Migrating to mutations, adding an 'auto' mode.

Author: moufmouf

Controller/GraphQL/LoginController.php

@@ -11,6 +11,7 @@
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
+use TheCodingMachine\GraphQLite\Annotations\Mutation;
 use TheCodingMachine\GraphQLite\Annotations\Query;
 
 class LoginController
@@ -52,7 +53,7 @@ public function __construct(UserProviderInterface $userProvider, UserPasswordEnc
     }
 
     /**
-     * @Query()
+     * @Mutation()
      */
     public function login(string $userName, string $password, Request $request): bool
     {
@@ -86,7 +87,7 @@ public function login(string $userName, string $password, Request $request): boo
     }
 
     /**
-     * @Query()
+     * @Mutation()
      */
     public function logout(): bool
     {

DependencyInjection/Configuration.php

@@ -39,7 +39,7 @@ public function getConfigTreeBuilder()
             ->end()
             ->arrayNode('security')
                 ->children()
-                ->booleanNode('enable_login')->defaultFalse()->info('Set to true to automatically create a login/logout request')->end()
+                ->enumNode('enable_login')->values(['on', 'off', 'auto'])->defaultValue('auto')->info('Enable to automatically create a login/logout mutation. "on": enable, "auto": enable if security bundle is available.')->end()
                 ->scalarNode('firewall_name')->defaultValue('main')->info('The name of the firewall to use for login')->end()
                 ->end()
             ->end()

DependencyInjection/GraphqliteCompilerPass.php

@@ -27,6 +27,11 @@
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Definition;
 use Symfony\Component\DependencyInjection\Reference;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
 use TheCodingMachine\CacheUtils\ClassBoundCache;
 use TheCodingMachine\CacheUtils\ClassBoundCacheContract;
 use TheCodingMachine\CacheUtils\ClassBoundCacheContractInterface;
@@ -82,20 +87,44 @@ public function process(ContainerBuilder $container)
         $typesNamespaces = $container->getParameter('graphqlite.namespace.types');
 
         // 2 seconds of TTL in environment mode. Otherwise, let's cache forever!
-        $env = $container->getParameter('kernel.environment');
-        $globTtl = null;
-        if ($env === 'dev') {
-            $globTtl = 2;
-        }
 
         $schemaFactory = $container->getDefinition(SchemaFactory::class);
 
+        $env = $container->getParameter('kernel.environment');
+        if ($env === 'prod') {
+            $schemaFactory->addMethodCall('prodMode');
+        } elseif ($env === 'dev') {
+            $schemaFactory->addMethodCall('devMode');
+        }
+
+        $disableLogin = false;
+        if ($container->getParameter('graphqlite.security.enable_login') === 'auto'
+         && (!$container->has(UserProviderInterface::class) ||
+                !$container->has(UserPasswordEncoderInterface::class) ||
+                !$container->has(TokenStorageInterface::class) ||
+                !$container->has(SessionInterface::class)
+            )) {
+            $disableLogin = true;
+        }
+        if ($container->getParameter('graphqlite.security.enable_login') === 'off') {
+            $disableLogin = true;
+        }
         // If the security is disabled, let's remove the LoginController
-        if ($container->getParameter('graphqlite.security.enable_login') === false) {
+        if ($disableLogin === true) {
             $container->removeDefinition(LoginController::class);
             $container->removeDefinition(AggregateControllerQueryProviderFactory::class);
         }
 
+        if ($container->getParameter('graphqlite.security.enable_login') === 'on') {
+            if (!$container->has(SessionInterface::class)) {
+                throw new GraphQLException('In order to enable the login/logout mutations (via the graphqlite.security.enable_login parameter), you need to enable session support (via the "framework.session.enabled" config parameter).');
+            }
+            if (!$container->has(UserPasswordEncoderInterface::class) || !$container->has(TokenStorageInterface::class) || !$container->has(UserProviderInterface::class)) {
+                throw new GraphQLException('In order to enable the login/logout mutations (via the graphqlite.security.enable_login parameter), you need to install the security bundle. Please be sure to correctly configure the user provider (in the security.providers configuration settings)');
+            }
+        }
+
+
         foreach ($container->getDefinitions() as $id => $definition) {
             if ($definition->isAbstract() || $definition->getClass() === null) {
                 continue;

DependencyInjection/GraphqliteExtension.php

@@ -54,7 +54,7 @@ public function load(array $configs, ContainerBuilder $container)
             $namespaceType = [];
         }
 
-        $enableLogin = $configs[0]['security']['enable_login'] ?? false;
+        $enableLogin = $configs[0]['security']['enable_login'] ?? 'auto';
 
         $container->setParameter('graphqlite.namespace.controllers', $namespaceController);
         $container->setParameter('graphqlite.namespace.types', $namespaceType);

Tests/FunctionalTest.php

@@ -8,10 +8,13 @@
 use function spl_object_hash;
 use Symfony\Component\HttpFoundation\Cookie;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\User;
 use TheCodingMachine\Graphqlite\Bundle\Controller\GraphqliteController;
 use TheCodingMachine\Graphqlite\Bundle\Security\AuthenticationService;
+use TheCodingMachine\GraphQLite\GraphQLException;
 use TheCodingMachine\GraphQLite\Schema;
 use function var_dump;
 
