public async Task SingleRequest_Mutation_ByDefault_NotAllowed_OnGet()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetAsync(new ClientQueryRequest
{
Query = @"
mutation CreateReviewForEpisode(
$ep: Episode!
$review: ReviewInput!) {
createReview(episode: $ep, review: $review) {
stars
commentary
}
}",
Variables = new Dictionary <string, object>
{
{ "ep", "EMPIRE" },
{
"review",
new Dictionary <string, object>
{
{ "stars", 5 },
{ "commentary", "This is a great movie!" },
}
}
}
});
// assert
result.MatchSnapshot();
}
public async Task SingleRequest_Execute_Specific_Operation(
string operationName)
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetAsync(new ClientQueryRequest
{
Query = @"
query a {
a: hero {
name
}
}
query b {
b: hero {
name
}
}",
OperationName = operationName
});
// assert
result.MatchSnapshot(new SnapshotNameExtension(operationName));
}
public async Task SingleRequest_CreateReviewForEpisode_Variables_Unused()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetAsync(new ClientQueryRequest
{
Query = @"
mutation CreateReviewForEpisode(
$ep: Episode!
$stars: Int!
$commentary: String!
$foo: Float) {
createReview(episode: $ep, review: {
stars: $stars
commentary: $commentary
} ) {
stars
commentary
}
}",
Variables = new Dictionary <string, object>
{
{ "ep", "EMPIRE" },
{ "stars", 5 },
{ "commentary", "This is a great movie!" }
}
});
// assert
result.MatchSnapshot();
}
public async Task SingleRequest_Decimal_Min_Variable()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetAsync(new ClientQueryRequest
{
Query = @"
query ($d: Decimal) {
decimal_arg(d: $d)
}",
Variables = new Dictionary <string, object> {
{ "d", decimal.MinValue }
}
},
"/arguments");
// assert
new
{
decimal.MinValue,
result
}.MatchSnapshot();
}
public async Task Get_Middleware_Is_Disabled()
{
// arrange
TestServer server = CreateStarWarsServer(
configureConventions: e => e.WithOptions(
new GraphQLServerOptions
{
EnableGetRequests = false
}));
// act
ClientQueryResult result =
await server.GetAsync(new ClientQueryRequest
{
Query = @"
{
hero {
name
}
}"
});
// assert
result.MatchSnapshot();
}
public async Task Roles_Authorized(Action <IRequestExecutorBuilder> configure)
{
// arrange
TestServer server = CreateTestServer(
builder =>
{
configure(builder);
},
context =>
{
var identity = new ClaimsIdentity("testauth");
identity.AddClaim(new Claim(
ClaimTypes.Role,
"a"));
context.User = new ClaimsPrincipal(identity);
});
// act
ClientQueryResult result =
await server.PostAsync(new ClientQueryRequest { Query = "{ roles }" });
// assert
Assert.Equal(HttpStatusCode.OK, result.StatusCode);
result.MatchSnapshot();
}
public static async Task <ClientQueryResult> PostAsync(
this TestServer testServer,
ClientQueryRequest request,
string path = "/graphql",
bool enableApolloTracing = false,
bool includeQueryPlan = false)
{
HttpResponseMessage response =
await SendPostRequestAsync(
testServer,
JsonConvert.SerializeObject(request),
path,
enableApolloTracing,
includeQueryPlan);
if (response.StatusCode == HttpStatusCode.NotFound)
{
return(new ClientQueryResult {
StatusCode = HttpStatusCode.NotFound
});
}
var json = await response.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert.DeserializeObject <ClientQueryResult>(json);
result.StatusCode = response.StatusCode;
result.ContentType = response.Content.Headers.ContentType !.ToString();
return(result);
}
public async Task Roles_UserHasDifferentRoles_NotAuthorized()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddGraphQL(CreateExecutor());
},
context =>
{
var identity = new ClaimsIdentity("testauth");
identity.AddClaim(new Claim(
ClaimTypes.Role,
"b"));
context.User.AddIdentity(identity);
});
var request = "{ roles }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.NotNull(result.Errors);
result.MatchSnapshot();
}
public async Task DefaultPolicy_NotFound(Action <IRequestExecutorBuilder> configure)
{
// arrange
TestServer server = CreateTestServer(
builder =>
{
configure(builder);
builder.Services.AddAuthorization(options =>
{
options.DefaultPolicy = null;
});
},
context =>
{
context.User = new ClaimsPrincipal(
new ClaimsIdentity("testauth"));
});
// act
ClientQueryResult result =
await server.PostAsync(new ClientQueryRequest { Query = "{ default }" });
// assert
Assert.Equal(HttpStatusCode.OK, result.StatusCode);
