Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

GraphQLAuthorize Attribute

See original GitHub issue

It would be really nice if we could add code like this in our underlying type

[GraphQLAuthorize("my policy")]
public Task<User> GetUser(IResolverContext context) {

}

instead of having to do

protected override void Configure(IObjectTypeDescriptor<Query> descriptor)
{
            descriptor.Field(f => f.GetUser(default))
            .Authorize("my policy");
}

It would also be nice if this new attribute could be added to the Type itself

[GraphQLAuthorize("my policy")]
public class UserType : ObjectType<Query>{

}

[GraphQLAuthorize("my policy")]
public class Query {   // <-- or you can add it to the underlying type instead

}

Issue Analytics

State:
Created 5 years ago
Comments:9 (8 by maintainers)

Top GitHub Comments

2reactions

michaelstaibcommented, May 23, 2019

I will move it to the 9.1 backlog and it should be available in about 4 weeks.

0reactions

drowhuntercommented, Mar 28, 2020

Just tried to add the new Authorize attribute by removing what I had which was

[Authorize(Policy="IsOver18")] //doesnt work here
public class AdultType:ObjectType<AdultResolver>
{
    protected override void Configure(IObjectTypeDescriptor<AdultResolver> descriptor){
   // removed this line but this works
   //  this descriptor.Authorize("IsOver18");

    }
}
[Authorize(Policy="IsOver18")] //this works
public class AdultResolver
{

}

unless im assuming too much on where the attribute should work.

Top Results From Across the Web

Authorization

GraphQL ASP.NET draws from your configured authentication/authorization solution. Execution directives and field resolutions are passed through the libraries ...

graphql-dotnet/authorization: A toolset for ...

GitHub - graphql-dotnet/authorization: A toolset for authorizing access to graph ... or with AuthorizeAttribute attribute if using Schema + Handler syntax.

Authorization in GraphQL

Authorization in GraphQL · In this post, we're focusing on authorization · Putting user info on the context · Basic whole-schema authorization.

How to implement authorization using GraphQL.NET at ...

I am looking for sample code and examples regarding how to implement authorization at resolver function level using GraphQL.NET and ASP.NET CORE ...

Authorization - Hot Chocolate v12

Authorization allows us to determine a user's permissions within our system. We can for example limit access to resources or only allow ...