@ttoss/graphql-api-server 0.4.0 → 0.5.1

package/README.md

@@ -5,7 +5,7 @@ This package provides a Koa server to run your [`@ttoss/graphql-api` API](https:
 ## Installation
 
 ```bash
-yarn add @ttoss/graphql-api-server @ttoss/graphql-api graphql
+pnpm add @ttoss/graphql-api-server @ttoss/graphql-api graphql
 ```
 
 ## Quickstart

package/dist/esm/index.js

@@ -2,9 +2,10 @@
 
 // src/index.ts
 import { buildSchema } from "@ttoss/graphql-api";
-import { CognitoJwtVerifier } from "aws-jwt-verify";
+import { CognitoJwtVerifier } from "@ttoss/auth-core/amazon-cognito";
 import { createYoga } from "graphql-yoga";
 import Koa from "koa";
+import Router from "@koa/router";
 var createServer = ({
   authenticationType,
   userPoolConfig,
@@ -30,16 +31,18 @@ var createServer = ({
       method: ctx.method,
       query: ctx.request.query
     };
-    try {
-      if (authenticationType === "AMAZON_COGNITO_USER_POOLS" && jwtVerifier) {
-        const token = request.headers.authorization?.replace("Bearer ", "");
-        const identity = await jwtVerifier.verify(token || "");
-        ctx.identity = identity;
+    if (request.method !== "GET" && request.headers.referer !== "http://localhost:4000/graphql") {
+      try {
+        if (authenticationType === "AMAZON_COGNITO_USER_POOLS" && jwtVerifier) {
+          const token = request.headers.authorization?.replace("Bearer ", "");
+          const identity = await jwtVerifier.verify(token || "");
+          ctx.identity = identity;
+        }
+      } catch {
+        ctx.status = 401;
+        ctx.body = "Unauthorized";
+        return;
       }
-    } catch {
-      ctx.status = 401;
-      ctx.body = "Unauthorized";
-      return;
     }
     const operationName = request.body;
     const query = request.headers;
@@ -51,10 +54,12 @@ var createServer = ({
     const response = await yoga.handleNodeRequest(ctx.req, ctx);
     ctx.status = response.status;
     for (const [key, value] of response.headers.entries()) {
-      ctx.append(key, value);
+      if (ctx.status != 401) {
+        ctx.append(key, value);
+      }
     }
     ctx.body = response.body;
   });
   return app;
 };
-export { createServer };
+export { Router, createServer };

package/dist/index.d.mts

@@ -1,5 +1,6 @@
 import { BuildSchemaInput } from '@ttoss/graphql-api';
 import Koa from 'koa';
+export { default as Router } from '@koa/router';
 
 type AuthenticationType = 'AMAZON_COGNITO_USER_POOLS';
 type CreateServerInput = {

package/dist/index.d.ts

@@ -1,5 +1,6 @@
 import { BuildSchemaInput } from '@ttoss/graphql-api';
 import Koa from 'koa';
+export { default as Router } from '@koa/router';
 
 type AuthenticationType = 'AMAZON_COGNITO_USER_POOLS';
 type CreateServerInput = {

