@apollo/federation-internals 2.12.0 → 2.12.2

package/src/argumentCompositionStrategies.ts

@@ -65,8 +65,9 @@ function unionValues(values: any[]): any {
 /**
  * Performs conjunction of 2d arrays that represent conditions in Disjunctive Normal Form.
  *
- * * Each inner array is interpreted as the conjunction of the conditions in the array.
- * * The top-level array is interpreted as the disjunction of the inner arrays
+ * Each 2D array is interpreted as follows
+ * * Inner array is interpreted as the conjunction (an AND) of the conditions in the array.
+ * * Outer array is interpreted as the disjunction (an OR) of the inner arrays.
  *
  * Algorithm
  * * filter out duplicate entries to limit the amount of necessary computations
@@ -74,12 +75,19 @@ function unionValues(values: any[]): any {
  *   * simplify combinations by dropping duplicate conditions (i.e. p ^ p = p, p ^ q = q ^ p)
  * * eliminate entries that are subsumed by others (i.e. (p ^ q) subsumes (p ^ q ^ r))
  */
-function dnfConjunction<T>(values: T[][][]): T[][] {
+export function dnfConjunction<T>(values: T[][][]): T[][] {
   // should never be the case
   if (values.length == 0) {
     return [];
   }
 
+  // Copy the 2D arrays, as we'll be modifying them below (due to sorting).
+  for (let i = 0; i < values.length; i++) {
+    // See the doc string for `convertEmptyToTrue()` to understand why this is
+    // necessary.
+    values[i] = convertEmptyToTrue(dnfCopy(values[i]));
+  }
+
   // we first filter out duplicate values from candidates
   // this avoids exponential computation of exactly the same conditions
   const filtered = filterNestedArrayDuplicates(values);
@@ -119,7 +127,14 @@ function filterNestedArrayDuplicates<T>(values: T[][][]): T[][][] {
   const filtered: T[][][] = [];
   const seen = new Set<string>;
   values.forEach((value) => {
-    value.sort();
+    value.forEach((inner) => {
+      inner.sort();
+    })
+    value.sort((a, b) => {
+      const left = JSON.stringify(a);
+      const right = JSON.stringify(b);
+      return left > right ? 1 : left < right ? -1 : 0;
+    });
     const key = JSON.stringify(value);
     if (!seen.has(key)) {
       seen.add(key);
@@ -160,6 +175,25 @@ function deduplicateSubsumedValues<T>(values: T[][]): T[][] {
   return result;
 }
 
+function dnfCopy<T>(value: T[][]): T[][] {
+  const newValue = new Array(value.length);
+  for (let i = 0; i < value.length; i++) {
+    newValue[i] = value[i].slice();
+  }
+  return newValue;
+}
+
+/**
+ * Normally for DNF, you'd consider [] to be always false and [[]] to be always
+ * true, and code that uses some()/every() needs no special-casing to work with
+ * these definitions. However, router special-cases [] to also mean true, and so
+ * if we're about to do any evaluation on DNFs, we need to do these conversions
+ * beforehand.
+ */
+export function convertEmptyToTrue<T>(value: T[][]): T[][] {
+  return value.length === 0 ? [[]] : value;
+}
+
 export const ARGUMENT_COMPOSITION_STRATEGIES = {
   MAX: {
     name: 'MAX',

package/src/definitions.ts

@@ -3825,3 +3825,7 @@ function copyDirectiveDefinitionInner(
 export function isFieldDefinition(elem: SchemaElement<any, any>): elem is FieldDefinition<any> {
   return elem instanceof FieldDefinition;
 }
+
+export function isElementNamedType(elem: SchemaElement<any, any>): elem is NamedType {
+  return elem instanceof BaseNamedType;
+}

package/src/error.ts

@@ -633,9 +633,9 @@ const MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED = makeCodeDefinition(
   { addedIn: '2.8.0' },
 );
 
-const AUTHENTICATION_APPLIED_ON_INTERFACE = makeCodeDefinition(
-    'AUTHENTICATION_APPLIED_ON_INTERFACE',
-    'The @authenticated, @requiresScopes and @policy directive cannot be applied on interface, interface object or their fields.',
+const AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE = makeCodeDefinition(
+    'AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE',
+    'The @authenticated, @requiresScopes and @policy directive cannot be applied on interface, interface fields and interface object',
     { addedIn: '2.9.4' },
 );
 
