Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
federation-with-subscriptions
Advanced tools
[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/sammysaglam/federation-with-subscriptions/blob/master/LICENSE) [![npm version](https://img.shields.io/npm/v/federation-with-subscriptions.svg?style=flat)](https://ww
This library introduces subscriptions to Apollo Federation (which is currently not supported by apollo-server). Under the hood, it is using graphql-tools to convert the federation into schema-stitching SDL.
This library currently only works with express servers.
yarn add federation-with-subscriptions
import {
createGateway,
createMicroservice,
} from "federation-with-subscriptions";
import { PubSub, withFilter } from "graphql-subscriptions";
const pubsub = new PubSub();
const usersMicroservice = () =>
createMicroservice({
label: "Users",
port: 4001,
typeDefs: `
type User {
id: ID!
name: String!
}
type Query {
users: [User!]!
}
`,
resolvers: {
Query: {
users: () => [{ id: "1", name: "Sammy" }],
},
},
});
const blogPostsMicroservice = () =>
createMicroservice({
label: "Blog Posts",
port: 4002,
context: ({ req }) => ({ headers: req.headers }),
subscriptionContext: (ctx, message, args, headers) => ({ headers }),
typeDefs: `
type BlogPost {
id: ID!
title: String!
}
extend type User @key(fields: "id") {
id: ID! @external
blogPosts: [BlogPost!]!
}
type Mutation {
updateBlogPost: BlogPost!
}
type Subscription {
blogPostUpdates: BlogPost!
}
`,
resolvers: {
User: {
blogPosts: () => [{ id: "44", title: "The Latest Post" }],
},
Mutation: {
updateBlogPost: () => {
const blogPost = {
id: String(Math.random()),
title: "A random post",
};
pubsub.publish("BLOG_POST_UPDATED", {
blogPostUpdates: blogPost,
});
return blogPost;
},
},
Subscription: {
blogPostUpdates: {
subscribe: withFilter(
() => pubsub.asyncIterator(["BLOG_POST_UPDATED"]),
(payload, variables, context) => {
console.log({
subscriptionContext: context,
});
return true;
},
),
},
},
},
});
const main = async () => {
const microservices = await Promise.all([
usersMicroservice(),
blogPostsMicroservice(),
]);
const { expressApp } = await createGateway({
microservices,
port: 4000,
// send some headers to subgraph microservices
buildHttpHeaders: ({ req }) => ({
"authorization": "Bearer secrettoken",
}),
buildSubscriptionHeaders: ({ connectionParams }) => ({
"authorization": "Bearer secrettoken",
}),
});
};
main();
If you run the above in a Node.js environment, you can visit http://localhost:4000/graphql which will open the Apollo Studio.
Important: when testing using Apollo Studio, ensure that you switch the subscriptions implementation to graphql-ws:
{
users {
id
name
blogPosts {
id
title
}
}
}
subscription {
blogPostUpdates {
id
title
}
}
mutation {
updateBlogPost {
id
title
}
}
Please checkout this repo and run yarn install
& yarn start
for a slightly more complex example including a full frontend integration.
federation-with-subscriptions is MIT licensed.
FAQs
> **NOTE: This project is deprecated as Federation now supports subscriptions without the need for any wrappers https://www.apollographql.com/blog/announcement/backend/federated-subscriptions-in-graphos-real-time-data-at-scale/.**
We found that federation-with-subscriptions demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
Security News
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.