result.MatchSnapshot();
}
public static async Task <ClientQueryResult> PostMultipartAsync(
this TestServer testServer,
MultipartFormDataContent content,
string path = "/graphql")
{
HttpResponseMessage response =
await SendMultipartRequestAsync(
testServer,
content,
path);
if (response.StatusCode == HttpStatusCode.NotFound)
{
return(new ClientQueryResult {
StatusCode = HttpStatusCode.NotFound
});
}
var json = await response.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert.DeserializeObject <ClientQueryResult>(json);
result.StatusCode = response.StatusCode;
result.ContentType = response.Content.Headers.ContentType.ToString();
return(result);
}
public async Task Policy_Resources_Is_IResolverContext(Action <IRequestExecutorBuilder> configure)
{
// arrange
TestServer server = CreateTestServer(
builder =>
{
configure(builder);
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("HasAgeDefined", policy =>
policy.RequireAssertion(context =>
context.Resource is IResolverContext));
});
},
context =>
{
context.User = new ClaimsPrincipal(
new ClaimsIdentity("testauth"));
});
// act
ClientQueryResult result =
await server.PostAsync(new ClientQueryRequest { Query = "{ age }" });
// assert
Assert.Equal(HttpStatusCode.OK, result.StatusCode);
result.MatchSnapshot();
}
public async Task Policy_Authorized(Action <IRequestExecutorBuilder> configure)
{
// arrange
TestServer server = CreateTestServer(
builder =>
{
configure(builder);
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("HasAgeDefined", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.DateOfBirth)));
});
},
context =>
{
var identity = new ClaimsIdentity("testauth");
identity.AddClaim(new Claim(
ClaimTypes.DateOfBirth,
"2013-05-30"));
context.User = new ClaimsPrincipal(identity);
});
// act
ClientQueryResult result =
await server.PostAsync(new ClientQueryRequest { Query = "{ age }" });
// assert
Assert.Equal(HttpStatusCode.OK, result.StatusCode);
result.MatchSnapshot();
}
public async Task Get_ActivePersistedQuery_AddQuery_Unformatted()
{
// arrange
TestServer server = CreateStarWarsServer();
var query = "{__typename}";
var hashProvider = new MD5DocumentHashProvider();
var hash = hashProvider.ComputeHash(Encoding.UTF8.GetBytes(query));
// act
ClientQueryResult resultA =
await server.GetStoreActivePersistedQueryAsync(
query,
"md5Hash",
hash);
ClientQueryResult resultB =
await server.GetActivePersistedQueryAsync("md5Hash", hash);
// assert
new[] {
resultA,
resultB
}.MatchSnapshot();
}
public async Task Get_ActivePersistedQuery_AddQuery()
{
// arrange
TestServer server = CreateStarWarsServer();
DocumentNode document = Utf8GraphQLParser.Parse("{ __typename }");
var hashProvider = new MD5DocumentHashProvider();
var hash = hashProvider.ComputeHash(
Encoding.UTF8.GetBytes(document.ToString(false)));
// act
ClientQueryResult resultA =
await server.GetStoreActivePersistedQueryAsync(
document.ToString(false),
"md5Hash",
hash);
ClientQueryResult resultB =
await server.GetActivePersistedQueryAsync("md5Hash", hash);
// assert
new[] {
resultA,
resultB
}.MatchSnapshot();
}
public async Task NoAuthServices_Autheticated_True()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddGraphQL(CreateExecutor());
},
context =>
{
context.User = new ClaimsPrincipal(
new ClaimsIdentity("testauth"));
});
var request = "{ default }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.Null(result.Errors);
result.MatchSnapshot();
}
public async Task Upload_File_Inline_InputObject()
{
// arrange
TestServer server = CreateStarWarsServer();
var query = @"
query ($upload: Upload!) {
objectUpload(input: { file: $upload })
}";
var request = JsonConvert.SerializeObject(
new ClientQueryRequest
{
Query = query,
Variables = new Dictionary <string, object>
{
{ "upload", null }
}
});
// act
var form = new MultipartFormDataContent
{
{ new StringContent(request), "operations" },
{ new StringContent("{ \"1\": [\"variables.upload\"] }"), "map" },
{ new StringContent("abc"), "1", "foo.bar" },
};
ClientQueryResult result = await server.PostMultipartAsync(form, path : "/upload");
// assert
result.MatchSnapshot();
}
public async Task Roles_UserHasNoRoles_NotAuthorized()
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddGraphQL(CreateExecutor());
},
context =>
{
// no user
});
var request = "{ roles }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.NotNull(result.Errors);
