graphql-go / handler Goto Github PK
View Code? Open in Web Editor NEWGolang HTTP.Handler for graphl-go
License: MIT License
Golang HTTP.Handler for graphl-go
License: MIT License
Related: graphql-go/graphql#52
Now there isn't any code set the response Content-Type
header, and it's text/plain; charset=utf-8
by default.
Hi, it is really frustrating to create a complete Output object/New object when you have a ready type.
also, it sucks to changes both in times of need.
Is there a way to covert golang type to Object?
e.g:
type User struct{
id string
name string
}
to
graphql.ObjectConfig{
Name: "User",
Fields: graphql.Fields{
"id": &graphql.Field{Type: graphql.ID},
"name": &graphql.Field{Type: graphql.String},
},
Description: "Users ",
}
Thank you!
In https://github.com/graphql-go/handler/blob/master/handler.go#L148
how about modifying it to
h.ContextHandler(r.Context(), w, r)
The idea is in that the middleware can add something in the request's context and pass it further to the handler that passes it further to the GraphQL query. The example is a cookie value.
Hi,
Just wondering what the best way to abort multiple mutations in a single graphql call, currently I have moved the following code :
if h.resultCallbackFn != nil {
h.resultCallbackFn(ctx, ¶ms, result, buff)
}
To just after the line : result := graphql.Do(params)
This way I can verify if all the mutations supplied to the graphql endpoint have been saved to the database and passes any extra validation as required for our business logic, if this fails, I am able to here fail the entire set of mutations.
Would prefer to use the library "as is" without modifying it, as I assume you guys are the ones in the know what is right and wrong with using this library, do you recommend a better solution, or have a done an acceptable solution ?
Thanks in advance
Cheers
Jason
How do I attach a custom header to a request?
Thanks
Hey¡
I can't install it
./handler.go:147:47: formattedError.OriginalError undefined (type gqlerrors.FormattedError has no field or method OriginalError)
There is a vulnerability in Go url parsing. More on that here: https://www.oxeye.io/blog/golang-parameter-smuggling-attack
In a nutshell, the method Query() ignores the error produced by another function when finding a semicolon when parsing the query.
The solution is to replace usage of query = r.URL.Query() with query, err = url.ParseQuery(r.URL.RawQuery) to avoid ignoring the error produced by finding a semicolon when parsing the query.
Browser console error is:
GET https://cdn.jsdelivr.net/npm/graphql-playground-react/build/static/css/index.css net::ERR_CERT_AUTHORITY_INVALID
GET https://cdn.jsdelivr.net/npm/graphql-playground-react/build/static/js/middleware.js net::ERR_CERT_AUTHORITY_INVALID
GET https://cdn.jsdelivr.net/npm/graphql-playground-react/build/logo.png net::ERR_CERT_AUTHORITY_INVALID
Uncaught ReferenceError: GraphQLPlayground is not defined
at http://localhost:8080/v1/library?query={book(id:%221001%22){id,title,body}}:50:7
GET https://cdn.jsdelivr.net/npm/graphql-playground-react/build/favicon.png net::ERR_CERT_AUTHORITY_INVALID
The repository has not been recently released. As a result, The Playground
config field is only available on master branch. When using dep
or go mod
, we need to manually switch to master
branch.
How to differentiate the GraphiQL route from the GraphQL URL itself? I think currently it will always have the same URL? My use-case is I want to secure my GraphQL URL but have different behavior for GraphiQL.
For authorization I need to send tokens inside an optional header configuration exposed on the graphql server. Unless I'm blind, or it's meant for the graphql-go package and not this one, I can't see it anywhere.
I'm working with Apollo Node application that merges schemas from multiple remote GraphQL API. One of the remotes uses graphql-go and graphql-go/handler. There is an issue with schema introspection when using Link API of Apollo resulting to graphql-go to not accept the request.
The response to introspection query is
{"0":{"message":"Must provide an operation.","locations":[]}}
The graphql-go/handler documentation says that the operation name is mandatory when the query contains multiple operations. AFAIK, the introspection only has one operation.
When using Apollo Fetcher API, the introspection seems works. Cannot 100% verify at the moment, since I need to run some more tests.
Based on what I've read from the Apollo documentation and viewed their source code, the introspection should be very similar with both. Even in the source code the Apollo Link is converted to Apollo Fetch.