@@ -746,7 +746,7 @@ export const ERRORS = {
   LIST_SIZE_INVALID_SIZED_FIELD,
   LIST_SIZE_INVALID_SLICING_ARGUMENT,
   MAX_VALIDATION_SUBGRAPH_PATHS_EXCEEDED,
-  AUTHENTICATION_APPLIED_ON_INTERFACE,
+  AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE,
   MISSING_TRANSITIVE_AUTH_REQUIREMENTS,
 };
 

package/src/federation.ts

@@ -37,7 +37,7 @@ import {
   isWrapperType,
   possibleRuntimeTypes,
   isIntType,
-  Type, isFieldDefinition,
+  Type, isFieldDefinition, isElementNamedType,
 } from "./definitions";
 import { assert, MultiMap, printHumanReadableList, OrderedMap, mapValues, assertUnreachable } from "./utils";
 import { SDLValidationRule } from "graphql/validation/ValidationContext";
@@ -1071,7 +1071,7 @@ function validateListSizeAppliedToList(
 ) {
   const { sizedFields = [] } = application.arguments();
   // @listSize must be applied to a list https://ibm.github.io/graphql-specs/cost-spec.html#sec-Valid-List-Size-Target
-  if (!sizedFields.length && parent.type && !isListType(parent.type)) {
+  if (!sizedFields.length && parent.type && !isListType(parent.type) && !isNonNullListType(parent.type)) {
     errorCollector.push(ERRORS.LIST_SIZE_APPLIED_TO_NON_LIST.err(
       `"${parent.coordinate}" is not a list`,
       { nodes: sourceASTs(application, parent) },
@@ -1141,8 +1141,9 @@ function validateSizedFieldsAreValidLists(
 ) {
   const { sizedFields = [] } = application.arguments();
   // Validate sizedFields https://ibm.github.io/graphql-specs/cost-spec.html#sec-Valid-Sized-Fields-Target
-  if (sizedFields.length) {
-    if (!parent.type || !isCompositeType(parent.type)) {
+  if (sizedFields.length && parent.type) {
+    const baseParentType = baseType(parent.type);
+    if (!isCompositeType(baseParentType)) {
       // The output type must have fields
       errorCollector.push(ERRORS.LIST_SIZE_INVALID_SIZED_FIELD.err(
         `Sized fields cannot be used because "${parent.type}" is not a composite type`,
@@ -1150,11 +1151,11 @@ function validateSizedFieldsAreValidLists(
       ));
     } else {
       for (const sizedFieldName of sizedFields) {
-        const sizedField = parent.type.field(sizedFieldName);
+        const sizedField = baseParentType.field(sizedFieldName);
         if (!sizedField) {
           // Sized fields must be present on the output type
           errorCollector.push(ERRORS.LIST_SIZE_INVALID_SIZED_FIELD.err(
-            `Sized field "${sizedFieldName}" is not a field on type "${parent.type.coordinate}"`,
+            `Sized field "${sizedFieldName}" is not a field on type "${baseParentType.coordinate}"`,
             { nodes: sourceASTs(application, parent) }
           ));
         } else if (!sizedField.type || !(isListType(sizedField.type) || isNonNullListType(sizedField.type))) {
@@ -1846,7 +1847,7 @@ export class FederationBlueprint extends SchemaBlueprint {
       validateSizedFieldsAreValidLists(application, parent, errorCollector);
     }
 
-    // Validate @authenticated, @requireScopes and @policy
+    // Validate @authenticated, @requireScopes and @policy usage on interfaces and interface objects
     validateNoAuthenticationOnInterfaces(metadata, errorCollector);
 
     return errorCollector;
@@ -2907,15 +2908,15 @@ function validateNoAuthenticationOnInterfaces(metadata: FederationMetadata, erro
   const policyDirective = metadata.policyDirective();
   [authenticatedDirective, requiresScopesDirective, policyDirective].forEach((directive) => {
     for (const application of directive.applications()) {
-      const element = application.parent;
-      function isAppliedOnInterface(type: Type) {
-        return isInterfaceType(type) || isInterfaceObjectType(baseType(type));
-      }
-      function isAppliedOnInterfaceField(elem: SchemaElement<any, any>) {
-        return isFieldDefinition(elem) && isAppliedOnInterface(elem.parent);
-      }
-
-      if (isAppliedOnInterface(element) || isAppliedOnInterfaceField(element)) {
+      const element: SchemaElement<any, any> = application.parent;
+      if (
+        // Is it applied on interface or interface object types?
+        (isElementNamedType(element) &&
+          (isInterfaceType(element) || isInterfaceObjectType(element))
+        ) ||
+        // Is it applied on interface fields?
+        (isFieldDefinition(element) && isInterfaceType(element.parent))
+      ) {
         let kind = '';
         switch (element.kind) {
           case 'FieldDefinition':
@@ -2928,8 +2929,8 @@ function validateNoAuthenticationOnInterfaces(metadata: FederationMetadata, erro
             kind = 'interface object';
             break;
         }
-        errorCollector.push(ERRORS.AUTHENTICATION_APPLIED_ON_INTERFACE.err(
-            `Invalid use of @${directive.name} on ${kind} "${element.coordinate}": @${directive.name} cannot be applied on interfaces, interface objects or their fields`,
+        errorCollector.push(ERRORS.AUTH_REQUIREMENTS_APPLIED_ON_INTERFACE.err(
+            `Invalid use of @${directive.name} on ${kind} "${element.coordinate}": @${directive.name} cannot be applied on interfaces, interface fields and interface objects`,
             {nodes: sourceASTs(application, element.parent)},
         ));
       }

