graphql-introspection-filtering
Advanced tools
Filter graphql schema introspection result to hide restricted fields and types
Filter graphql schema introspection result to hide restricted fields and types.
It allows using extended SchemaDirectiveVisitors or filter functions to decide which
schema nodes will be returned with introspection result
NOTE: For successful introspection all dependent types must be returned. If any of dependent types is missing it won't be possible to rebuild graph on client side i.e. graphql playground is unable to build an interactive documentation.
NOTE:
Querytype definition is required
NOTE: Object types must contain at least one visible field
Tested with GraphQL 14.0.0 - 15.5.0 - ...
npm install --save graphql-introspection-filtering
or
yarn add graphql-introspection-filtering
You need to create your executable schema with makeExecutableSchema provided by graphql-introspection-filtering
import makeExecutableSchema from 'graphql-introspection-filtering';
const schema = makeExecutableSchema(schemaConfig[, builder]);
schemaConfig - schema configuration like for original makeExecutableSchemabuilder - builder function (default: original makeExecutableSchema)There are working examples available in tests/integration/__mocks__.
Minimal schema and auth introspection visitor
enum Role @auth(requires: ADMIN) {
ADMIN
REVIEWER
USER
UNKNOWN
}
directive @auth(
requires: Role = ADMIN,
) on OBJECT | FIELD_DEFINITION | ENUM
type Book @auth(requires: ADMIN) {
title: String
author: String
}
type Query {
me: User
books: [Book] @auth(requires: ADMIN)
}
class AuthenticationDirective extends SchemaDirectiveVisitor implements IntrospectionDirectiveVisitor {
async validate(result: any) {
if (!roles.includes(this.args.requires || 'ADMIN')) {
return null;
}
return result;
}
visitIntrospectionArgument<TSource, TContext, TArgs>(
result: GraphQLArgument,
info: GraphQLResolveInfo
): Promise<GraphQLArgument | null> | GraphQLArgument | null {
return this.validate(result);
}
visitIntrospectionDirective<TSource, TContext, TArgs>(
result: GraphQLDirective,
info: GraphQLResolveInfo
): Promise<GraphQLDirective | null> | GraphQLDirective | null {
console.log(result);
return this.validate(result);
}
visitIntrospectionEnum<TSource, TContext, TArgs>(
result: GraphQLEnumType,
info: GraphQLResolveInfo
): Promise<GraphQLEnumType | null> | GraphQLEnumType | null {
return this.validate(result);
}
visitIntrospectionEnumValue<TSource, TContext, TArgs>(
result: GraphQLEnumValue,
info: GraphQLResolveInfo
): Promise<GraphQLEnumValue | null> | GraphQLEnumValue | null {
return this.validate(result);
}
visitIntrospectionField<TSource, TContext, TArgs>(
result: GraphQLField<any, any>,
info: GraphQLResolveInfo
): Promise<GraphQLField<any, any> | null> | GraphQLField<any, any> | null {
return this.validate(result);
}
visitIntrospectionInputField<TSource, TContext, TArgs>(
result: GraphQLInputField,
info: GraphQLResolveInfo
): Promise<GraphQLInputField | null> | GraphQLInputField | null {
return this.validate(result);
}
visitIntrospectionInputObject<TSource, TContext, TArgs>(
result: GraphQLInputObjectType,
info: GraphQLResolveInfo
): Promise<GraphQLInputObjectType | null> | GraphQLInputObjectType | null {
return this.validate(result);
}
visitIntrospectionInterface<TSource, TContext, TArgs>(
result: GraphQLInterfaceType,
info: GraphQLResolveInfo
): Promise<GraphQLInterfaceType | null> | GraphQLInterfaceType | null {
return this.validate(result);
}
visitIntrospectionObject<TSource, TContext, TArgs>(
result: GraphQLObjectType,
info: GraphQLResolveInfo
): Promise<GraphQLObjectType | null> | GraphQLObjectType | null {
return this.validate(result);
}
visitIntrospectionScalar<TSource, TContext, TArgs>(
result: GraphQLScalarType,
info: GraphQLResolveInfo
): Promise<GraphQLScalarType | null> | GraphQLScalarType | null {
return this.validate(result);
}
visitIntrospectionUnion<TSource, TContext, TArgs>(
result: GraphQLUnionType,
info: GraphQLResolveInfo
): Promise<GraphQLUnionType | null> | GraphQLUnionType | null {
return this.validate(result);
}
// ....
}
FAQs
Filter graphql schema introspection result to hide restricted fields and types
The npm package graphql-introspection-filtering receives a total of 954 weekly downloads. As such, graphql-introspection-filtering popularity was classified as not popular.
We found that graphql-introspection-filtering demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.
Security News
NIST's new password guidelines remove periodic changes and special character requirements, focusing on longer, more secure passwords for better authentication practices.
Security News
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.