public ValueTask InvokeAsync(IMiddlewareContext context) { if (context.Result is SerializedData s) { context.Result = s.Data is IReadOnlyDictionary <string, object> d ? d : DictionaryDeserializer.DeserializeResult( context.Selection.Type, s.Data, context.Service <InputParser>(), context.Path); } else if (context.Result is null && !context.Selection.Field.Directives.Contains(DirectiveNames.Computed) && context.Parent <object>() is IReadOnlyDictionary <string, object> dict) { string responseName = context.Selection.SyntaxNode.Alias == null ? context.Selection.SyntaxNode.Name.Value : context.Selection.SyntaxNode.Alias.Value; dict.TryGetValue(responseName, out var obj); context.Result = DictionaryDeserializer.DeserializeResult( context.Selection.Type, obj, context.Service <InputParser>(), context.Path); } return(_next.Invoke(context)); }
private static async Task <AuthorizeResult> AuthorizeWithPolicyAsync( IMiddlewareContext context, AuthorizeDirective directive, ClaimsPrincipal principal) { IServiceProvider services = context.Service <IServiceProvider>(); IAuthorizationService?authorizeService = services.GetService <IAuthorizationService>(); IAuthorizationPolicyProvider?policyProvider = services.GetService <IAuthorizationPolicyProvider>(); if (authorizeService == null || policyProvider == null) { // authorization service is not configured so the user is // authorized with the previous checks. return(string.IsNullOrWhiteSpace(directive.Policy) ? AuthorizeResult.Allowed : AuthorizeResult.NotAllowed); } AuthorizationPolicy?policy = null; if ((directive.Roles is null || directive.Roles.Count == 0) && string.IsNullOrWhiteSpace(directive.Policy)) { policy = await policyProvider.GetDefaultPolicyAsync() .ConfigureAwait(false); if (policy == null) { return(AuthorizeResult.NoDefaultPolicy); } }
public async Task InvokeAsync(IMiddlewareContext context) { var queryAuthorizationService = context.Service <IServiceProvider>().GetService <IQueryAuthorizationService>(); if (queryAuthorizationService != null) { var authorizationResult = await queryAuthorizationService.IsAllowedAsync(queryType); if (authorizationResult != AuthorizationResult.Allowed) { var eb = ErrorBuilder.New() .SetMessage(authorizationResult == AuthorizationResult.Unauthorized ? "Unauthorized" : "Forbidden") .SetCode("AuthorizationResult") .SetExtension("StatusCode", authorizationResult == AuthorizationResult.Unauthorized ? "401" : "403") .SetPath(context.Path) .AddLocation(context.Selection.SyntaxNode); context.Result = eb.Build(); return; } } await _next.Invoke(context); }
public async Task InvokeAsync(IMiddlewareContext context) { var queryArgument = context.ArgumentValue <object>("params"); if (queryArgument != null) { var service = context.Service <IGraphQLValidationService>(); var result = await service.ValidateObjectAsync(queryArgument, context.RequestAborted); if (!result.IsValid) { var eb = ErrorBuilder.New() .SetMessage("There are some validations errors") .SetCode("ValidationError") .SetPath(context.Path) .AddLocation(context.Selection.SyntaxNode); foreach (var error in result.Errors) { eb.SetExtension(error.Field, error.Errors); } context.Result = eb.Build(); return; } } await _next.Invoke(context); }
public async Task InvokeAsync(IMiddlewareContext context) { var fieldName = context.Field.Name; var objectType = context.ObjectType.Name; var contextAccessor = context.Service <IHttpContextAccessor>(); if (!contextAccessor.HttpContext.User.Identity.IsAuthenticated) { context.Result = ErrorBuilder.New() .SetMessage("Forbidden") .SetCode("503") .SetPath(context.Path) .AddLocation(context.FieldSelection) .Build(); return; } if (fieldName.Value == "PostalCode" && objectType.Value == "Restaurant") { context.Result = ErrorBuilder.New() .SetMessage("Forbidden") .SetCode("503") .SetPath(context.Path) .AddLocation(context.FieldSelection) .Build(); return; } await _next.Invoke(context); }
public async Task Invoke( IMiddlewareContext context) { if (context.Selection.SyntaxNode.Arguments.Any()) { var serviceProvider = context.Service <IServiceProvider>(); var errors = new List <(IInputField Argument, IList <ValidationFailure> Failures)>(); foreach (IInputField argument in context.Field.Arguments) { var validationOptions = new ArgumentValidationOptions <object>( argument, context.ArgumentValue <object>(argument.Name)); if (!validationOptions.AllowedToValidate()) { continue; } IValidator validator = validationOptions.GetValidator(serviceProvider); if (validator == null) { continue; } ValidationResult result = await validator.ValidateAsync( validationOptions.BuildValidationContext(), context.RequestAborted).ConfigureAwait(false); if (result.Errors.Any()) { errors.Add((argument, result.Errors)); } } if (errors.Any()) { var errorBuilder = ActivatorUtilities.CreateInstance( serviceProvider, _errorBuilderType) as IValidationErrorBuilder; foreach (var error in errors) { foreach (var failure in error.Failures) { context.ReportError( errorBuilder.BuildError( ErrorBuilder.New(), failure, error.Argument, context) .Build()); } } return; } } await _next(context).ConfigureAwait(false); }