result.Snapshot();
}
public async Task Ensure_Middleware_Mapping()
{
// arrange
TestServer server = CreateStarWarsServer("/foo");
// act
ClientQueryResult result = await server.PostAsync(string.Empty);
// assert
result.MatchSnapshot();
}
public async Task BatchRequest_Empty(string request, int id)
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result = await server.PostAsync(request);
// assert
result.MatchSnapshot(new SnapshotNameExtension(id.ToString()));
}
public async Task EmptyRequest()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result = await server.PostAsync(string.Empty);
// assert
result.MatchSnapshot();
}
public async Task SingleRequest_Incomplete()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result = await server.PostAsync("{ \"query\": ");
// assert
result.MatchSnapshot();
}
public async Task Get_ActivePersistedQuery()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetActivePersistedQueryAsync("md5Hash", "60ddx/GGk4FDObSa6eK0sg==");
// assert
result.MatchSnapshot();
}
public async Task Simple_IsAlive_Test()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result = await server.PostAsync(
new ClientQueryRequest { Query = "{ __typename }" });
// assert
result.MatchSnapshot();
}
public async Task MapGraphQLHttp_Simple_IsAlive_Test()
{
// arrange
TestServer server = CreateServer(endpoint => endpoint.MapGraphQLHttp());
// act
ClientQueryResult result = await server.PostAsync(
new ClientQueryRequest { Query = "{ __typename }" });
// assert
result.MatchSnapshot();
}
public async Task Get_ActivePersistedQuery_NotFound()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result =
await server.GetActivePersistedQueryAsync("md5Hash", "abc");
// assert
result.MatchSnapshot();
}
public async Task PipedAuthorizeDirectives_Authorized(
ISchema schema)
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddAuthorization(options =>
{
options.AddPolicy("a", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.DateOfBirth)));
options.AddPolicy("b", policy =>
policy.RequireAssertion(context =>
context.User.HasClaim(c =>
c.Type == ClaimTypes.Country)));
});
services.AddGraphQL(schema);
},
context =>
{
var identity = new ClaimsIdentity("testAuth");
identity.AddClaim(new Claim(
ClaimTypes.DateOfBirth,
"2013-05-30"));
identity.AddClaim(new Claim(
ClaimTypes.Country,
"US"));
context.User = new ClaimsPrincipal(identity);
});
var request = "{ piped }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.Null(result.Errors);
result.MatchSnapshot();
}
public async Task Include_Query_Plan()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
ClientQueryResult result = await server.PostAsync(
new ClientQueryRequest { Query = "{ __typename }" },
includeQueryPlan : true);
// assert
result.MatchSnapshot();
}
public async Task Simple_IsAlive_Test_On_Non_GraphQL_Path()
{
// arrange
TestServer server = CreateStarWarsServer("/foo");
// act
ClientQueryResult result = await server.GetAsync(
new ClientQueryRequest { Query = "{ __typename }" },
"/foo");
// assert
result.MatchSnapshot();
}
public async Task EmptyForm_Test()
{
// arrange
TestServer server = CreateStarWarsServer();
// act
var form = new MultipartFormDataContent();
ClientQueryResult result = await server.PostMultipartAsync(form);
// assert
result.MatchSnapshot();
}
public async Task Policy_Is_Executed_After_Resolver_User_Is_Denied(ISchema schema)
{
// arrange
TestServer server = CreateTestServer(
services =>
{
services.AddAuthorization(options =>
{
options.AddPolicy("a", policy =>
policy.RequireAssertion(context =>
{
if (context.Resource is IMiddlewareContext m &&
m.Result is string s &&
s == "bar")
{
return(true);
}
return(false);
}));
});
services.AddGraphQL(schema);
},
context =>
{
var identity = new ClaimsIdentity("testauth");
identity.AddClaim(new Claim(
ClaimTypes.DateOfBirth,
"2013-05-30"));
context.User.AddIdentity(identity);
});
var request = "{ afterResolver }";
var contentType = "application/graphql";
// act
HttpResponseMessage message =
await server.SendPostRequestAsync(request, contentType, null);
// assert
Assert.Equal(HttpStatusCode.OK, message.StatusCode);
var json = await message.Content.ReadAsStringAsync();
ClientQueryResult result = JsonConvert
.DeserializeObject <ClientQueryResult>(json);
Assert.NotNull(result.Errors);
result.MatchSnapshot();
}