@apollo/federation-internals 2.12.0-preview.3 → 2.12.0

package/src/argumentCompositionStrategies.ts

@@ -1,4 +1,4 @@
-import { InputType, NonNullType, Schema, isListType, isNonNullType } from "./definitions"
+import {InputType, NonNullType, Schema, isListType, isNonNullType} from "./definitions"
 import { sameType } from "./types";
 import { valueEquals } from "./values";
 
@@ -19,6 +19,14 @@ function supportFixedTypes(types: (schema: Schema) => InputType[]): TypeSupportV
   };
 }
 
+function supportAnyNonNullNestedArray(): TypeSupportValidator {
+  return (_, type) =>
+    isNonNullType(type) && isListType(type.ofType)
+      && isNonNullType(type.ofType.ofType) && isListType(type.ofType.ofType.ofType)
+        ? { valid: true }
+        : { valid: false, supportedMsg: 'non nullable nested list types of any type' }
+}
+
 function supportAnyNonNullArray(): TypeSupportValidator {
   return (_, type) => isNonNullType(type) && isListType(type.ofType)
     ? { valid: true }
@@ -54,6 +62,104 @@ function unionValues(values: any[]): any {
   }, []);
 }
 
+/**
+ * Performs conjunction of 2d arrays that represent conditions in Disjunctive Normal Form.
+ *
+ * * Each inner array is interpreted as the conjunction of the conditions in the array.
+ * * The top-level array is interpreted as the disjunction of the inner arrays
+ *
+ * Algorithm
+ * * filter out duplicate entries to limit the amount of necessary computations
+ * * calculate cartesian product of the arrays to find all possible combinations
+ *   * simplify combinations by dropping duplicate conditions (i.e. p ^ p = p, p ^ q = q ^ p)
+ * * eliminate entries that are subsumed by others (i.e. (p ^ q) subsumes (p ^ q ^ r))
+ */
+function dnfConjunction<T>(values: T[][][]): T[][] {
+  // should never be the case
+  if (values.length == 0) {
+    return [];
+  }
+
+  // we first filter out duplicate values from candidates
+  // this avoids exponential computation of exactly the same conditions
+  const filtered = filterNestedArrayDuplicates(values);
+
+  // initialize with first entry
+  let result: T[][] = filtered[0];
+  // perform cartesian product to find all possible entries
+  for (let i = 1; i < filtered.length; i++) {
+    const current = filtered[i];
+    const accumulator: T[][] = [];
+    const seen = new Set<string>;
+
+    for (const accElement of result) {
+      for (const currentElement of current) {
+        // filter out elements that are already present in accElement
+        const filteredElement = currentElement.filter((e) => !accElement.includes(e));
+        const candidate = [...accElement, ...filteredElement].sort();
+        const key = JSON.stringify(candidate);
+        // only add entries which has not been seen yet
+        if (!seen.has(key)) {
+          seen.add(key);
+          accumulator.push(candidate);
+        }
+      }
+    }
+    // Now we need to deduplicate the results. Given that
+    // - outer array implies OR requirements
+    // - inner array implies AND requirements
+    // We can filter out any inner arrays that fully contain other inner arrays, i.e.
+    //   A OR B OR (A AND B) OR (A AND B AND C) => A OR B
+    result = deduplicateSubsumedValues(accumulator);
+  }
+  return result;
+}
+
+function filterNestedArrayDuplicates<T>(values: T[][][]): T[][][] {
+  const filtered: T[][][] = [];
+  const seen = new Set<string>;
+  values.forEach((value) => {
+    value.sort();
+    const key = JSON.stringify(value);
+    if (!seen.has(key)) {
+      seen.add(key);
+      filtered.push(value);
+    }
+  });
+  return filtered;
+}
+
+function deduplicateSubsumedValues<T>(values: T[][]): T[][] {
+  const result: T[][] = [];
+  // we first sort by length as the longer ones might be dropped
+  values.sort((first, second) => {
+    if (first.length < second.length) {
+      return -1;
+    } else if (first.length > second.length) {
+      return 1;
+    } else {
+      return 0;
+    }
+  });
+
+  for (const candidate of values) {
+    const entry = new Set(candidate);
+    let redundant = false;
+    for (const r of result) {
+      if (r.every(e => entry.has(e))) {
+        // if `r` is a subset of a `candidate` then it means `candidate` is redundant
+        redundant = true;
+        break;
+      }
+    }
+
+    if (!redundant) {
+      result.push(candidate);
+    }
+  }
+  return result;
+}
+
 export const ARGUMENT_COMPOSITION_STRATEGIES = {
   MAX: {
     name: 'MAX',
@@ -95,7 +201,8 @@ export const ARGUMENT_COMPOSITION_STRATEGIES = {
       schema.booleanType(),
       new NonNullType(schema.booleanType())
     ]),
-    mergeValues: mergeNullableValues(
+    mergeValues:
+        mergeNullableValues(
       (values: boolean[]) => values.every((v) => v)
     ),
   },
@@ -113,5 +220,10 @@ export const ARGUMENT_COMPOSITION_STRATEGIES = {
     name: 'NULLABLE_UNION',
     isTypeSupported: supportAnyArray(),
     mergeValues: mergeNullableValues(unionValues),
+  },
+  DNF_CONJUNCTION: {
+    name: 'DNF_CONJUNCTION',
+    isTypeSupported: supportAnyNonNullNestedArray(),
+    mergeValues: dnfConjunction
   }
 }

