UNPKG

graphql-yoga

Version:

<div align="center"><img src="./website/public/cover.png" width="720" /></div>

github.com/dotansimha/graphql-yoga

dotansimha/graphql-yoga

135 lines (134 loc) 4.19 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
import { createGraphQLError } from '@graphql-tools/utils'; const expectedParameters = new Set(['query', 'variables', 'operationName', 'extensions']); export function assertInvalidParams(params, extraParamNames) { if (params == null || typeof params !== 'object') { throw createGraphQLError('Invalid "params" in the request body', { extensions: { http: { spec: true, status: 400, }, code: 'BAD_REQUEST', }, }); } for (const paramKey in params) { if (params[paramKey] == null) { continue; } if (!expectedParameters.has(paramKey)) { if (extraParamNames?.includes(paramKey)) { continue; } throw createGraphQLError(`Unexpected parameter "${paramKey}" in the request body.`, { extensions: { http: { status: 400, }, code: 'BAD_REQUEST', }, }); } } } export function checkGraphQLQueryParams(params, extraParamNames) { if (!isObject(params)) { throw createGraphQLError(`Expected params to be an object but given ${extendedTypeof(params)}.`, { extensions: { http: { status: 400, headers: { Allow: 'GET, POST', }, }, code: 'BAD_REQUEST', }, }); } assertInvalidParams(params, extraParamNames); if (params['query'] == null) { throw createGraphQLError('Must provide query string.', { extensions: { http: { spec: true, status: 400, headers: { Allow: 'GET, POST', }, }, code: 'BAD_REQUEST', }, }); } const queryType = extendedTypeof(params['query']); if (queryType !== 'string') { throw createGraphQLError(`Expected "query" param to be a string, but given ${queryType}.`, { extensions: { http: { status: 400, headers: { Allow: 'GET, POST', }, }, code: 'BAD_REQUEST', }, }); } const variablesParamType = extendedTypeof(params['variables']); if (!['object', 'null', 'undefined'].includes(variablesParamType)) { throw createGraphQLError(`Expected "variables" param to be empty or an object, but given ${variablesParamType}.`, { extensions: { http: { status: 400, headers: { Allow: 'GET, POST', }, }, code: 'BAD_REQUEST', }, }); } const extensionsParamType = extendedTypeof(params['extensions']); if (!['object', 'null', 'undefined'].includes(extensionsParamType)) { throw createGraphQLError(`Expected "extensions" param to be empty or an object, but given ${extensionsParamType}.`, { extensions: { http: { status: 400, headers: { Allow: 'GET, POST', }, }, code: 'BAD_REQUEST', }, }); } return params; } export function isValidGraphQLParams(params) { try { checkGraphQLQueryParams(params); return true; } catch { return false; } } export function useCheckGraphQLQueryParams(extraParamNames) { return { onParams({ params }) { checkGraphQLQueryParams(params, extraParamNames); }, }; } function extendedTypeof(val) { if (val === null) { return 'null'; } if (Array.isArray(val)) { return 'array'; } return typeof val; } function isObject(val) { return extendedTypeof(val) === 'object'; }