package/dist/index.js

@@ -38,13 +38,15 @@ var __toCommonJS = mod => __copyProps(__defProp({}, "__esModule", {
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  Router: () => import_router.default,
   createServer: () => createServer
 });
 module.exports = __toCommonJS(src_exports);
 var import_graphql_api = require("@ttoss/graphql-api");
-var import_aws_jwt_verify = require("aws-jwt-verify");
+var import_amazon_cognito = require("@ttoss/auth-core/amazon-cognito");
 var import_graphql_yoga = require("graphql-yoga");
 var import_koa = __toESM(require("koa"));
+var import_router = __toESM(require("@koa/router"));
 var createServer = ({
   authenticationType,
   userPoolConfig,
@@ -56,7 +58,7 @@ var createServer = ({
       if (!userPoolConfig) {
         throw new Error("userPoolConfig is required when using AMAZON_COGNITO_USER_POOLS authenticationType");
       }
-      return import_aws_jwt_verify.CognitoJwtVerifier.create({
+      return import_amazon_cognito.CognitoJwtVerifier.create({
         tokenUse: "access",
         ...userPoolConfig
       });
@@ -70,16 +72,18 @@ var createServer = ({
       method: ctx.method,
       query: ctx.request.query
     };
-    try {
-      if (authenticationType === "AMAZON_COGNITO_USER_POOLS" && jwtVerifier) {
-        const token = request.headers.authorization?.replace("Bearer ", "");
-        const identity = await jwtVerifier.verify(token || "");
-        ctx.identity = identity;
+    if (request.method !== "GET" && request.headers.referer !== "http://localhost:4000/graphql") {
+      try {
+        if (authenticationType === "AMAZON_COGNITO_USER_POOLS" && jwtVerifier) {
+          const token = request.headers.authorization?.replace("Bearer ", "");
+          const identity = await jwtVerifier.verify(token || "");
+          ctx.identity = identity;
+        }
+      } catch {
+        ctx.status = 401;
+        ctx.body = "Unauthorized";
+        return;
       }
-    } catch {
-      ctx.status = 401;
-      ctx.body = "Unauthorized";
-      return;
     }
     const operationName = request.body;
     const query = request.headers;
@@ -91,7 +95,9 @@ var createServer = ({
     const response = await yoga.handleNodeRequest(ctx.req, ctx);
     ctx.status = response.status;
     for (const [key, value] of response.headers.entries()) {
-      ctx.append(key, value);
+      if (ctx.status != 401) {
+        ctx.append(key, value);
+      }
     }
     ctx.body = response.body;
   });
@@ -99,5 +105,6 @@ var createServer = ({
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  Router,
   createServer
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ttoss/graphql-api-server",
-  "version": "0.4.0",
+  "version": "0.5.1",
   "description": "GraphQL API Server",
   "author": "ttoss",
   "contributors": [
@@ -20,26 +20,26 @@
   "sideEffects": false,
   "typings": "dist/index.d.ts",
   "dependencies": {
-    "@koa/cors": "^4.0.0",
+    "@koa/cors": "^5.0.0",
     "@koa/router": "^12.0.1",
-    "aws-jwt-verify": "^4.0.0",
-    "graphql-helix": "^1.13.0",
-    "graphql-yoga": "^5.0.2",
-    "koa": "^2.14.2",
-    "koa-bodyparser": "^4.4.1"
+    "graphql-yoga": "^5.1.1",
+    "koa": "^2.15.0",
+    "koa-bodyparser": "^4.4.1",
+    "@ttoss/auth-core": "^0.0.2"
   },
   "peerDependencies": {
     "graphql": "^16.6.0",
     "@ttoss/graphql-api": "^0.5.0"
   },
   "devDependencies": {
-    "@types/koa": "^2.13.12",
-    "@types/koa__cors": "^4.0.3",
+    "@types/koa": "^2.14.0",
+    "@types/koa__cors": "^5.0.0",
     "@types/koa__router": "^12.0.4",
     "@types/koa-bodyparser": "^4.3.12",
+    "@types/supertest": "^6.0.2",
     "graphql": "^16.8.1",
     "jest": "^29.7.0",
-    "supertest": "^6.3.3",
+    "supertest": "^6.3.4",
     "tsup": "^8.0.1",
     "@ttoss/config": "^1.31.4",
     "@ttoss/graphql-api": "^0.5.0"

package/src/index.ts

@@ -1,7 +1,10 @@
 import { BuildSchemaInput, buildSchema } from '@ttoss/graphql-api';
-import { CognitoJwtVerifier } from 'aws-jwt-verify';
+import { CognitoJwtVerifier } from '@ttoss/auth-core/amazon-cognito';
 import { createYoga } from 'graphql-yoga';
 import Koa from 'koa';
+import Router from '@koa/router';
+
+export { Router };
 
 export type AuthenticationType = 'AMAZON_COGNITO_USER_POOLS';
 
@@ -29,7 +32,6 @@ export const createServer = ({
           'userPoolConfig is required when using AMAZON_COGNITO_USER_POOLS authenticationType'
         );
       }
-
       return CognitoJwtVerifier.create({
         tokenUse: 'access',
         ...userPoolConfig,
@@ -47,20 +49,25 @@ export const createServer = ({
       query: ctx.request.query,
     };
 