public async Task Invoke( IMiddlewareContext context) { var factory = ActivatorUtilities.CreateInstance( context.Service <IServiceProvider>(), _factoryType) as ITransactionScopeFactory; using System.Transactions.TransactionScope scope = factory.CreateScope(context); await _next(context).ConfigureAwait(false); scope.Complete(); }
private static IReadOnlyQueryRequest CreateQuery( IMiddlewareContext context, NameString schemaName, IImmutableStack <SelectionPathComponent> path) { var fieldRewriter = new ExtractFieldQuerySyntaxRewriter( context.Schema, context.Service <IEnumerable <IQueryDelegationRewriter> >()); OperationType operationType = context.Schema.IsRootType(context.ObjectType) ? context.Operation.Operation : OperationType.Query; ExtractedField extractedField = fieldRewriter.ExtractField( schemaName, context.Document, context.Operation, context.FieldSelection, context.ObjectType); IEnumerable <VariableValue> scopedVariables = ResolveScopedVariables( context, schemaName, operationType, path); IReadOnlyCollection <VariableValue> variableValues = CreateVariableValues( context, scopedVariables, extractedField); DocumentNode query = RemoteQueryBuilder.New() .SetOperation(operationType) .SetSelectionPath(path) .SetRequestField(extractedField.Field) .AddVariables(CreateVariableDefs(variableValues)) .AddFragmentDefinitions(extractedField.Fragments) .Build(); var requestBuilder = QueryRequestBuilder.New(); AddVariables(context, schemaName, requestBuilder, query, variableValues); requestBuilder.SetQuery(query); requestBuilder.AddProperty( WellKnownProperties.IsAutoGenerated, true); return(requestBuilder.Create()); }
public async Task InvokeAsync(IMiddlewareContext context) { await _next(context).ConfigureAwait(false); IValueNode sortArg = context.ArgumentLiteral <IValueNode>(_contextData.ArgumentName); if (sortArg is NullValueNode) { return; } IQueryable <T>?source = null; if (context.Result is IQueryable <T> q) { source = q; } else if (context.Result is IEnumerable <T> e) { source = e.AsQueryable(); } if (source is not null && context.Field.Arguments[_contextData.ArgumentName].Type is InputObjectType iot && iot is ISortInputType { EntityType : not null } fit) { var visitorCtx = new QueryableSortVisitorContext( context.Service <InputParser>(), iot, fit.EntityType, source is EnumerableQuery); QueryableSortVisitor.Default.Visit(sortArg, visitorCtx); source = visitorCtx.Sort(source); context.Result = source; } }
public async Task InvokeAsync(IMiddlewareContext context) { await _next(context).ConfigureAwait(false); IValueNode filter = context.ArgumentLiteral <IValueNode>(_contextData.ArgumentName); if (filter is NullValueNode) { return; } IQueryable <T>?source = null; if (context.Result is IQueryable <T> q) { source = q; } else if (context.Result is IEnumerable <T> e) { source = e.AsQueryable(); } if (source is not null && context.Field.Arguments[_contextData.ArgumentName].Type is InputObjectType iot && iot is IFilterInputType fit) { var visitorContext = new QueryableFilterVisitorContext( iot, fit.EntityType, _converter, source is EnumerableQuery, context.Service <InputParser>()); QueryableFilterVisitor.Default.Visit(filter, visitorContext); source = source.Where(visitorContext.CreateFilter <T>()); context.Result = source; } }
public async Task InvokeAsync(IMiddlewareContext context) { await _next(context); IQueryable <TSource>?source = null; if (context.Result is IQueryable <TSource> q) { source = q; } else if (context.Result is IEnumerable <TSource> e) { source = e.AsQueryable(); } if (source is not null) { var mapper = context.Service <IMapper>(); context.Result = source.ProjectTo <TProjection>(mapper.ConfigurationProvider); } }
public async Task Invoke(IMiddlewareContext context) { if (context.FieldSelection.Arguments.Count == 0) { await _next(context); return; } var errors = context.FieldSelection.Arguments .Select(a => context.Argument <object>(a.Name.Value)) .SelectMany(ValidateObject); if (errors.Any()) { foreach (var error in errors) { context.ReportError(ErrorBuilder.New() .SetCode(error.ErrorCode) .SetMessage(error.ErrorMessage) .SetExtension("memberNames", error.PropertyName) .AddLocation(context.FieldSelection.Location.Line, context.FieldSelection.Location.Column) .SetPath(context.Path) .Build()); } context.Result = null; } else { await _next(context); } IEnumerable <ValidationFailure> ValidateObject(object argument) { try { var actualObjectType = argument.GetType(); var validatorGenericType = typeof(IValidator <>); var validatorType = validatorGenericType.MakeGenericType(actualObjectType); object validator = null; try { validator = context.Service(validatorType); } catch (InvalidOperationException) { // No service found return(Enumerable.Empty <ValidationFailure>()); } if (validator == null) { return(Enumerable.Empty <ValidationFailure>()); } var validateMethodInfo = validatorType.GetMethod(nameof(IValidator.Validate), new[] { actualObjectType }); var results = validateMethodInfo.Invoke(validator, new[] { argument }) as ValidationResult; return(results.Errors.AsEnumerable()); } catch (Exception ex) { throw new Exception($"Failed to validate with error '{ex.Message}'."); } } }