package/src/buildSchema.ts

@@ -56,6 +56,9 @@ import {
 } from "./definitions";
 import { ERRORS, errorCauses, withModifiedErrorNodes } from "./error";
 import { introspectionTypeNames } from "./introspection";
+import { coreFeatureDefinitionIfKnown } from "./knownCoreFeatures";
+import { connectIdentity } from "./specs/connectSpec";
+
 
 function buildValue(value?: ValueNode): any {
   return value ? valueFromASTUntyped(value) : undefined;
@@ -143,6 +146,48 @@ export function buildSchemaFromAST(
     buildSchemaDefinitionInner(schemaExtension, schema.schemaDefinition, errors, schema.schemaDefinition.newExtension());
   }
 
+  // The following block of code is a one-off to support input objects in the
+  // connect spec. It will be non-maintainable/bug-prone to do this again, and
+  // has various limitations/unsupported edge cases already.
+  //
+  // There's work to be done to support input objects more generally; please see
+  // https://github.com/apollographql/federation/pull/3311 for more information.
+  const connectFeature = schema.coreFeatures?.getByIdentity(connectIdentity);
+  const handledConnectTypeNames = new Set<string>();
+  if (connectFeature) {
+    const connectFeatureDefinition =
+      coreFeatureDefinitionIfKnown(connectFeature.url);
+    if (connectFeatureDefinition) {
+      const connectTypeNamesInSchema = new Set(
+        connectFeatureDefinition.typeSpecs()
+          .map(({ name }) => connectFeature.typeNameInSchema(name))
+      );
+      for (const typeNode of typeDefinitions) {
+        if (connectTypeNamesInSchema.has(typeNode.name.value)
+          && typeNode.kind === 'InputObjectTypeDefinition'
+        ) {
+          handledConnectTypeNames.add(typeNode.name.value)
+        } else {
+          continue;
+        }
+        buildNamedTypeInner(typeNode, schema.type(typeNode.name.value)!, schema.blueprint, errors);
+      }
+      for (const typeExtensionNode of typeExtensions) {
+        if (connectTypeNamesInSchema.has(typeExtensionNode.name.value)
+          && typeExtensionNode.kind === 'InputObjectTypeExtension'
+        ) {
+          handledConnectTypeNames.add(typeExtensionNode.name.value)
+        } else {
+          continue;
+        }
+        const toExtend = schema.type(typeExtensionNode.name.value)!;
+        const extension = toExtend.newExtension();
+        extension.sourceAST = typeExtensionNode;
+        buildNamedTypeInner(typeExtensionNode, toExtend, schema.blueprint, errors, extension);
+      }
+    }
+  }
+
   // The following is a no-op for "standard" schema, but for federation subgraphs, this is where we handle the auto-addition
   // of imported federation directive definitions. That is why we have avoid looking at directive applications within
   // directive definition earlier: if one of those application was of an imported federation directive, the definition
@@ -155,9 +200,15 @@ export function buildSchemaFromAST(
   }
 
