@adaptic/backend-legacy 0.0.974 → 0.0.976

package/esm/plugins/http-status-mapper.d.ts

@@ -0,0 +1,33 @@
+/**
+ * HTTP Status Mapper Plugin for Apollo Server 5.
+ *
+ * Maps well-known GraphQL error codes to their semantically-correct HTTP
+ * status codes. Apollo Server 5 defaults to HTTP 500 for any error thrown
+ * inside the `context` function (wrapped as ContextFunctionError) and to
+ * HTTP 200 for errors thrown inside resolvers — neither default is correct
+ * for an authentication failure, and the 500 default actively harms
+ * consumers: Apollo Client's observable pipeline crashes on a 5xx response
+ * with a GraphQL-shaped body (`Cannot read properties of undefined (reading
+ * 'write')`), so the awaited `client.query(...)` Promise neither resolves
+ * nor rejects. Downstream `try/catch` blocks never run, and any UI that
+ * gates rendering on a `setIsLoading(false)` in `finally` is locked into a
+ * permanent loading state.
+ *
+ * This plugin runs in `willSendResponse` and inspects every GraphQL error in
+ * the final response body. If any error carries `extensions.code` in the
+ * lookup table below, the response's HTTP status is upgraded accordingly.
+ * Doing it here (rather than at each throw site) means we get the same
+ * mapping whether the error originated in a context function, a resolver,
+ * an `AuthChecker`, or a directive — and a future code path that throws
+ * UNAUTHENTICATED cannot accidentally regress to a 500.
+ *
+ * Mapping policy:
+ *   UNAUTHENTICATED → 401 (most common; the bug above)
+ *   FORBIDDEN       → 403 (AuthChecker rejections per CORTEX-P0-001)
+ *   BAD_USER_INPUT  → 400 (GraphQL validation already handles syntax; this
+ *                          covers semantic input rejection from validators)
+ *   Anything else   → unchanged (200 for in-body errors, 500 for fatal)
+ */
+import type { ApolloServerPlugin } from '@apollo/server';
+export declare function createHttpStatusMapperPlugin<TContext extends object = object>(): ApolloServerPlugin<TContext>;
+//# sourceMappingURL=http-status-mapper.d.ts.map

package/esm/plugins/http-status-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-status-mapper.d.ts","sourceRoot":"","sources":["../../../src/plugins/http-status-mapper.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EACV,kBAAkB,EAGnB,MAAM,gBAAgB,CAAC;AAgCxB,wBAAgB,4BAA4B,CAC1C,QAAQ,SAAS,MAAM,GAAG,MAAM,KAC7B,kBAAkB,CAAC,QAAQ,CAAC,CA2BhC"}

package/esm/plugins/http-status-mapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-status-mapper.js","sourceRoot":"","sources":["../../../src/plugins/http-status-mapper.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AASH,MAAM,mBAAmB,GAA2B;IAClD,eAAe,EAAE,GAAG;IACpB,SAAS,EAAE,GAAG;IACd,cAAc,EAAE,GAAG;CACpB,CAAC;AAEF;;;;;GAKG;AACH,SAAS,gBAAgB,CACvB,MAAwC;IAExC,IAAI,IAAwB,CAAC;IAC7B,MAAM,QAAQ,GAA2B,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IACpE,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC;QAClC,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,SAAS;QACvC,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,IAAI,IAAI,KAAK,SAAS,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC1E,IAAI,GAAG,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,4BAA4B;IAG1C,OAAO;QACL,KAAK,CAAC,eAAe;YACnB,OAAO;gBACL,KAAK,CAAC,gBAAgB,CACpB,cAA+D;oBAE/D,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC;oBACpC,MAAM,EAAE,IAAI,EAAE,GAAG,QAAQ,CAAC;oBAC1B,kEAAkE;oBAClE,iEAAiE;oBACjE,4DAA4D;oBAC5D,8DAA8D;oBAC9D,UAAU;oBACV,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ;wBAAE,OAAO;oBACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC;oBACxC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO;oBAC3C,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;oBACxC,IAAI,MAAM,KAAK,SAAS;wBAAE,OAAO;oBACjC,4DAA4D;oBAC5D,+DAA+D;oBAC/D,qEAAqE;oBACrE,QAAQ,CAAC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;gBAChC,CAAC;aACF,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}

package/esm/plugins/http-status-mapper.mjs

@@ -0,0 +1,87 @@
+/**
+ * HTTP Status Mapper Plugin for Apollo Server 5.
+ *
+ * Maps well-known GraphQL error codes to their semantically-correct HTTP
+ * status codes. Apollo Server 5 defaults to HTTP 500 for any error thrown
+ * inside the `context` function (wrapped as ContextFunctionError) and to
+ * HTTP 200 for errors thrown inside resolvers — neither default is correct
+ * for an authentication failure, and the 500 default actively harms
+ * consumers: Apollo Client's observable pipeline crashes on a 5xx response
+ * with a GraphQL-shaped body (`Cannot read properties of undefined (reading
+ * 'write')`), so the awaited `client.query(...)` Promise neither resolves
+ * nor rejects. Downstream `try/catch` blocks never run, and any UI that
+ * gates rendering on a `setIsLoading(false)` in `finally` is locked into a
+ * permanent loading state.
+ *
+ * This plugin runs in `willSendResponse` and inspects every GraphQL error in
+ * the final response body. If any error carries `extensions.code` in the
+ * lookup table below, the response's HTTP status is upgraded accordingly.
+ * Doing it here (rather than at each throw site) means we get the same
+ * mapping whether the error originated in a context function, a resolver,
+ * an `AuthChecker`, or a directive — and a future code path that throws
+ * UNAUTHENTICATED cannot accidentally regress to a 500.
+ *
+ * Mapping policy:
+ *   UNAUTHENTICATED → 401 (most common; the bug above)
+ *   FORBIDDEN       → 403 (AuthChecker rejections per CORTEX-P0-001)
+ *   BAD_USER_INPUT  → 400 (GraphQL validation already handles syntax; this
+ *                          covers semantic input rejection from validators)
+ *   Anything else   → unchanged (200 for in-body errors, 500 for fatal)
+ */
+const CODE_TO_HTTP_STATUS = {
+    UNAUTHENTICATED: 401,
+    FORBIDDEN: 403,
+    BAD_USER_INPUT: 400,
+};
+/**
+ * Returns the highest-priority HTTP status implied by the GraphQL errors in
+ * the response, or undefined if no mapping applies. Priority order: 401 over
+ * 403 over 400 — auth failures trump everything else because they're the
+ * primary signal a client needs to refresh its token / reauthenticate.
+ */
+function deriveHttpStatus(errors) {
+    let best;
+    const priority = { 401: 3, 403: 2, 400: 1 };
+    for (const err of errors) {
+        const code = err.extensions?.code;
+        if (typeof code !== 'string')
+            continue;
+        const status = CODE_TO_HTTP_STATUS[code];
+        if (!status)
+            continue;
+        if (best === undefined || (priority[status] ?? 0) > (priority[best] ?? 0)) {
+            best = status;
+        }
+    }
+    return best;
+}
+export function createHttpStatusMapperPlugin() {
+    return {
+        async requestDidStart() {
+            return {
+                async willSendResponse(requestContext) {
+                    const { response } = requestContext;
+                    const { body } = response;
+                    // Only the `single` response kind carries a single `errors` array
+                    // we can inspect synchronously. Incremental delivery (`@defer` /
+                    // `@stream`) uses `incremental` and would require per-chunk
+                    // mapping; we don't use those features yet, so this is a safe
+                    // narrow.
+                    if (body.kind !== 'single')
+                        return;
+                    const errors = body.singleResult.errors;
+                    if (!errors || errors.length === 0)
+                        return;
+                    const status = deriveHttpStatus(errors);
+                    if (status === undefined)
+                        return;
+                    // Apollo Server only sets `http.status` for fatal errors by
+                    // default; assigning here overrides that. The `http` object is
+                    // always present on the response when reached via expressMiddleware.
+                    response.http.status = status;
+                },
+            };
+        },
+    };
+}
+//# sourceMappingURL=http-status-mapper.js.map

package/esm/plugins/index.d.ts

@@ -5,4 +5,5 @@
  */
 export { queryDepthLimiterPlugin } from './query-depth-limiter';
 export { createErrorSanitizer, formatError } from './error-sanitizer';
+export { createHttpStatusMapperPlugin } from './http-status-mapper';
 //# sourceMappingURL=index.d.ts.map

package/esm/plugins/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,4BAA4B,EAAE,MAAM,sBAAsB,CAAC"}

package/esm/plugins/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,4BAA4B,EAAE,MAAM,sBAAsB,CAAC"}

package/esm/plugins/index.mjs

@@ -5,4 +5,5 @@
  */
 export { queryDepthLimiterPlugin  } from './query-depth-limiter.mjs';
 export { createErrorSanitizer, formatError  } from './error-sanitizer.mjs';
+export { createHttpStatusMapperPlugin  } from './http-status-mapper.mjs';
 //# sourceMappingURL=index.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adaptic/backend-legacy",
-  "version": "0.0.974",
+  "version": "0.0.976",
   "description": "Backend executable CRUD functions with dynamic variables construction, and type definitions for the Adaptic AI platform.",
   "type": "module",
   "types": "index.d.ts",

package/server.cjs

@@ -54,6 +54,7 @@ const ws_1 = require("ws");
 const ws_2 = require("graphql-ws/lib/use/ws");
 const auth_1 = require("./middleware/auth.cjs");
 const audit_logger_1 = require("./middleware/audit-logger.cjs");
+const http_status_mapper_1 = require("./plugins/http-status-mapper.cjs");
 const prismaClient_1 = __importStar(require("./prismaClient.cjs"));
 const health_1 = require("./health.cjs");
 const child_process_1 = require("child_process");
@@ -139,6 +140,7 @@ const startServer = async () => {
         plugins: [
             (0, drainHttpServer_1.ApolloServerPluginDrainHttpServer)({ httpServer }),
             (0, audit_logger_1.createAuditLogPlugin)(),
+            (0, http_status_mapper_1.createHttpStatusMapperPlugin)(),
         ],
         formatError: (err) => {
             var _a, _b;
@@ -282,10 +284,27 @@ const startServer = async () => {
                 // Throw `UNAUTHENTICATED` so Apollo's HTTP transport returns a
                 // GraphQL-shaped error response. The `formatError` hook above
                 // preserves the `code` extension.
+                //
+                // `extensions.http.status: 401` is essential and easy to miss:
+                // when `context()` throws, Apollo Server takes the
+                // `errorResponse` path (ApolloServer.js#executeHTTPGraphQLRequest
+                // catch block) which BYPASSES the request pipeline entirely —
+                // willSendResponse plugins do not fire. The only mechanism left
+                // for setting the HTTP status is `extensions.http.status` on the
+                // thrown error itself, which `normalizeAndFormatErrors` lifts
+                // into the response head and then strips from the body so it does
+                // not leak. Without this, every auth failure ships as HTTP 500,
+                // and Apollo Client's observable pipeline crashes on the 5xx +
+                // GraphQL-body combination (`Cannot read properties of undefined
+                // (reading 'write')`), leaving consumer `await client.query(...)`
+                // promises that neither resolve nor reject — which is precisely
+                // how /configure/trading-policy ended up locked in a permanent
+                // loading state.
                 throw new graphql_1.GraphQLError('Unauthenticated', {
                     extensions: {
                         code: 'UNAUTHENTICATED',
                         reason,
+                        http: { status: 401 },
                     },
                 });
             }
@@ -341,10 +360,17 @@ const startServer = async () => {
                 logger_1.logger.warn('WebSocket auth rejected — closing connection', {
                     reason,
                 });
+                // graphql-ws closes the connection rather than producing an HTTP
+                // response, so `extensions.http.status` is irrelevant here — but
+                // we include it for symmetry with the HTTP context above. Any
+                // future code that funnels a WS-rejected GraphQLError back into
+                // an HTTP response (e.g. a graceful-degrade fallback) will get
+                // the correct status without further changes.
                 throw new graphql_1.GraphQLError('Unauthenticated', {
                     extensions: {
                         code: 'UNAUTHENTICATED',
                         reason,
+                        http: { status: 401 },
                     },
                 });
             }