Of course I cannot be certain that the bug is on Go side of the GraphQL, but I'm assuming so, since the other remote service that publish GraphQL APIs work with both Link/Fetcher. The other services use Apollo server.
Go Handler version used is 0.2.1
I'm looking to be able to log a stack trace when one of my field resolvers panics.
Currently, I get something like this:
{ "query": "query AllAttributes() {attributes(key: $value) {names}}", "variables": {} }
[
{
"message": "runtime error: invalid memory address or nil pointer dereference",
"locations": []
}
]
I've tried to FormatErrorFn which works well for regular errors that get bubbled up, but by the time it gets triggered, the panic's stack trace is missing. I believe the defer-recover function in executor.go completeValueCatchingError
would need to capture the stack in debug.Stack()
and stash it on the gqlerrors.Error
.
I'm happy to attempt to implement it and open a PR, but I'd like to make sure I wasn't missing something first.
Every time I start my GraphQL server, the order of all properties, enums and parameters as shown in GraphiQL or as parsed with GraphQL CLI changes. These tools just take the order as it comes from the server and display it. I think handler
should order all these properties alphabetically to have a consistent output of the callable schema at the endpoint where the graphql-go
handler operates.
The graphql library has been tagged with v0.7.7 with the formatting error changes: https://github.com/graphql-go/graphql/tree/v0.7.7
Will this repo be getting a tagged version soon that correlates to that tag on the graphql repo?
Is there any way that I can set up the header of response for some doctypes?
I am reading simple answers not answered, ignored pulled requests.
I cannot use subscriptions with the graphical interface.
I tried to solve the issue with #69 but I still get
client.js:1603 WebSocket connection to 'ws://localhost:7000/subscriptions' failed: Error during WebSocket handshake: Sent non-empty 'Sec-WebSocket-Protocol' header but no response was received
the same code works with the playground. any pointers??
Hi, I have problem that i do not know how to pass context to each resolver and i cannot find it on google. Could anybody help me ?
Somehow field is showing deprecated
screenshot
code :
package main
import (
"fmt"
"net/http"
"github.com/graphql-go/graphql"
"github.com/graphql-go/handler"
)
var schema, _ = graphql.NewSchema(
graphql.SchemaConfig{
Query: graphql.NewObject(
graphql.ObjectConfig{
Name: "Query",
Fields: graphql.Fields{
"healthz": &graphql.Field{
Type: graphql.String,
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
return "ok", nil
},
},
},
},
),
Mutation: graphql.NewObject(
graphql.ObjectConfig{
Name: "Mutation",
Fields: graphql.Fields{
"healthz": &graphql.Field{
Type: graphql.String,
Resolve: func(p graphql.ResolveParams) (interface{}, error) {
return "ok", nil
},
},
},
},
),
},
)
var port = ":8080"
func main() {
http.Handle("/", handler.New(&handler.Config{
Schema: &schema,
GraphiQL: false,
Playground: true,
}))
fmt.Println("Now server is running on port " + port)
http.ListenAndServe(port, nil)
}
how to remove deprecated directive ?
First, thank you for the hard work to make such a great library :kudos
So I see from the example and found that mutation can be requested using GET
method:
and look like that is by design. See line 68 below tries to get the query from query string. And I can't find a way to disable the GET
method.
Lines 67 to 78 in f96ffdd
Because I am concerned that this is open for CSRF attack when you use Cookie authentication. Or am I missing something?
FYI: Apollo itself doesn't allow mutation request via GET method.
0: {message: "Unknown type "__Type".", locations: [{line: 20, column: 24}]}
1: {message: "Unknown type "__InputValue".", locations: [{line: 53, column: 26}]}
2: {message: "Unknown type "__Type".", locations: [{line: 60, column: 23}]}
full source code https://github.com/kokizzu/gotro/blob/master/W2/example/main_restApi_graphql.GEN.go
Add options for rootValue and graphiql just as in express-graphql
I'll try to do this if I get the time.
Playground could work in latest tagged version.
how to solve this problem
The current GraphiQL interface served by the handler sends GraphQL subscriptions over HTTP, which is not expected to work. This article describes how GraphiQL can be set up with a custom fetcher that does subscriptions over a GraphQL WebSocket.
It would be great if the handler would support this to work with GraphQL servers that implement WS subscriptions.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.