package/src/specs/authenticatedSpec.ts

@@ -24,6 +24,10 @@ export class AuthenticatedSpecDefinition extends FeatureDefinition {
       minimumFederationVersion,
     );
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: AuthenticatedSpecDefinition.directiveName,
       locations: [

package/src/specs/policySpec.ts

@@ -31,6 +31,10 @@ export class PolicySpecDefinition extends FeatureDefinition {
 
     this.registerType(createScalarTypeSpecification({ name: PolicyTypeName.POLICY }));
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: PolicySpecDefinition.directiveName,
       args: [{

package/src/specs/requiresScopesSpec.ts

@@ -32,6 +32,10 @@ export class RequiresScopesSpecDefinition extends FeatureDefinition {
 
     this.registerType(createScalarTypeSpecification({ name: RequiresScopesTypeName.SCOPE }));
 
+    // WARNING: we cannot declare staticArgumentTransform() as access control merge logic needs to propagate
+    // requirements upwards/downwards between types and interfaces. We hijack the merge process by providing
+    // implementations/interfaces as "additional sources". This means that we cannot apply staticArgumentTransform()
+    // as subgraph index index will be wrong/undefined.
     this.registerDirective(createDirectiveSpecification({
       name: RequiresScopesSpecDefinition.directiveName,
       args: [{

package/src/supergraphs.ts

@@ -1,13 +1,17 @@
 import { DocumentNode, GraphQLError } from "graphql";
 import { CoreFeatures, Schema, sourceASTs } from "./definitions";
-import { ErrCoreCheckFailed, FeatureUrl, FeatureVersion } from "./specs/coreSpec";
+import {
+  ErrCoreCheckFailed,
+  FeatureUrl,
+  FeatureVersion,
+} from './specs/coreSpec';
 import { joinIdentity, JoinSpecDefinition, JOIN_VERSIONS } from "./specs/joinSpec";
 import { CONTEXT_VERSIONS, ContextSpecDefinition } from "./specs/contextSpec";
 import { COST_VERSIONS, costIdentity, CostSpecDefinition } from "./specs/costSpec";
 import { buildSchema, buildSchemaFromAST } from "./buildSchema";
 import { extractSubgraphsNamesAndUrlsFromSupergraph, extractSubgraphsFromSupergraph } from "./extractSubgraphsFromSupergraph";
 import { ERRORS } from "./error";
-import { Subgraphs } from ".";
+import { Subgraphs } from './federation';
 
 export const DEFAULT_SUPPORTED_SUPERGRAPH_FEATURES = new Set([
   'https://specs.apollo.dev/core/v0.1',
@@ -24,7 +28,7 @@ export const DEFAULT_SUPPORTED_SUPERGRAPH_FEATURES = new Set([
   'https://specs.apollo.dev/inaccessible/v0.2',
 ]);
 
-export const ROUTER_SUPPORTED_SUPERGRAPH_FEATURES = new Set([
+export const ROUTER_SUPPORTED_SUPERGRAPH_FEATURES: Set<string> = new Set([
   'https://specs.apollo.dev/core/v0.1',
   'https://specs.apollo.dev/core/v0.2',
   'https://specs.apollo.dev/join/v0.1',
@@ -40,10 +44,11 @@ export const ROUTER_SUPPORTED_SUPERGRAPH_FEATURES = new Set([
   'https://specs.apollo.dev/authenticated/v0.1',
   'https://specs.apollo.dev/requiresScopes/v0.1',
   'https://specs.apollo.dev/policy/v0.1',
-  'https://specs.apollo.dev/source/v0.1',
   'https://specs.apollo.dev/context/v0.1',
   'https://specs.apollo.dev/cost/v0.1',
   'https://specs.apollo.dev/connect/v0.1',
+  'https://specs.apollo.dev/connect/v0.2',
+  'https://specs.apollo.dev/connect/v0.3',
   'https://specs.apollo.dev/cacheTag/v0.1',
 ]);