   for (const typeNode of typeDefinitions) {
+    if (handledConnectTypeNames.has(typeNode.name.value)) {
+      continue;
+    }
     buildNamedTypeInner(typeNode, schema.type(typeNode.name.value)!, schema.blueprint, errors);
   }
   for (const typeExtensionNode of typeExtensions) {
+    if (handledConnectTypeNames.has(typeExtensionNode.name.value)) {
+      continue;
+    }
     const toExtend = schema.type(typeExtensionNode.name.value)!;
     const extension = toExtend.newExtension();
     extension.sourceAST = typeExtensionNode;

package/src/directiveAndTypeSpecification.ts

@@ -67,7 +67,13 @@ export type FieldSpecification = {
   args?: ResolvedArgumentSpecification[],
 }
 
-type ResolvedArgumentSpecification = {
+export type ResolvedArgumentSpecification = {
+  name: string,
+  type: InputType,
+  defaultValue?: any,
+}
+
+export type InputFieldSpecification = {
   name: string,
   type: InputType,
   defaultValue?: any,
@@ -342,7 +348,7 @@ export function createEnumTypeSpecification({
   }
 }
 
-function ensureSameTypeKind(expected: NamedType['kind'], actual: NamedType): GraphQLError[] {
+export function ensureSameTypeKind(expected: NamedType['kind'], actual: NamedType): GraphQLError[] {
   return expected === actual.kind
     ? []
     : [

package/src/error.ts

@@ -633,6 +633,18 @@ const MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED = makeCodeDefinition(
   { addedIn: '2.8.0' },
 );
 
+const AUTHENTICATION_APPLIED_ON_INTERFACE = makeCodeDefinition(
+    'AUTHENTICATION_APPLIED_ON_INTERFACE',
+    'The @authenticated, @requiresScopes and @policy directive cannot be applied on interface, interface object or their fields.',
+    { addedIn: '2.9.4' },
+);
+
+const MISSING_TRANSITIVE_AUTH_REQUIREMENTS = makeCodeDefinition(
+    'MISSING_TRANSITIVE_AUTH_REQUIREMENTS',
+    'Field missing transitive @authenticated, @requiresScopes and/or @policy auth requirements needed to access dependent data.',
+    { addedIn: '2.9.4' },
+)
+
 export const ERROR_CATEGORIES = {
   DIRECTIVE_FIELDS_MISSING_EXTERNAL,
   DIRECTIVE_UNSUPPORTED_ON_INTERFACE,
@@ -734,6 +746,8 @@ export const ERRORS = {
   LIST_SIZE_INVALID_SIZED_FIELD,
   LIST_SIZE_INVALID_SLICING_ARGUMENT,
   MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED,
+  AUTHENTICATION_APPLIED_ON_INTERFACE,
+  MISSING_TRANSITIVE_AUTH_REQUIREMENTS,
 };
 
 const codeDefByCode = Object.values(ERRORS).reduce((obj: {[code: string]: ErrorCodeDefinition}, codeDef: ErrorCodeDefinition) => { obj[codeDef.code] = codeDef; return obj; }, {});

package/src/federation.ts

@@ -37,7 +37,7 @@ import {
   isWrapperType,
   possibleRuntimeTypes,
   isIntType,
-  Type,
+  Type, isFieldDefinition,
 } from "./definitions";
 import { assert, MultiMap, printHumanReadableList, OrderedMap, mapValues, assertUnreachable } from "./utils";
 import { SDLValidationRule } from "graphql/validation/ValidationContext";
@@ -97,7 +97,7 @@ import { createObjectTypeSpecification, createScalarTypeSpecification, createUni
 import { didYouMean, suggestionList } from "./suggestions";
 import { coreFeatureDefinitionIfKnown } from "./knownCoreFeatures";
 import { joinIdentity } from "./specs/joinSpec";
-import { COST_VERSIONS, CostDirectiveArguments, ListSizeDirectiveArguments, costIdentity } from "./specs/costSpec";
+import { CostDirectiveArguments, ListSizeDirectiveArguments } from "./specs/costSpec";
 
 const linkSpec = LINK_VERSIONS.latest();
 const tagSpec = TAG_VERSIONS.latest();
@@ -1828,18 +1828,16 @@ export class FederationBlueprint extends SchemaBlueprint {
       }
     }
 
