-
Notifications
You must be signed in to change notification settings - Fork 2k
/
ApolloServer.ts
225 lines (202 loc) · 7.51 KB
/
ApolloServer.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
import express from 'express';
import corsMiddleware from 'cors';
import { json, OptionsJson } from 'body-parser';
import {
GraphQLOptions,
ApolloServerBase,
Config,
runHttpQuery,
convertNodeHttpToRequest,
isHttpQueryError,
} from 'apollo-server-core';
import accepts from 'accepts';
export { GraphQLOptions } from 'apollo-server-core';
export interface GetMiddlewareOptions {
path?: string;
cors?:
| corsMiddleware.CorsOptions
| corsMiddleware.CorsOptionsDelegate
| boolean;
bodyParserConfig?: OptionsJson | boolean;
onHealthCheck?: (req: express.Request) => Promise<any>;
disableHealthCheck?: boolean;
// There's no real point to allowing you to customize the health check path in
// an Apollo Server web framework integration package. You're already using
// Express --- just define a health check yourself by adding a handler that
// returns 200 to the URL path of your choice. This option only exists to
// provide a small amount of configuration for `apollo-server`, which doesn't
// otherwise give you direct access to the web server. (Honestly, the health
// check feature really should *only* exist in `apollo-server`; that it exists
// elsewhere (and doesn't even check to see if GraphQL operations can
// execute!) is a mistake we're stuck with due to backwards compatibility.)
// Passing `null` here implies disableHealthCheck:true.
__internal_healthCheckPath?: string | null;
}
export interface ServerRegistration extends GetMiddlewareOptions {
// Note: You can also pass a connect.Server here. If we changed this field to
// `express.Application | connect.Server`, it would be very hard to get the
// app.use calls to typecheck even though they do work properly. Our
// assumption is that very few people use connect with TypeScript (and in fact
// we suspect the only connect users left writing GraphQL apps are Meteor
// users).
app: express.Application;
}
export interface ExpressContext {
req: express.Request;
res: express.Response;
}
export type ApolloServerExpressConfig = Config<ExpressContext>;
export class ApolloServer<
ContextFunctionParams = ExpressContext,
> extends ApolloServerBase<ContextFunctionParams> {
// This translates the arguments from the middleware into graphQL options It
// provides typings for the integration specific behavior, ideally this would
// be propagated with a generic to the super class
async createGraphQLServerOptions(
req: express.Request,
res: express.Response,
): Promise<GraphQLOptions> {
const contextParams: ExpressContext = { req, res };
return super.graphQLServerOptions(contextParams);
}
public applyMiddleware({ app, ...rest }: ServerRegistration) {
// getMiddleware calls this too, but we want the right method name in the error
this.assertStarted('applyMiddleware');
app.use(this.getMiddleware(rest));
}
// TODO: While `express` is not Promise-aware, this should become `async` in
// a major release in order to align the API with other integrations (e.g.
// Hapi) which must be `async`.
public getMiddleware({
path,
cors,
bodyParserConfig,
disableHealthCheck,
onHealthCheck,
__internal_healthCheckPath,
}: GetMiddlewareOptions = {}): express.Router {
if (!path) path = '/graphql';
this.assertStarted('getMiddleware');
// Note that even though we use Express's router here, we still manage to be
// Connect-compatible because express.Router just implements the same
// middleware interface that Connect and Express share!
const router = express.Router();
if (!disableHealthCheck && __internal_healthCheckPath !== null) {
router.use(
__internal_healthCheckPath ?? '/.well-known/apollo/server-health',
(req, res) => {
// Response follows https://tools.ietf.org/html/draft-inadarei-api-health-check-01
res.type('application/health+json');
if (onHealthCheck) {
onHealthCheck(req)
.then(() => {
res.json({ status: 'pass' });
})
.catch(() => {
res.status(503).json({ status: 'fail' });
});
} else {
res.json({ status: 'pass' });
}
},
);
}
// XXX multiple paths?
this.graphqlPath = path;
// Note that we don't just pass all of these handlers to a single app.use call
// for 'connect' compatibility.
if (cors === true) {
router.use(path, corsMiddleware<corsMiddleware.CorsRequest>());
} else if (cors !== false) {
router.use(path, corsMiddleware(cors));
}
if (bodyParserConfig === true) {
router.use(path, json());
} else if (bodyParserConfig !== false) {
router.use(path, json(bodyParserConfig));
}
const landingPage = this.getLandingPage();
router.use(path, (req, res, next) => {
if (landingPage && prefersHtml(req)) {
res.setHeader('Content-Type', 'text/html');
res.write(landingPage.html);
res.end();
return;
}
if (!req.body) {
// The json body-parser *always* sets req.body to {} if it's unset (even
// if the Content-Type doesn't match), so if it isn't set, you probably
// forgot to set up body-parser.
res.status(500);
if (bodyParserConfig === false) {
res.send(
'`res.body` is not set; you passed `bodyParserConfig: false`, ' +
'but you still need to use `body-parser` middleware yourself.',
);
} else {
res.send(
'`res.body` is not set even though Apollo Server installed ' +
"`body-parser` middleware; this shouldn't happen!",
);
}
return;
}
runHttpQuery(
[],
{
method: req.method,
options: () => this.createGraphQLServerOptions(req, res),
query: req.method === 'POST' ? req.body : req.query,
request: convertNodeHttpToRequest(req),
},
this.csrfPreventionRequestHeaders,
).then(
({ graphqlResponse, responseInit }) => {
if (responseInit.headers) {
for (const [name, value] of Object.entries(responseInit.headers)) {
res.setHeader(name, value);
}
}
res.statusCode = responseInit.status || 200;
// Using `.send` is a best practice for Express, but we also just use
// `.end` for compatibility with `connect`.
if (typeof res.send === 'function') {
res.send(graphqlResponse);
} else {
res.end(graphqlResponse);
}
},
(error: Error) => {
if (!isHttpQueryError(error)) {
return next(error);
}
if (error.headers) {
for (const [name, value] of Object.entries(error.headers)) {
res.setHeader(name, value);
}
}
res.statusCode = error.statusCode;
if (typeof res.send === 'function') {
// Using `.send` is a best practice for Express, but we also just use
// `.end` for compatibility with `connect`.
res.send(error.message);
} else {
res.end(error.message);
}
},
);
});
return router;
}
}
function prefersHtml(req: express.Request): boolean {
if (req.method !== 'GET') {
return false;
}
const accept = accepts(req);
const types = accept.types() as string[];
return (
types.find((x: string) => x === 'text/html' || x === 'application/json') ===
'text/html'
);
}