private static async Task <GraphQlParameters> GetParametersAsync(HttpRequest request) { // http://graphql.org/learn/serving-over-http/#http-methods-headers-and-body string body = null; if (request.Method == "POST") { // Read request body using (var sr = new StreamReader(request.Body)) { body = await sr.ReadToEndAsync(); } } MediaTypeHeaderValue.TryParse(request.ContentType, out MediaTypeHeaderValue contentType); GraphQlParameters parameters; switch (contentType.MediaType) { case "application/json": // Parse request as json parameters = JsonConvert.DeserializeObject <GraphQlParameters>(body); break; case "application/graphql": // The whole body is the query parameters = new GraphQlParameters { Query = body }; break; default: // Don't parse anything parameters = new GraphQlParameters(); break; } string query = request.Query["query"]; // Query string "query" overrides a query in the body parameters.Query = query ?? parameters.Query; return(parameters); }
public async Task Invoke(HttpContext httpContext) { var logger = httpContext.RequestServices.GetService <ILogger <GraphQlMiddleware> >(); HttpRequest request = httpContext.Request; HttpResponse response = httpContext.Response; // GraphQL HTTP only supports GET and POST methods. if (request.Method != "GET" && request.Method != "POST") { response.Headers.Add("Allow", "GET, POST"); response.StatusCode = 405; return; } // Check authorization if (_options.AuthorizationPolicy != null) { var authorizationService = httpContext.RequestServices.GetRequiredService <IAuthorizationService>(); var authzResult = await authorizationService.AuthorizeAsync(httpContext.User, _options.AuthorizationPolicy); if (!authzResult.Succeeded) { await httpContext.ForbidAsync(); return; } } GraphQlParameters parameters = await GetParametersAsync(request); ISchema schema = _schemaProvider.Create(httpContext.RequestServices); var executer = new DocumentExecuter(); var result = await executer.ExecuteAsync(options => { options.Schema = schema; options.Query = parameters.Query; options.OperationName = parameters.OperationName; options.Inputs = parameters.GetInputs(); options.CancellationToken = httpContext.RequestAborted; options.ComplexityConfiguration = _options.ComplexityConfiguration; options.UserContext = httpContext; options.ExposeExceptions = _options.ExposeExceptions; }); if (result.Errors?.Count > 0) { logger.LogError("GraphQL Result {Errors}", result.Errors); } var writer = new DocumentWriter(indent: _options.FormatOutput); var json = writer.Write(result); response.StatusCode = 200; response.ContentType = "application/json; charset=utf-8"; await response.WriteAsync(json); }