
//Then
Assert.Null(id);
}
public void ReturnTenantId()
{
//Given
var claimsPrincipal = new Mock <ClaimsPrincipal>();
claimsPrincipal.Setup(x => x.Claims).Returns(new[] { new Claim("tenantid", "5") });
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
var tenantId = userContext.TenantId;
//Then
Assert.Equal(5, tenantId);
}
public void ThrowOnNotInRole()
{
//Given
var claimsPrincipal = GetClaimPrincipalMockForRoles();
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//Then
var exception = Assert.Throws <ExecutionError>(() =>
{
//When
userContext.EnsureIsInRole("NotGrantedRole");
});
Assert.Equal("Unauthorized. You have to be a member of NotGrantedRole role.", exception.Message);
}
public void ReturnId()
{
//Given
var claimsPrincipal = new Mock <ClaimsPrincipal>();
claimsPrincipal.Setup(x => x.Claims).Returns(new[] { new Claim("sub", "testId") });
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
var id = userContext.Id;
//Then
Assert.Equal("testId", id);
}
public void NotThrowOnMissingTenantIdClaim()
{
//Given
var claimsPrincipal = new Mock <ClaimsPrincipal>();
claimsPrincipal.Setup(x => x.Claims).Returns(new[] { new Claim("notTenantI", "test value") });
var userContext = new GraphQLUserContext(claimsPrincipal.Object);
//When
var id = userContext.TenantId;
//Then
Assert.Null(id);
}
private static void CheckAuth(IProvideMetadata type,
GraphQLUserContext userContext,
ValidationContext context)
{
if (context.Errors.Any(error => error.Code.Equals(GraphQLErrors.AuthenticationRequired.KeyCode)) ||
type == null ||
!type.DoesRequireAuthentication())
{
return;
}
if (!(userContext?.User?.Identity != null && userContext.User.Identity.IsAuthenticated))
{
context.ReportError(new ValidationError(context.OriginalQuery,
GraphQLErrors.AuthenticationRequired.KeyCode, GraphQLErrors.AuthenticationRequired.Message));
}
}
public static void UseGraphQLWithAuth(this IApplicationBuilder app)
{
var settings = new GraphQLSettings
{
BuildUserContext = ctx =>
{
var userContext = new GraphQLUserContext
{
User = ctx.User
};
return userContext;
}
};
var rules = app.ApplicationServices.GetServices<IValidationRule>();
settings.ValidationRules.AddRange(rules);
app.UseMiddleware<GraphQLHttpMiddleware<ISchema>>(new PathString("/api/graphql/v1"), settings);
}
public static void UseGraphQLWithAuth <TSchema>(this IApplicationBuilder app) where TSchema : Schema
{
var settings = new GraphQLSettings
{
BuildUserContext = async ctx =>
{
var userContext = new GraphQLUserContext
{
User = ctx.User
};
return(await Task.FromResult(userContext).ConfigureAwait(false));
}
};
var rules = app.ApplicationServices.GetServices <IValidationRule>();
settings.ValidationRules.AddRange(rules);
app.UseGraphQL <TSchema>();
}
public static void UseGraphQLWithAuth(this IApplicationBuilder app)
{
var settings = new GraphQLSettings
{
BuildUserContext = async ctx =>
{
var userContext = new GraphQLUserContext
{
User = ctx.User
};
return(await Task.FromResult(userContext));
}
};
var rules = app.ApplicationServices.GetServices <IValidationRule>();
settings.ValidationRules.AddRange(rules);
app.UseMiddleware <PlaygroundMiddleware>(settings);
}
public async Task <IDictionary <string, object> > BuildUserContext(HttpContext httpContext)
{
var tenantId = httpContext.GetTenantId();
using var systemSession = await _ospService.SystemContext.StartSystemSessionAsync();
systemSession.StartTransaction();
var userContext = new GraphQLUserContext
{
User = httpContext.User
};
if (!string.IsNullOrWhiteSpace(tenantId) &&
await _ospService.SystemContext.IsTenantExistingAsync(systemSession, tenantId))
{
userContext.TenantContext = await _ospService.SystemContext.CreateOrGetTenantContext(tenantId);
}
await systemSession.CommitTransactionAsync();
return(userContext);
}
public Task RunInvalidInputQuery()
{
Thread.CurrentThread.CurrentUICulture = new CultureInfo("en-US");
var field = new Query().GetField("inputQuery");
var userContext = new GraphQLUserContext();
userContext.AddValidatorCache(ValidatorCacheBuilder.Instance);
var fieldContext = new ResolveFieldContext
{
Arguments = new Dictionary <string, object>
{
{
"input", new Dictionary <string, object>()
}
},
UserContext = userContext
};
var exception = Assert.Throws <ValidationException>(
() => field.Resolver.Resolve(fieldContext));
return(Verify(exception.Message));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMvc();
app.UseAuthentication();
app.UseAuthorization();
//app.UseGraphiQl();
var settings = new GraphQLSettings
{
BuildUserContext = ctx =>
{
var userContext = new GraphQLUserContext
{
User = ctx.User
};
return(Task.FromResult(userContext));
}
};
var rules = app.ApplicationServices.GetServices <IValidationRule>();
settings.ValidationRules.AddRange(rules);
app.UseMiddleware <GraphQLMiddleware>(settings);
app.UseGraphQLPlayground(new GraphQLPlaygroundOptions
{
Path = "/ui/playground"
});
}
public async Task <IActionResult> PostGraphQL([FromBody] GraphQLQuery graphQuery)
{
if (graphQuery == null)
{
return(BadRequest("No Query"));
}
var inputs = graphQuery.Variables.ToInputs();
if (inputs.ContainsKey("participantId"))
{
var user = await _userManager.GetUserAsync(User);
var participant = await _db.Participants
.FirstOrDefaultAsync(p => p.IdentityUser.Id == user.Id);
if (participant == null)
{
return(BadRequest("Not a valid participant"));
}
inputs["participantId"] = participant.ParticipantId.ToString();
}
if (inputs.ContainsKey("teamId"))
{
var user = await _userManager.GetUserAsync(User);
var participant = await _db.Participants
.FirstOrDefaultAsync(p => p.IdentityUser.Id == user.Id);
if (participant == null)
{
return(BadRequest("Not a valid participant"));
}
inputs["teamId"] = participant.TeamId.ToString();
}
var context = _httpContextAccessor.HttpContext;
var graphQlUserContext = new GraphQLUserContext
{
User = context.User
};
var result = await new DocumentExecuter().ExecuteAsync(_ =>
{
_.Schema = _schema;
_.Query = graphQuery.Query;
_.OperationName = graphQuery.OperationName;
_.Inputs = inputs;
_.UserContext = graphQlUserContext;
_.ValidationRules = DocumentValidator.CoreRules().Concat(new IValidationRule[]
{
new AuthorizationValidationRule(_authorizationEvaluator)
});
}).ConfigureAwait(false);
if (result.Errors?.Count > 0)
{
var msg = "";
foreach (var err in result.Errors)
{
msg = msg + " " + err.Message;
}
return(BadRequest(result.Errors.Select(e => e.Message)));
}
return(Ok(result.Data));
}
