locked
GraphQLAuthorize attribute not firing [graphql] RRS feed

  • Question

  • User-339972998 posted

    I am working on the qraphQL api and I am trying to use authorization attribute GraphQLAuthorize in GraphQL.Server.Authorization.AspNetCore; I have created policy in startup.cd configureService but not recognized by GraphQLAuthorize attribute.

    The [GraphQLAuthorize(Policy = "AUTHORIZED")] is not working. while the AuthorizeWith("AUTHORIZED") is working

    using GraphQL.Repository.GraphQL.Types;
    using GraphQL.Repository.Repositories;
    using GraphQL.Types;
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Security.Claims;
    using System.Text;
    using System.Threading.Tasks;
    using GraphQL.Server.Authorization.AspNetCore;
    
    namespace GraphQL.Repository.GraphQL
    {
        [GraphQLAuthorize(Policy = "AUTHORIZED")]
        public class MenuQuery : ObjectGraphType
        {
            public MenuQuery(MenuRepository menuRepository)
            {
                Field<ListGraphType<NavigationMenuType>>(
                    "NavigationMenu",
                    arguments: new QueryArguments(new QueryArgument<NonNullGraphType<IdGraphType>> { Name = "applicationId" }),
                    resolve: context =>
                    {
                        var user = (ClaimsPrincipal)context.UserContext;
    
                        var applicationId = context.GetArgument<int>("applicationId");
                        return menuRepository.GetNavigationMenus(applicationId);
                    });
            }
        }
    }

    //startup.cs

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    using Microsoft.AspNetCore.Builder;
    using Microsoft.AspNetCore.Hosting;
    using Microsoft.AspNetCore.Mvc;
    using Microsoft.Extensions.Configuration;
    using Microsoft.Extensions.DependencyInjection;
    //using GraphQL;
    using GraphQL.Server;
    using Microsoft.EntityFrameworkCore;
    using GraphQL.Repository.Entities;
    using GraphQL.Repository.Repositories;
    using GraphQL.Repository.GraphQL;
    using GraphQL.Repository.GraphQL.Types;
    using Microsoft.Extensions.DependencyInjection.Extensions;
    using GraphQL.Server.Ui.GraphiQL;
    using GraphQL.Server.Ui.Playground;
    
    namespace GraphQL.Api
    {
        public class Startup
        {
            public Startup(IConfiguration configuration)
            {
                Configuration = configuration;
            }
    
            public IConfiguration Configuration { get; }
    
            // This method gets called by the runtime. Use this method to add services to the container.
            public void ConfigureServices(IServiceCollection services)
            {
                services.AddDbContext<MenuManagementDevContext>(options =>
                  options.UseSqlServer(Configuration["ConnectionStrings:CarvedRockContext"]));
    
                services.AddScoped<MenuRepository>();
                services.AddScoped<MenuQuery>();
    
                services.AddScoped<NavigationMenuType>();
                services.AddScoped<RoleNavigationMenuType>();
                services.AddScoped<RoleType>();
    
                services.AddScoped<IDependencyResolver>(s => new FuncDependencyResolver(s.GetRequiredService));
                services.AddScoped<MenuSchema>();
    
                services.AddGraphQL(o => { o.ExposeExceptions = true; })
                    .AddGraphQLAuthorization(options =>
                    {
                        options.AddPolicy("AUTHORIZED", p => p.RequireAuthenticatedUser());
                    })
                    .AddGraphTypes(ServiceLifetime.Scoped).AddUserContextBuilder(httpContext => httpContext.User)
                    .AddDataLoader()
                    .AddWebSockets();
    
                services.AddCors();
            }
    
            // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
            public void Configure(IApplicationBuilder app, IHostingEnvironment env)
            {
                if (env.IsDevelopment())
                {
                    app.UseDeveloperExceptionPage();
                }
                app.UseCors(builder =>
                    builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
    
                app.UseWebSockets();
                app.UseGraphQLWebSockets<MenuSchema>("/graphql");
                app.UseGraphQL<MenuSchema>();
                app.UseGraphiQLServer(new GraphiQLOptions());
                app.UseGraphQLPlayground(new GraphQLPlaygroundOptions());
    
    
            }
        }
    }

    Any help would be appreciated!

    Sunday, December 22, 2019 4:08 PM

All replies

  • User-854763662 posted

    Hi samwassouf ,

    From github doc on GraphQL Authorization, It is currently not possible to add a policy to Input objects using Schema first approach. 

    I am not familar with GraphQL Authorization ,  I suggest you could post an issue on graphql-dotnet/authorization for more effective advices.

    Best Regards ,

    Sherry

    Monday, December 23, 2019 9:25 AM