Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor Generic Auth plugin #2281

Merged
merged 14 commits into from
Aug 26, 2024
Merged

Refactor Generic Auth plugin #2281

merged 14 commits into from
Aug 26, 2024

Conversation

ardatan
Copy link
Collaborator

@ardatan ardatan commented Aug 6, 2024
edited
Loading

Refactor Generic Auth plugin;

  • [BREAKING] - Now @auth directive is renamed to @authenticated. If you want to keep the old name you can configure the plugin to use the old name.
useGenericAuth({
  // ...
  authDirectiveName: 'auth',
});
  • [BREAKING] - Now directiveOrExtensionFieldName is renamed to authDirectiveName.
useGenericAuth({
  // ...
- directiveOrExtensionFieldName: 'auth',
+ authDirectiveName: 'auth',
});
  • Now auth directives support OBJECT and INTERFACE locations;
directive @authenticated on OBJECT | INTERFACE

type User @authenticated {
    id: ID!
    name: String!
}
  • validateUser function does not receive fieldAuthDirectiveNode and fieldAuthExtension anymore. Instead, it takes fieldAuthArgs which is an object that contains the arguments of the auth directive or extension. So you don't need to parse the arguments manually anymore.
const validateUser: ValidateUserFn = params => {
  if (!params.fieldAuthArgs.roles.includes('admin')) {
    return createUnauthorizedError(params);
  }
};

  • validateUser's objectType parameter is now renamed to parentType. And it takes the original composite type instead of the GraphQLObjectType instance. Now it can be GraphQLInterfaceType as well.

  • validateUser's current parameters are now;

export type ValidateUserFnParams<UserType> = {
  /** The user object. */
  user: UserType;
  /** The field node from the operation that is being validated. */
  fieldNode: FieldNode;
  /** The parent type which has the field that is being validated. */
  parentType: GraphQLObjectType | GraphQLInterfaceType;
  /** The auth directive arguments for the type */
  typeAuthArgs?: Record<string, any>;
  /** The directives for the type */
  typeDirectives?: ReturnType<typeof getDirectiveExtensions>;
  /** Scopes that type requires */
  typeScopes?: string[][];
  /** Policies that type requires */
  typePolicies?: string[][];
  /** The object field */
  field: GraphQLField<any, any>;
  /** The auth directive arguments for the field */
  fieldAuthArgs?: Record<string, any>;
  /** The directives for the field */
  fieldDirectives?: ReturnType<typeof getDirectiveExtensions>;
  /** Scopes that field requires */
  fieldScopes?: string[][];
  /** Policies that field requires */
  fieldPolicies?: string[][];
  /** Extracted scopes from the user object */
  userScopes: string[];
  /** Policies for the user */
  userPolicies: string[];
  /** The args passed to the execution function (including operation context and variables) **/
  executionArgs: ExecutionArgs;
  /** Resolve path */
  path: ReadonlyArray<string | number>;
};
  • New directives for role-based auth are added @requiresScopes and @policy for more granular control over the auth logic.
directive @requiresScopes(scopes: [String!]!) on OBJECT | INTERFACE | FIELD_DEFINITION

directive @policy(policy: String!) on OBJECT | INTERFACE | FIELD_DEFINITION

Check README for more information.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Aug 6, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 5895172

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
@envelop/generic-auth Major
@envelop/extended-validation Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 6, 2024
edited
Loading

💻 Website Preview

The latest changes are available as preview in: https://a4016de4.envelop.pages.dev

@ardatan ardatan marked this pull request as ready for review August 6, 2024 11:49
@theguild-bot
Copy link
Collaborator

