213 lines
4.9 KiB
Go
213 lines
4.9 KiB
Go
// Package core provides the primary API to include and use Super Graph with your own code.
|
|
// For detailed documentation visit https://supergraph.dev
|
|
//
|
|
// Example usage:
|
|
/*
|
|
package main
|
|
|
|
import (
|
|
"database/sql"
|
|
"fmt"
|
|
"time"
|
|
"github.com/dosco/super-graph/core"
|
|
_ "github.com/jackc/pgx/v4/stdlib"
|
|
)
|
|
|
|
func main() {
|
|
db, err := sql.Open("pgx", "postgres://postgrs:@localhost:5432/example_db")
|
|
if err != nil {
|
|
log.Fatalf(err)
|
|
}
|
|
|
|
sg, err := core.NewSuperGraph(nil, db)
|
|
if err != nil {
|
|
log.Fatalf(err)
|
|
}
|
|
|
|
query := `
|
|
query {
|
|
posts {
|
|
id
|
|
title
|
|
}
|
|
}`
|
|
|
|
res, err := sg.GraphQL(context.Background(), query, nil)
|
|
if err != nil {
|
|
log.Fatalf(err)
|
|
}
|
|
|
|
fmt.Println(string(res.Data))
|
|
}
|
|
*/
|
|
package core
|
|
|
|
import (
|
|
"context"
|
|
"crypto/sha256"
|
|
"database/sql"
|
|
"encoding/json"
|
|
_log "log"
|
|
"os"
|
|
|
|
"github.com/chirino/graphql"
|
|
"github.com/dosco/super-graph/core/internal/allow"
|
|
"github.com/dosco/super-graph/core/internal/crypto"
|
|
"github.com/dosco/super-graph/core/internal/psql"
|
|
"github.com/dosco/super-graph/core/internal/qcode"
|
|
)
|
|
|
|
type contextkey int
|
|
|
|
// Constants to set values on the context passed to the NewSuperGraph function
|
|
const (
|
|
// Name of the authentication provider. Eg. google, github, etc
|
|
UserIDProviderKey contextkey = iota
|
|
|
|
// User ID value for authenticated users
|
|
UserIDKey
|
|
|
|
// User role if pre-defined
|
|
UserRoleKey
|
|
)
|
|
|
|
// SuperGraph struct is an instance of the Super Graph engine it holds all the required information like
|
|
// datase schemas, relationships, etc that the GraphQL to SQL compiler would need to do it's job.
|
|
type SuperGraph struct {
|
|
conf *Config
|
|
db *sql.DB
|
|
log *_log.Logger
|
|
dbinfo *psql.DBInfo
|
|
schema *psql.DBSchema
|
|
allowList *allow.List
|
|
encKey [32]byte
|
|
prepared map[string]*preparedItem
|
|
roles map[string]*Role
|
|
getRole *sql.Stmt
|
|
rmap map[uint64]*resolvFn
|
|
abacEnabled bool
|
|
anonExists bool
|
|
qc *qcode.Compiler
|
|
pc *psql.Compiler
|
|
ge *graphql.Engine
|
|
}
|
|
|
|
// NewSuperGraph creates the SuperGraph struct, this involves querying the database to learn its
|
|
// schemas and relationships
|
|
func NewSuperGraph(conf *Config, db *sql.DB) (*SuperGraph, error) {
|
|
return newSuperGraph(conf, db, nil)
|
|
}
|
|
|
|
// newSuperGraph helps with writing tests and benchmarks
|
|
func newSuperGraph(conf *Config, db *sql.DB, dbinfo *psql.DBInfo) (*SuperGraph, error) {
|
|
if conf == nil {
|
|
conf = &Config{}
|
|
}
|
|
|
|
sg := &SuperGraph{
|
|
conf: conf,
|
|
db: db,
|
|
dbinfo: dbinfo,
|
|
log: _log.New(os.Stdout, "", 0),
|
|
}
|
|
|
|
if err := sg.initConfig(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := sg.initCompilers(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := sg.initAllowList(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := sg.initPrepared(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := sg.initResolvers(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := sg.initGraphQLEgine(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if len(conf.SecretKey) != 0 {
|
|
sk := sha256.Sum256([]byte(conf.SecretKey))
|
|
conf.SecretKey = ""
|
|
sg.encKey = sk
|
|
} else {
|
|
sg.encKey = crypto.NewEncryptionKey()
|
|
}
|
|
|
|
return sg, nil
|
|
}
|
|
|
|
// Result struct contains the output of the GraphQL function this includes resulting json from the
|
|
// database query and any error information
|
|
type Result struct {
|
|
op qcode.QType
|
|
name string
|
|
sql string
|
|
role string
|
|
|
|
Error string `json:"message,omitempty"`
|
|
Data json.RawMessage `json:"data,omitempty"`
|
|
Extensions *extensions `json:"extensions,omitempty"`
|
|
}
|
|
|
|
// GraphQL function is called on the SuperGraph struct to convert the provided GraphQL query into an
|
|
// SQL query and execute it on the database. In production mode prepared statements are directly used
|
|
// and no query compiling takes places.
|
|
//
|
|
// In developer mode all names queries are saved into a file `allow.list` and in production mode only
|
|
// queries from this file can be run.
|
|
func (sg *SuperGraph) GraphQL(c context.Context, query string, vars json.RawMessage) (*Result, error) {
|
|
var res Result
|
|
|
|
res.op = qcode.GetQType(query)
|
|
res.name = allow.QueryName(query)
|
|
|
|
// use the chirino/graphql library for introspection queries
|
|
// disabled when allow list is enforced
|
|
if !sg.conf.UseAllowList && res.name == "IntrospectionQuery" {
|
|
r := sg.ge.ExecuteOne(&graphql.EngineRequest{Query: query})
|
|
res.Data = r.Data
|
|
|
|
if r.Error() != nil {
|
|
res.Error = r.Error().Error()
|
|
}
|
|
return &res, r.Error()
|
|
}
|
|
|
|
ct := scontext{Context: c, sg: sg, query: query, vars: vars, res: res}
|
|
|
|
if len(vars) <= 2 {
|
|
ct.vars = nil
|
|
}
|
|
|
|
if keyExists(c, UserIDKey) {
|
|
ct.role = "user"
|
|
} else {
|
|
ct.role = "anon"
|
|
}
|
|
|
|
data, err := ct.execQuery()
|
|
if err != nil {
|
|
return &ct.res, err
|
|
}
|
|
|
|
ct.res.Data = json.RawMessage(data)
|
|
|
|
return &ct.res, nil
|
|
}
|
|
|
|
// GraphQLSchema function return the GraphQL schema for the underlying database connected
|
|
// to this instance of Super Graph
|
|
func (sg *SuperGraph) GraphQLSchema() (string, error) {
|
|
return sg.ge.Schema.String(), nil
|
|
}
|