@@ -187,7 +190,7 @@ public function testLoggedMiddleware2(): void
 
     public function testInjectQuery(): void
     {
-        $kernel = new GraphqliteTestingKernel('test', true);
+        $kernel = new GraphqliteTestingKernel();
         $kernel->boot();
 
         $request = Request::create('/graphql', 'GET', ['query' => '
@@ -211,8 +214,12 @@ public function testLoginQuery(): void
         $kernel = new GraphqliteTestingKernel();
         $kernel->boot();
 
-        $request = Request::create('/graphql', 'GET', ['query' => '
-        { 
+        $session = new Session(new MockArraySessionStorage());
+        $container = $kernel->getContainer();
+        $container->set('session', $session);
+
+        $request = Request::create('/graphql', 'POST', ['query' => '
+        mutation login { 
           login(userName: "foo", password: "bar")
         }']);
 
@@ -229,19 +236,35 @@ public function testLoginQuery(): void
 
     public function testNoLoginNoSessionQuery(): void
     {
-        $kernel = new GraphqliteTestingKernel(false, false);
+        $kernel = new GraphqliteTestingKernel(false, 'off');
         $kernel->boot();
 
-        $request = Request::create('/graphql', 'GET', ['query' => '
-        { 
+        $request = Request::create('/graphql', 'POST', ['query' => '
+        mutation login { 
           login(userName: "foo", password: "bar")
         }']);
 
         $response = $kernel->handle($request);
 
         $result = json_decode($response->getContent(), true);
 
-        $this->assertSame('Cannot query field "login" on type "Query".', $result['errors'][0]['message']);
+        $this->assertSame('Cannot query field "login" on type "Mutation".', $result['errors'][0]['message']);
+    }
+
+    public function testForceLoginNoSession(): void
+    {
+        $kernel = new GraphqliteTestingKernel(false, 'on');
+        $this->expectException(GraphQLException::class);
+        $this->expectExceptionMessage('In order to enable the login/logout mutations (via the graphqlite.security.enable_login parameter), you need to enable session support (via the "framework.session.enabled" config parameter)');
+        $kernel->boot();
+    }
+
+    public function testForceLoginNoSecurity(): void
+    {
+        $kernel = new GraphqliteTestingKernel(true, 'on', false);
+        $this->expectException(GraphQLException::class);
+        $this->expectExceptionMessage('In order to enable the login/logout mutations (via the graphqlite.security.enable_login parameter), you need to install the security bundle. Please be sure to correctly configure the user provider (in the security.providers configuration settings)');
+        $kernel->boot();
     }
 
     private function logIn(ContainerInterface $container)

Tests/GraphqliteTestingKernel.php

@@ -14,6 +14,7 @@
 use Symfony\Component\HttpKernel\Kernel;
 use Symfony\Component\Routing\RouteCollectionBuilder;
 use TheCodingMachine\Graphqlite\Bundle\GraphqliteBundle;
+use Symfony\Component\Security\Core\User\User;
 
 class GraphqliteTestingKernel extends Kernel
 {
@@ -25,15 +26,20 @@ class GraphqliteTestingKernel extends Kernel
      */
     private $enableSession;
     /**
-     * @var bool
+     * @var string
      */
     private $enableLogin;
+    /**
+     * @var bool
+     */
+    private $enableSecurity;
 
-    public function __construct(bool $enableSession = true, bool $enableLogin = true)
+    public function __construct(bool $enableSession = true, ?string $enableLogin = null, bool $enableSecurity = true)
     {
         parent::__construct('test', true);
         $this->enableSession = $enableSession;
         $this->enableLogin = $enableLogin;
+        $this->enableSecurity = $enableSecurity;
     }
 
     public function registerBundles()
@@ -60,16 +66,30 @@ public function configureContainer(ContainerBuilder $c, LoaderInterface $loader)
             }
 
             $container->loadFromExtension('framework', $frameworkConf);
-            $container->loadFromExtension('security', array(
-                'providers' => [
-                    'in_memory' => ['memory' => null],
-                ],
-                'firewalls' => [
-                    'main' => [
-                        'anonymous' => true
-                    ]
-                ]
-            ));
+            if ($this->enableSecurity) {
+                $container->loadFromExtension('security', array(
+                    'providers' => [
+                        'in_memory' => [
+                            'memory' => [
+                                'users' => [
+                                    'foo' => [
+                                        'password' => 'bar',
+                                        'roles' => 'ROLE_USER',
+                                    ],
+                               ],
+                            ],
+                        ],
+                    ],
+                    'firewalls' => [
+                        'main' => [
+                            'anonymous' => true
+                        ]
+                    ],
+                    'encoders' => [
+                        User::class => 'plaintext',
+                    ],
+                ));
+            }
 
             $graphqliteConf = array(
                 'namespace' => [
@@ -80,7 +100,7 @@ public function configureContainer(ContainerBuilder $c, LoaderInterface $loader)
 
             if ($this->enableLogin) {
                 $graphqliteConf['security'] = [
-                    'enable_login' => true,
+                    'enable_login' => $this->enableLogin,
                 ];
             }