diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index efbad74..6afa90f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,7 +30,7 @@ jobs: - ubuntu-latest - windows-latest graphqlversion: - - 5.0.0-preview-362 + - 5.0.0-preview-411 steps: - name: Checkout source uses: actions/checkout@v2 diff --git a/src/GraphQL.Authorization.ApiTests/GraphQL.Authorization.approved.txt b/src/GraphQL.Authorization.ApiTests/GraphQL.Authorization.approved.txt index 86cd603..34e2392 100644 --- a/src/GraphQL.Authorization.ApiTests/GraphQL.Authorization.approved.txt +++ b/src/GraphQL.Authorization.ApiTests/GraphQL.Authorization.approved.txt @@ -10,15 +10,15 @@ namespace GraphQL.Authorization public AuthorizationContext() { } public System.Collections.Generic.IEnumerable Errors { get; } public bool HasErrors { get; } - public System.Collections.Generic.IReadOnlyDictionary? Inputs { get; set; } public System.Security.Claims.ClaimsPrincipal? User { get; set; } public System.Collections.Generic.IDictionary? UserContext { get; set; } + public GraphQL.Inputs? Variables { get; set; } public void ReportError(string error) { } } public class AuthorizationEvaluator : GraphQL.Authorization.IAuthorizationEvaluator { public AuthorizationEvaluator(GraphQL.Authorization.AuthorizationSettings settings) { } - public System.Threading.Tasks.Task Evaluate(System.Security.Claims.ClaimsPrincipal? principal, System.Collections.Generic.IDictionary? userContext, System.Collections.Generic.IReadOnlyDictionary? inputs, System.Collections.Generic.IEnumerable? requiredPolicies) { } + public System.Threading.Tasks.Task Evaluate(System.Security.Claims.ClaimsPrincipal? principal, System.Collections.Generic.IDictionary? userContext, GraphQL.Inputs? variables, System.Collections.Generic.IEnumerable? requiredPolicies) { } } public class AuthorizationPolicy : GraphQL.Authorization.IAuthorizationPolicy { @@ -70,12 +70,12 @@ namespace GraphQL.Authorization } public static class GraphQLBuilderExtensions { - public static void AddAuthorization(this GraphQL.DI.IGraphQLBuilder builder, System.Action configure) { } - public static void AddAuthorization(this GraphQL.DI.IGraphQLBuilder builder, System.Action configure) { } + public static GraphQL.DI.IGraphQLBuilder AddAuthorization(this GraphQL.DI.IGraphQLBuilder builder, System.Action configure) { } + public static GraphQL.DI.IGraphQLBuilder AddAuthorization(this GraphQL.DI.IGraphQLBuilder builder, System.Action configure) { } } public interface IAuthorizationEvaluator { - System.Threading.Tasks.Task Evaluate(System.Security.Claims.ClaimsPrincipal? principal, System.Collections.Generic.IDictionary? userContext, System.Collections.Generic.IReadOnlyDictionary? inputs, System.Collections.Generic.IEnumerable? requiredPolicies); + System.Threading.Tasks.Task Evaluate(System.Security.Claims.ClaimsPrincipal? principal, System.Collections.Generic.IDictionary? userContext, GraphQL.Inputs? variables, System.Collections.Generic.IEnumerable? requiredPolicies); } public interface IAuthorizationPolicy { diff --git a/src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs b/src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs index fd42d04..45592ce 100644 --- a/src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs +++ b/src/GraphQL.Authorization.Tests/AuthorizationValidationRuleTests.cs @@ -20,9 +20,9 @@ public void class_policy_success() config.Query = @"query { post }"; config.Schema = BasicSchema(); config.User = CreatePrincipal(claims: new Dictionary - { - { "Admin", "true" } - }); + { + { "Admin", "true" } + }); }); } @@ -77,9 +77,9 @@ public void nested_type_policy_success() config.Query = @"query { post }"; config.Schema = NestedSchema(); config.User = CreatePrincipal(claims: new Dictionary - { - { "Admin", "true" } - }); + { + { "Admin", "true" } + }); }); } @@ -174,9 +174,9 @@ public void passes_with_claim_on_input_type() config.Query = @"query { author(input: { name: ""Quinn"" }) }"; config.Schema = TypedSchema(); config.User = CreatePrincipal(claims: new Dictionary - { - { "Admin", "true" } - }); + { + { "Admin", "true" } + }); }); } @@ -233,17 +233,17 @@ public void passes_with_claim_on_variable_type() { config.Query = @"query Author($input: AuthorInputType!) { author(input: $input) }"; config.Schema = TypedSchema(); - config.Inputs = new Inputs(new Dictionary() + config.Variables = new Inputs(new Dictionary() { { - "input", - new Dictionary{ { "name","Quinn" } } + "input", + new Dictionary{ { "name","Quinn" } } } }); config.User = CreatePrincipal(claims: new Dictionary - { - { "Admin", "true" } - }); + { + { "Admin", "true" } + }); }); } @@ -263,7 +263,7 @@ public void passes_with_claim_on_variable_type_without_inputs_but_fails_later_ei }; config.Query = @"query Author($input: AuthorInputType!) { author(input: $input) }"; config.Schema = TypedSchema(); - config.Inputs = null; + config.Variables = null; config.User = CreatePrincipal(claims: new Dictionary { { "Admin", "true" } @@ -280,11 +280,11 @@ public void fails_on_missing_claim_on_variable_type() { config.Query = @"query Author($input: AuthorInputType!) { author(input: $input) }"; config.Schema = TypedSchema(); - config.Inputs = new Inputs(new Dictionary() + config.Variables = new Inputs(new Dictionary() { { - "input", - new Dictionary{ { "name","Quinn" } } + "input", + new Dictionary{ { "name","Quinn" } } } }); }); diff --git a/src/GraphQL.Authorization.Tests/ValidationTestBase.cs b/src/GraphQL.Authorization.Tests/ValidationTestBase.cs index ef7e93d..0432cde 100644 --- a/src/GraphQL.Authorization.Tests/ValidationTestBase.cs +++ b/src/GraphQL.Authorization.Tests/ValidationTestBase.cs @@ -63,7 +63,7 @@ private static IValidationResult Validate(ValidationTestConfig config) var documentBuilder = new GraphQLDocumentBuilder(); var document = documentBuilder.Build(config.Query); var validator = new DocumentValidator(); - return validator.ValidateAsync(config.Schema, document, document.Operations.First().Variables, config.Rules, userContext, config.Inputs, config.OperationName).GetAwaiter().GetResult().validationResult; + return validator.ValidateAsync(config.Schema, document, document.Operations.First().Variables, config.Rules, userContext, config.Variables, config.OperationName).GetAwaiter().GetResult().validationResult; } internal static ClaimsPrincipal CreatePrincipal(string? authenticationType = null, IDictionary? claims = null) diff --git a/src/GraphQL.Authorization.Tests/ValidationTestConfig.cs b/src/GraphQL.Authorization.Tests/ValidationTestConfig.cs index 9f0d7e3..d7c610c 100644 --- a/src/GraphQL.Authorization.Tests/ValidationTestConfig.cs +++ b/src/GraphQL.Authorization.Tests/ValidationTestConfig.cs @@ -18,7 +18,7 @@ public class ValidationTestConfig public ClaimsPrincipal? User { get; set; } - public Inputs? Inputs { get; set; } + public Inputs? Variables { get; set; } public Action ValidateResult = _ => { }; } diff --git a/src/GraphQL.Authorization/AuthorizationContext.cs b/src/GraphQL.Authorization/AuthorizationContext.cs index 13bd7b4..f2f50db 100644 --- a/src/GraphQL.Authorization/AuthorizationContext.cs +++ b/src/GraphQL.Authorization/AuthorizationContext.cs @@ -22,9 +22,9 @@ public class AuthorizationContext public IDictionary? UserContext { get; set; } /// - /// Represents a readonly dictionary of variable inputs to an executed document. + /// Represents a readonly dictionary of variables to an executed document. /// - public IReadOnlyDictionary? Inputs { get; set; } + public Inputs? Variables { get; set; } /// /// Returns a set of authorization errors. diff --git a/src/GraphQL.Authorization/AuthorizationEvaluator.cs b/src/GraphQL.Authorization/AuthorizationEvaluator.cs