-    const costFeature = schema.coreFeatures?.getByIdentity(costIdentity);
-    const costSpec = costFeature && COST_VERSIONS.find(costFeature.url.version);
-    const costDirective = costSpec?.costDirective(schema);
-    const listSizeDirective = costSpec?.listSizeDirective(schema);
+    const costDirective = metadata.costDirective();
+    const listSizeDirective = metadata.listSizeDirective();
 
     // Validate @cost
-    for (const application of costDirective?.applications() ?? []) {
+    for (const application of costDirective.applications()) {
       validateCostNotAppliedToInterface(application, errorCollector);
     }
 
     // Validate @listSize
-    for (const application of listSizeDirective?.applications() ?? []) {
+    for (const application of listSizeDirective.applications()) {
       const parent = application.parent;
       assert(parent instanceof FieldDefinition, "@listSize can only be applied to FIELD_DEFINITION");
       validateListSizeAppliedToList(application, parent, errorCollector);
@@ -1848,6 +1846,9 @@ export class FederationBlueprint extends SchemaBlueprint {
       validateSizedFieldsAreValidLists(application, parent, errorCollector);
     }
 
+    // Validate @authenticated, @requireScopes and @policy
+    validateNoAuthenticationOnInterfaces(metadata, errorCollector);
+
     return errorCollector;
   }
 
@@ -2899,3 +2900,39 @@ function withoutNonExternalLeafFields(selectionSet: SelectionSet): SelectionSet
     return undefined;
   });
 }
+
+function validateNoAuthenticationOnInterfaces(metadata: FederationMetadata, errorCollector: GraphQLError[]) {
+  const authenticatedDirective = metadata.authenticatedDirective();
+  const requiresScopesDirective = metadata.requiresScopesDirective();
+  const policyDirective = metadata.policyDirective();
+  [authenticatedDirective, requiresScopesDirective, policyDirective].forEach((directive) => {
+    for (const application of directive.applications()) {
+      const element = application.parent;
+      function isAppliedOnInterface(type: Type) {
+        return isInterfaceType(type) || isInterfaceObjectType(baseType(type));
+      }
+      function isAppliedOnInterfaceField(elem: SchemaElement<any, any>) {
+        return isFieldDefinition(elem) && isAppliedOnInterface(elem.parent);
+      }
+
+      if (isAppliedOnInterface(element) || isAppliedOnInterfaceField(element)) {
+        let kind = '';
+        switch (element.kind) {
+          case 'FieldDefinition':
+            kind = 'field';
+            break;
+          case 'InterfaceType':
+            kind = 'interface';
+            break;
+          case 'ObjectType':
+            kind = 'interface object';
+            break;
+        }
+        errorCollector.push(ERRORS.AUTHENTICATION_APPLIED_ON_INTERFACE.err(
+            `Invalid use of @${directive.name} on ${kind} "${element.coordinate}": @${directive.name} cannot be applied on interfaces, interface objects or their fields`,
+            {nodes: sourceASTs(application, element.parent)},
+        ));
+      }
+    }
+  });
+}

package/src/specs/authenticatedSpec.ts

@@ -8,6 +8,7 @@ import {
 } from "./coreSpec";
 import { createDirectiveSpecification } from "../directiveAndTypeSpecification";
 import { registerKnownFeature } from "../knownCoreFeatures";
+import {DirectiveDefinition, Schema} from "../definitions";
 
 export class AuthenticatedSpecDefinition extends FeatureDefinition {
   public static readonly directiveName = "authenticated";
@@ -37,6 +38,10 @@ export class AuthenticatedSpecDefinition extends FeatureDefinition {
     }));
   }
 
+  authenticatedDirective(schema: Schema): DirectiveDefinition | undefined {
+    return this.directive(schema, AuthenticatedSpecDefinition.directiveName);
+  }
+
   get defaultCorePurpose(): CorePurpose {
     return 'SECURITY';
   }