From fef68a2f704164c79cfa66c8383f4d8a601f1c29 Mon Sep 17 00:00:00 2001
From: Dolev Farhi <dfarhi@paloaltonetworks.com>
Date: Fri, 24 May 2024 12:57:18 -0400
Subject: [PATCH] Add tailcall support

---
 README.md            |  1 +
 graphw00f/helpers.py |  6 ++++++
 graphw00f/lib.py     | 16 ++++++++++++++++
 version.py           |  2 +-
 4 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 4d3be17..e038a72 100644
--- a/README.md
+++ b/README.md
@@ -66,6 +66,7 @@ graphw00f currently attempts to discover the following GraphQL engines:
 * absinthe-graphql - Elixir
 * GraphQL.NET - Microsoft .NET
 * pg_graphql - Rust
+* tailcall - Rust
 
 # GraphQL Threat Matrix
 The graphw00f project uses the [GraphQL Threat Matrix Project](https://github.com/nicholasaleks/graphql-threat-matrix/) as its technology security matrix database. When graphw00f successfully fingerprints a GraphQL endpoint, it will print out the threat matrix document. This document helps security engineers to identify how mature the technology is, what security features it offers, and whether it contains any CVEs.
diff --git a/graphw00f/helpers.py b/graphw00f/helpers.py
index 822bc14..9ec80af 100644
--- a/graphw00f/helpers.py
+++ b/graphw00f/helpers.py
@@ -274,6 +274,12 @@ def get_engines():
       'url':'https://supabase.github.io/pg_graphql',
       'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/pg_graphql.md'  ,
       'technology':['Rust']
+    },
+    'tailcall':{
+      'name':'tailcall',
+      'url':'https://tailcall.run',
+      'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/tailcall.md',
+      'technology':['Rust']
     }
   }
 
diff --git a/graphw00f/lib.py b/graphw00f/lib.py
index a1f234a..5894b81 100644
--- a/graphw00f/lib.py
+++ b/graphw00f/lib.py
@@ -59,6 +59,8 @@ def execute(self, url):
       return 'graphql_yoga'
     elif self.engine_agoo():
       return 'agoo'
+    elif self.engine_tailcall():
+      return 'tailcall'
     elif self.engine_dgraph():
       return 'dgraph'
     elif self.engine_graphene():
@@ -560,6 +562,20 @@ def engine_tartiflette(self):
 
     return False
 
+  def engine_tailcall(self):
+    query = '''
+      aa {
+        __typename
+      }
+    '''
+    response = self.graph_query(self.url, payload=query)
+
+    if error_contains(response, 'expected executable_definition'):
+      return True
+
+    return False
+
+
   def engine_dgraph(self):
     query = '''
       query {
diff --git a/version.py b/version.py
index 7231628..b497d51 100644
--- a/version.py
+++ b/version.py
@@ -1 +1 @@
-VERSION = '1.1.15'
+VERSION = '1.1.16'