index 8536126..6f57b12 100644 --- a/src/GraphQL.Authorization/AuthorizationEvaluator.cs +++ b/src/GraphQL.Authorization/AuthorizationEvaluator.cs @@ -24,7 +24,7 @@ public AuthorizationEvaluator(AuthorizationSettings settings) public async Task Evaluate( ClaimsPrincipal? principal, IDictionary? userContext, - IReadOnlyDictionary? inputs, + Inputs? variables, IEnumerable? requiredPolicies) { if (requiredPolicies == null) @@ -34,7 +34,7 @@ public async Task Evaluate( { User = principal ?? new ClaimsPrincipal(new ClaimsIdentity()), UserContext = userContext, - Inputs = inputs + Variables = variables }; var tasks = new List(); diff --git a/src/GraphQL.Authorization/AuthorizationValidationRule.cs b/src/GraphQL.Authorization/AuthorizationValidationRule.cs index 99698df..e72bace 100644 --- a/src/GraphQL.Authorization/AuthorizationValidationRule.cs +++ b/src/GraphQL.Authorization/AuthorizationValidationRule.cs @@ -135,8 +135,8 @@ void Visit(INode node, int _) // If some supplied field does not exist in the variable type then some other // validation rule should check that but here we should just ignore that // "unknown" field. - if (context.Inputs != null && - context.Inputs.TryGetValue(variableRef.Name, out object input) && + if (context.Variables != null && + context.Variables.TryGetValue(variableRef.Name, out object? input) && input is Dictionary fieldsValues) { foreach (var field in variableType.Fields) @@ -163,7 +163,7 @@ private void CheckAuth( // TODO: async -> sync transition var result = _evaluator - .Evaluate(userContext?.User, context.UserContext, context.Inputs, provider.GetPolicies()) + .Evaluate(userContext?.User, context.UserContext, context.Variables, provider.GetPolicies()) .GetAwaiter() .GetResult(); diff --git a/src/GraphQL.Authorization/GraphQLBuilderExtensions.cs b/src/GraphQL.Authorization/GraphQLBuilderExtensions.cs index fb75850..72bd946 100644 --- a/src/GraphQL.Authorization/GraphQLBuilderExtensions.cs +++ b/src/GraphQL.Authorization/GraphQLBuilderExtensions.cs @@ -12,19 +12,21 @@ public static class GraphQLBuilderExtensions /// within and /// upon document execution. Configures authorization settings with the specified configuration delegate. /// - public static void AddAuthorization(this IGraphQLBuilder builder, Action configure) + public static IGraphQLBuilder AddAuthorization(this IGraphQLBuilder builder, Action configure) { - builder.TryRegister(ServiceLifetime.Singleton); + builder.Services.TryRegister(ServiceLifetime.Singleton); builder.AddValidationRule(true); - builder.Configure(configure); + builder.Services.Configure(configure); + return builder; } /// - public static void AddAuthorization(this IGraphQLBuilder builder, Action configure) + public static IGraphQLBuilder AddAuthorization(this IGraphQLBuilder builder, Action configure) { - builder.TryRegister(ServiceLifetime.Singleton); + builder.Services.TryRegister(ServiceLifetime.Singleton); builder.AddValidationRule(true); - builder.Configure(configure); + builder.Services.Configure(configure); + return builder; } } } diff --git a/src/GraphQL.Authorization/IAuthorizationEvaluator.cs b/src/GraphQL.Authorization/IAuthorizationEvaluator.cs index 17e98eb..2ec8961 100644 --- a/src/GraphQL.Authorization/IAuthorizationEvaluator.cs +++ b/src/GraphQL.Authorization/IAuthorizationEvaluator.cs @@ -14,13 +14,13 @@ public interface IAuthorizationEvaluator /// /// Represents the current user. /// Arbitrary user defined context represented as dictionary. - /// Represents a readonly dictionary of variable inputs to an executed document. + /// Represents a readonly dictionary of variables to an executed document. /// A set of policies names to authorize. /// Task Evaluate( ClaimsPrincipal? principal, IDictionary? userContext, - IReadOnlyDictionary? inputs, + Inputs? variables, IEnumerable? requiredPolicies); } }