theguild-bot commented Aug 6, 2024
edited
Loading

✅ Benchmark Results

     ✓ no_errors
     ✓ expected_result

     checks.............................................: 100.00% ✓ 739216      ✗ 0     
     ✓ { mode:envelop-cache-and-no-internal-tracing }...: 100.00% ✓ 160410      ✗ 0     
     ✓ { mode:envelop-cache-jit }.......................: 100.00% ✓ 320262      ✗ 0     
     ✓ { mode:envelop-just-cache }......................: 100.00% ✓ 159938      ✗ 0     
     ✓ { mode:graphql-js }..............................: 100.00% ✓ 98606       ✗ 0     
     data_received......................................: 2.8 GB  24 MB/s
     data_sent..........................................: 161 MB  1.3 MB/s
     envelop_init.......................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     envelop_total......................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     event_loop_lag.....................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-and-no-internal-tracing }...: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     graphql_context....................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     graphql_execute....................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     graphql_parse......................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     graphql_validate...................................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-cache-jit }.......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:envelop-just-cache }......................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     ✓ { mode:graphql-js }..............................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     http_req_blocked...................................: avg=1.98µs  min=772ns    med=1.84µs  max=3.82ms   p(90)=2.45µs  p(95)=2.78µs 
     http_req_connecting................................: avg=16ns    min=0s       med=0s      max=838.73µs p(90)=0s      p(95)=0s     
     http_req_duration..................................: avg=2.96ms  min=170.32µs med=2.81ms  max=45.39ms  p(90)=5.45ms  p(95)=6.26ms 
       { expected_response:true }.......................: avg=2.96ms  min=170.32µs med=2.81ms  max=45.39ms  p(90)=5.45ms  p(95)=6.26ms 
     ✓ { mode:envelop-cache-and-no-internal-tracing }...: avg=3.46ms  min=428.01µs med=3.05ms  max=27.42ms  p(90)=5.86ms  p(95)=6.32ms 
     ✓ { mode:envelop-cache-jit }.......................: avg=1.57ms  min=170.32µs med=1.24ms  max=17.4ms   p(90)=2.55ms  p(95)=2.76ms 
     ✓ { mode:envelop-just-cache }......................: avg=3.47ms  min=476.63µs med=3.02ms  max=23.77ms  p(90)=5.86ms  p(95)=6.32ms 
     ✓ { mode:graphql-js }..............................: avg=5.8ms   min=804.39µs med=4.91ms  max=45.39ms  p(90)=9.72ms  p(95)=10.57ms
     http_req_failed....................................: 0.00%   ✓ 0           ✗ 369608
     http_req_receiving.................................: avg=35.31µs min=12.5µs   med=31.3µs  max=12.31ms  p(90)=47.22µs p(95)=51.87µs
     http_req_sending...................................: avg=13.25µs min=4.82µs   med=10.96µs max=14.17ms  p(90)=20.16µs p(95)=21.85µs
     http_req_tls_handshaking...........................: avg=0s      min=0s       med=0s      max=0s       p(90)=0s      p(95)=0s     
     http_req_waiting...................................: avg=2.91ms  min=140.39µs med=2.76ms  max=45.31ms  p(90)=5.4ms   p(95)=6.2ms  
     http_reqs..........................................: 369608  3080.023145/s
     iteration_duration.................................: avg=3.23ms  min=356.26µs med=3.06ms  max=46.16ms  p(90)=5.73ms  p(95)=6.55ms 
     iterations.........................................: 369608  3080.023145/s
     vus................................................: 10      min=10        max=10  
     vus_max............................................: 20      min=20        max=20

@ardatan ardatan marked this pull request as draft August 6, 2024 11:49
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 6, 2024
edited
Loading

🚀 Snapshot Release (alpha)

The latest changes of this PR are available as alpha on npm (based on the declared changesets):

Package Version Info
@envelop/extended-validation 4.1.0-alpha-20240812203512-43551114 npm ↗︎ unpkg ↗︎
@envelop/generic-auth 8.0.0-alpha-20240812203512-43551114 npm ↗︎ unpkg ↗︎

@ardatan ardatan mentioned this pull request Aug 9, 2024
Merged
4 tasks
@ardatan ardatan force-pushed the generic-auth-rework branch 2 times, most recently from fea7a5c to 4355111 Compare August 12, 2024 20:34
@ardatan ardatan marked this pull request as ready for review August 13, 2024 00:00
@ardatan ardatan merged commit 70d4d7a into main Aug 26, 2024
2 of 17 checks passed
@theguild-bot theguild-bot mentioned this pull request Aug 26, 2024
Merged
@dimaMachina dimaMachina deleted the generic-auth-rework branch August 26, 2024 11:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dotansimha dotansimha Awaiting requested review from dotansimha

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ardatan @theguild-bot