-    //console.log(request);
-
-    try {
-      if (authenticationType === 'AMAZON_COGNITO_USER_POOLS' && jwtVerifier) {
-        const token = request.headers.authorization?.replace('Bearer ', '');
-        const identity = await jwtVerifier.verify(token || '');
-        ctx.identity = identity;
+    if (
+      request.method !== 'GET' &&
+      request.headers.referer !== 'http://localhost:4000/graphql'
+    ) {
+      try {
+        if (authenticationType === 'AMAZON_COGNITO_USER_POOLS' && jwtVerifier) {
+          const token = request.headers.authorization?.replace('Bearer ', '');
+          const identity = await jwtVerifier.verify(token || '');
+
+          ctx.identity = identity;
+        }
+      } catch {
+        ctx.status = 401;
+        ctx.body = 'Unauthorized';
+        return;
       }
-    } catch {
-      ctx.status = 401;
-      ctx.body = 'Unauthorized';
-      return;
     }
 
+    //console.log(ctx.identity);
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     const operationName = request.body;
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
@@ -80,7 +87,9 @@ export const createServer = ({
 
     // Set headers
     for (const [key, value] of response.headers.entries()) {
-      ctx.append(key, value);
+      if (ctx.status != 401) {
+        ctx.append(key, value);
+      }
     }
 
     ctx.body = response.body;

package/src/indexGraphqlHelix.ts

@@ -1,113 +0,0 @@
-import { type BuildSchemaInput, buildSchema } from '@ttoss/graphql-api';
-import { CognitoJwtVerifier } from 'aws-jwt-verify';
-import {
-  getGraphQLParameters,
-  processRequest,
-  renderGraphiQL,
-  sendResult,
-  shouldRenderGraphiQL,
-} from 'graphql-helix';
-import Koa from 'koa';
-import Router from '@koa/router';
-import bodyParser from 'koa-bodyparser';
-import cors from '@koa/cors';
-
-export { Router };
-
-export type AuthenticationType = 'AMAZON_COGNITO_USER_POOLS';
-
-export type CreateServerInput = {
-  graphiql?: boolean;
-  authenticationType?: AuthenticationType;
-  userPoolConfig?: {
-    userPoolId: string;
-    tokenUse?: 'access' | 'id';
-    clientId: string;
-  };
-} & BuildSchemaInput;
-
-export const createServerNew = ({
-  graphiql = false,
-  authenticationType,
-  userPoolConfig,
-  ...buildSchemaInput
-}: CreateServerInput): Koa => {
-  const server = new Koa();
-
-  const router = new Router();
-
-  /**
-   * Create the verifier outside your route handlers,
-   * so the cache is persisted and can be shared amongst them.
-   */
-  const jwtVerifier = (() => {
-    if (authenticationType === 'AMAZON_COGNITO_USER_POOLS') {
-      if (!userPoolConfig) {
-        throw new Error(
-          'userPoolConfig is required when using AMAZON_COGNITO_USER_POOLS authenticationType'
-        );
-      }
-
-      return CognitoJwtVerifier.create({
-        tokenUse: 'access',
-        ...userPoolConfig,
-      });
-    }
-
-    return null;
-  })();
-
-  router.all('/graphql', async (ctx) => {
-    const request = {
-      body: ctx.request.body,
-      headers: ctx.headers,
-      method: ctx.method,
-      query: ctx.request.query,
-    };
-
-    try {
-      if (authenticationType === 'AMAZON_COGNITO_USER_POOLS' && jwtVerifier) {
-        const token = request.headers.authorization?.replace('Bearer ', '');
-        const identity = await jwtVerifier.verify(token || '');
-        ctx.identity = identity;
-      }
-    } catch {
-      ctx.status = 401;
-      ctx.body = 'Unauthorized';
-      return;
-    }
-
-    if (shouldRenderGraphiQL(request)) {
-      if (graphiql) {
-        ctx.body = renderGraphiQL({});
-      }
-
-      return;
-    }
-
-    const { operationName, query, variables } = getGraphQLParameters(request);
-
-    const result = await processRequest({
-      operationName,
-      query,
-      variables,
-      request,
-      schema: buildSchema(buildSchemaInput),
-      contextFactory: () => {
-        return {
-          identity: ctx.identity,
-        };
-      },
-    });
-
-    sendResult(result, ctx.res);
-  });
-
-  server
-    .use(cors())
-    .use(bodyParser())
-    .use(router.routes())
-    .use(router.allowedMethods());
-
-  return server;
-};