GraphQL.Authorization 8.0.0

dotnet add package GraphQL.Authorization --version 8.0.0                
NuGet\Install-Package GraphQL.Authorization -Version 8.0.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="GraphQL.Authorization" Version="8.0.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add GraphQL.Authorization --version 8.0.0                
#r "nuget: GraphQL.Authorization, 8.0.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install GraphQL.Authorization as a Cake Addin
#addin nuget:?package=GraphQL.Authorization&version=8.0.0

// Install GraphQL.Authorization as a Cake Tool
#tool nuget:?package=GraphQL.Authorization&version=8.0.0                

GraphQL Authorization

License codecov Nuget Nuget GitHub Release Date GitHub commits since latest release (by date) Size

GitHub contributors Activity Activity Activity

A toolset for authorizing access to graph types for GraphQL.NET.

Provides the following packages:

Package Downloads NuGet Latest
GraphQL.Authorization Nuget Nuget

You can get all preview versions from GitHub Packages. Note that GitHub requires authentication to consume the feed. See here.

Usage

  • Register the authorization classes in your DI container - call AddAuthorization on the provided IGraphQLBuilder inside AddGraphQL extension method.
  • Provide the ClaimsPrincipal through ExecutionOptions.User.
  • Add policies to the AuthorizationSettings.
  • Apply a policy to a GraphType or Field - both implement IProvideMetadata:
    • using AuthorizeWithPolicy(string policy) extension method
    • or with AuthorizeAttribute attribute if using Schema + Handler syntax.
  • The AuthorizationValidationRule will run and verify the policies based on the registered policies.
  • You can write your own IAuthorizationRequirement.

Limitations

@skip and @include directives are ignored; all selected fields of the selected operation will be checked for authentication requirements, including referenced fragments. (Other operations in the same document will correctly be skipped.)

This authorization framework only supports policy-based authorization. It does not support role-based authorization, or the [AllowAnonymous] attribute/extension, or the [Authorize] attribute/extension indicating authorization is required but without specifying a policy. It also does not integrate with ASP.NET Core's authorization framework.

The GraphQL.Server repository contains an authorization rule which has the above missing features, intended for use with ASP.NET Core. It may also be tailored with custom authentication code if desired, rather than relying on ASP.NET Core's authentication framework.

Examples

  1. Fully functional basic Console sample.

  2. Fully functional ASP.NET Core sample.

  3. GraphType first syntax - use AuthorizeWithPolicy extension method on IGraphType or IFieldType.

public class MyType : ObjectGraphType
{
    public MyType()
    {
        this.AuthorizeWithPolicy("AdminPolicy");
        Field<StringGraphType>("name").AuthorizeWithPolicy("SomePolicy");
    }
}
  1. Schema first syntax - use AuthorizeAttribute attribute on type, method or property.
[Authorize("MyPolicy")]
public class MutationType
{
    [Authorize("AnotherPolicy")]
    public async Task<string> CreateSomething(MyInput input)
    {
        return await SomeMethodAsync(input);
    }

    [Authorize("SuperPolicy")]
    public string SomeProperty => Guid.NewGuid().ToString();
}

Known Issues

  • It is currently not possible to add a policy to Input objects using Schema first approach.
Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
  • .NETStandard 2.0

NuGet packages (8)

Showing the top 5 NuGet packages that depend on GraphQL.Authorization:

Package Downloads
VirtoCommerce.ExperienceApiModule.Core

Experiene API functionality

VirtoCommerce.Exp.ExtensionSamples

Package Description

SER.Graphql.Reflection.NetCore

This is a complement to graphql-dotnet (https://github.com/graphql-dotnet/graphql-dotnet) to avoid boilerplate

Graphity

A .NET 6+ library that integrates GraphQL and Entity Framework Core with minimal effort

FEB.Web.GraphQL

Package Description

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on GraphQL.Authorization:

Repository Stars
JuergenGutsch/graphql-aspnetcore
ASP.NET Core MiddleWare to create a GraphQL end-point
Version Downloads Last updated
8.0.0 23,878 8/22/2024
7.0.0 233,598 2/8/2023
5.0.0 338,991 5/11/2022
4.0.0 1,186,960 4/28/2021
3.1.0 528,634 11/3/2020
3.0.44 8,988 11/1/2020
3.0.43 84,996 9/2/2020
3.0.40-preview-40 9,016 5/14/2020
3.0.39-preview-39 102,651 1/28/2020
3.0.38-preview-38 125,656 9/19/2019
3.0.35-preview-35 2,360 6/4/2019
2.1.29 597,749 1/18/2019
2.0.27 95,495 10/19/2018
1.1.26 49,519 8/24/2018
1.0.21 2,329 8/18/2018
1.0.20 4,771 8/15/2018
1.0.16-alpha-16 5,679 6/13/2018
1.0.10-alpha-10 8,535 9/18/2017
1.0.6-alpha-6 1,370 8/2/2017