Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Not authorized error on every query

See original GitHub issue

Question about GraphQL Shield

I am trying to get graphql shield working with my already in use apollo server v2, with applyMiddleware as other posts have suggested. The problem is that it is always giving me the same Not authorized error in the playground. I am attaching details below, though I understand that this has to do with me not understanding how graphql-shield behaves. Please correct what am I doing wrong here, or direct me to right posts/resources.

Apollo server initialized as:

const server = new ApolloServer({
  schema: applyMiddleware(makeExecutableSchema({
                    typeDefs: importSchema("./src/schema.graphql"),
                    resolvers: resolvers as any
               });, permissions);,
  context: ({ req, res }: any): Context => ({
    req,
    res,
    prisma: Prisma
  })
});

permissions.ts:

import { shield, allow } from "graphql-shield";
const permissions = shield({
  Query: {
    me: allow
  }
});
export default permissions;

Query:

query Quereis {
  me {
    id
    email
    name
  }
}

Error stack:

{
  "errors": [
    {
      "message": "Not Authorised!",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "me"
      ],
      "extensions": {
        "code": "INTERNAL_SERVER_ERROR",
        "exception": {
          "stacktrace": [
            "Error: Not Authorised!",
            "    at normalizeOptions (G:\\gql-shield\\gql-shield-apollo\\node_modules\\graphql-shield\\src\\shield.ts:25:32)",
            "    at Object.shield (G:\\gql-shield\\gql-shield-apollo\\node_modules\\graphql-shield\\src\\shield.ts:43:29)",
            "    at Object.<anonymous> (G:\\gql-shield\\gql-shield-apollo\\src\\auth\\permissions.ts:11:21)",
            "    at Module._compile (module.js:652:30)",
            "    at Module.m._compile (G:\\gql-shield\\gql-shield-apollo\\node_modules\\ts-node\\src\\index.ts:439:23)",
            "    at Module._extensions..js (module.js:663:10)",
            "    at Object.require.extensions.(anonymous function) [as .ts] (G:\\gql-shield\\gql-shield-apollo\\node_modules\\ts-node\\src\\index.ts:442:12)",
            "    at Module.load (module.js:565:32)",
            "    at tryModuleLoad (module.js:505:12)",
            "    at Function.Module._load (module.js:497:3)"
          ]
        }
      }
    }
  ],
  "data": {
    "me": null
  }
}

EDIT: Same error stack is seen if I query any other field, which I assume is possibly because permission is deny by default in graphql-schema. EDIT2: I was wrong on this too, fallback rule is allow by default!

I have checked other questions and found none that matches mine.

Issue Analytics

State:
Created 5 years ago
Comments:8

Top GitHub Comments

3reactions

maticzavcommented, Jan 7, 2019

@devautor try this;

const permissions = shield(
  {
    Query: {
      me: allow
    }
  },
  {
    debug: true
  }
);

graphql-shield by default prevents any internal logic from being exposed. Because your resolvers are throwing errors, shield hides them but responds with Not Authorised! message, as if a user has no permission to access them.

By setting debug property to true, however, you can access the underlying errors.

Hope this fixes your problem 🙂

2reactions

maticzavcommented, Jan 7, 2019

Perfect! Feel free to close the issue as soon as you think we fixed it. Also, don’t hesitate to ask any further questions regarding functionality or even opening another issue 🙂