[generic-auth] handle @Skip and @include directives (#1950)

* [generic-auth] handle @Skip and @include directives * changeset * chore(dependencies): updated changesets for modified dependencies --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
n1ru4l · Sep 27, 2023 · 4e368f6 · 4e368f6
1 parent 8ce426f
commit 4e368f6
Show file tree

Hide file tree

Showing 6 changed files with 72 additions and 4 deletions.
diff --git a/.changeset/@envelop_generic-auth-1950-dependencies.md b/.changeset/@envelop_generic-auth-1950-dependencies.md
@@ -0,0 +1,9 @@
+---
+'@envelop/generic-auth': patch
+---
+
+dependencies updates:
+
+- Added dependency
+  [`@graphql-tools/utils@^10.0.6` ↗︎](https://www.npmjs.com/package/@graphql-tools/utils/v/10.0.6)
+  (to `dependencies`)
diff --git a/.changeset/fair-ghosts-refuse.md b/.changeset/fair-ghosts-refuse.md
@@ -0,0 +1,5 @@
+---
+'@envelop/generic-auth': minor
+---
+
+Handle @skip and @include directive by skipping validation of this fields.
diff --git a/packages/plugins/generic-auth/package.json b/packages/plugins/generic-auth/package.json
@@ -52,6 +52,7 @@
   },
   "dependencies": {
     "@envelop/extended-validation": "^3.0.1",
+    "@graphql-tools/utils": "^10.0.6",
     "tslib": "^2.5.0"
   },
   "devDependencies": {

diff --git a/packages/plugins/generic-auth/src/index.ts b/packages/plugins/generic-auth/src/index.ts
@@ -13,6 +13,7 @@ import {
 } from 'graphql';
 import { DefaultContext, Maybe, Plugin, PromiseOrValue } from '@envelop/core';
 import { useExtendedValidation } from '@envelop/extended-validation';
+import { shouldIncludeNode } from '@graphql-tools/utils';
 
 export class UnauthenticatedError extends GraphQLError {}
 
@@ -197,6 +198,10 @@ export const useGenericAuth = <
 
                 return {
                   Field(node) {
+                    if (!shouldIncludeNode(args.variableValues, node)) {
+                      return;
+                    }
+
                     const fieldType = getNamedType(context.getParentType()!);
                     if (isIntrospectionType(fieldType)) {
                       return false;

diff --git a/packages/plugins/generic-auth/tests/use-generic-auth.spec.ts b/packages/plugins/generic-auth/tests/use-generic-auth.spec.ts
@@ -1,6 +1,8 @@
-import { EnumValueNode, getIntrospectionQuery } from 'graphql';
+import { EnumValueNode, FieldNode, getIntrospectionQuery } from 'graphql';
 import { assertSingleExecutionValue, createTestkit } from '@envelop/testing';
+import { Maybe } from '@envelop/types';
 import { makeExecutableSchema } from '@graphql-tools/schema';
+import { shouldIncludeNode } from '@graphql-tools/utils';
 import {
   DIRECTIVE_SDL,
   ResolveUserFn,
@@ -471,5 +473,35 @@ describe('useGenericAuth', () => {
         expect(result.data?.admin).toBe('admin');
       });
     });
+
+    it('should not validate fields with @include and @skip directives', async () => {
+      const testInstance = createTestkit(
+        [
+          useGenericAuth({
+            mode: 'protect-granular',
+            resolveUserFn: invalidresolveUserFn,
+          }),
+        ],
+        schemaWithDirective,
+      );
+
+      const result = await testInstance.execute(
+        /* GraphQL */ `
+          query ($skip: Boolean!, $include: Boolean!) {
+            public
+            p1: protected @skip(if: $skip)
+            p2: protected @skip(if: true)
+            p3: protected @include(if: false)
+            p4: protected @include(if: $include)
+          }
+        `,
+        { skip: true, include: false },
+      );
+      assertSingleExecutionValue(result);
+      expect(result.errors).toBeUndefined();
+      expect(result.data).toEqual({
+        public: 'public',
+      });
+    });
   });
 });
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml