@apollo/federation-internals 2.10.3 → 2.10.5

package/src/definitions.ts

@@ -3825,3 +3825,7 @@ function copyDirectiveDefinitionInner(
 export function isFieldDefinition(elem: SchemaElement<any, any>): elem is FieldDefinition<any> {
   return elem instanceof FieldDefinition;
 }
+
+export function isElementNamedType(elem: SchemaElement<any, any>): elem is NamedType {
+  return elem instanceof BaseNamedType;
+}

package/src/error.ts

@@ -633,9 +633,9 @@ const MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED = makeCodeDefinition(
   { addedIn: '2.8.0' },
 );
 
-const AUTHENTICATION_APPLIED_ON_INTERFACE = makeCodeDefinition(
-    'AUTHENTICATION_APPLIED_ON_INTERFACE',
-    'The @authenticated, @requiresScopes and @policy directive cannot be applied on interface, interface object or their fields.',
+const AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE = makeCodeDefinition(
+    'AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE',
+    'The @authenticated, @requiresScopes and @policy directive cannot be applied on interface, interface fields and interface object',
     { addedIn: '2.9.4' },
 );
 
@@ -746,7 +746,7 @@ export const ERRORS = {
   LIST_SIZE_INVALID_SIZED_FIELD,
   LIST_SIZE_INVALID_SLICING_ARGUMENT,
   MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED,
-  AUTHENTICATION_APPLIED_ON_INTERFACE,
+  AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE,
   MISSING_TRANSITIVE_AUTH_REQUIREMENTS,
 };
 

package/src/federation.ts

@@ -37,7 +37,7 @@ import {
   isWrapperType,
   possibleRuntimeTypes,
   isIntType,
-  Type, isFieldDefinition,
+  Type, isFieldDefinition, isElementNamedType,
 } from "./definitions";
 import { assert, MultiMap, printHumanReadableList, OrderedMap, mapValues, assertUnreachable } from "./utils";
 import { SDLValidationRule } from "graphql/validation/ValidationContext";
@@ -1840,7 +1840,7 @@ export class FederationBlueprint extends SchemaBlueprint {
       validateSizedFieldsAreValidLists(application, parent, errorCollector);
     }
 
-    // Validate @authenticated, @requireScopes and @policy
+    // Validate @authenticated, @requireScopes and @policy usage on interfaces and interface objects
     validateNoAuthenticationOnInterfaces(metadata, errorCollector);
 
     return errorCollector;
@@ -2901,15 +2901,15 @@ function validateNoAuthenticationOnInterfaces(metadata: FederationMetadata, erro
   const policyDirective = metadata.policyDirective();
   [authenticatedDirective, requiresScopesDirective, policyDirective].forEach((directive) => {
     for (const application of directive.applications()) {
-      const element = application.parent;
-      function isAppliedOnInterface(type: Type) {
-        return isInterfaceType(type) || isInterfaceObjectType(baseType(type));
-      }
-      function isAppliedOnInterfaceField(elem: SchemaElement<any, any>) {
-        return isFieldDefinition(elem) && isAppliedOnInterface(elem.parent);
-      }
-
-      if (isAppliedOnInterface(element) || isAppliedOnInterfaceField(element)) {
+      const element: SchemaElement<any, any> = application.parent;
+      if (
+        // Is it applied on interface or interface object types?
+        (isElementNamedType(element) &&
+          (isInterfaceType(element) || isInterfaceObjectType(element))
+        ) ||
+        // Is it applied on interface fields?
+        (isFieldDefinition(element) && isInterfaceType(element.parent))
+      ) {
         let kind = '';
         switch (element.kind) {
           case 'FieldDefinition':
@@ -2922,8 +2922,8 @@ function validateNoAuthenticationOnInterfaces(metadata: FederationMetadata, erro
             kind = 'interface object';
             break;
         }
-        errorCollector.push(ERRORS.AUTHENTICATION_APPLIED_ON_INTERFACE.err(
-            `Invalid use of @${directive.name} on ${kind} "${element.coordinate}": @${directive.name} cannot be applied on interfaces, interface objects or their fields`,
+        errorCollector.push(ERRORS.AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE.err(
+            `Invalid use of @${directive.name} on ${kind} "${element.coordinate}": @${directive.name} cannot be applied on interfaces, interface fields and interface objects`,
             {nodes: sourceASTs(application, element.parent)},
         ));
       }

package/src/operations.ts

@@ -1123,7 +1123,7 @@ export class Operation extends DirectiveTargetElement<Operation> {
   }
 
   collectDefaultedVariableValues(): Record<string, any> {
-    const defaultedVariableValues: Record<string, any> = {};
+    const defaultedVariableValues: Record<string, any> = Object.create(null);
     for (const { variable, defaultValue } of this.variableDefinitions.definitions()) {
       if (defaultValue !== undefined) {
         defaultedVariableValues[variable.name] = defaultValue;

package/src/specs/authenticatedSpec.ts

@@ -24,6 +24,10 @@ export class AuthenticatedSpecDefinition extends FeatureDefinition {
       minimumFederationVersion,
     );
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: AuthenticatedSpecDefinition.directiveName,
       locations: [

package/src/specs/policySpec.ts

@@ -31,6 +31,10 @@ export class PolicySpecDefinition extends FeatureDefinition {
 
     this.registerType(createScalarTypeSpecification({ name: PolicyTypeName.POLICY }));
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: PolicySpecDefinition.directiveName,
       args: [{

package/src/specs/requiresScopesSpec.ts

@@ -32,6 +32,10 @@ export class RequiresScopesSpecDefinition extends FeatureDefinition {
 
     this.registerType(createScalarTypeSpecification({ name: RequiresScopesTypeName.SCOPE }));
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: RequiresScopesSpecDefinition.directiveName,
       args: [{