Support APQ middleware; return BadRequest for any validation error (#791)

Author: Shane32

Directory.Build.props

@@ -26,6 +26,8 @@
     <AssemblyName>GraphQL.Server.$(MSBuildProjectName)</AssemblyName>
     <RootNamespace>GraphQL.Server.$(MSBuildProjectName)</RootNamespace>
     <PackageId>GraphQL.Server.$(MSBuildProjectName)</PackageId>
+
+    <GraphQLVersion>5.3.0</GraphQLVersion>
   </PropertyGroup>
 
   <ItemGroup Condition="'$(IsPackable)' == 'true'">

samples/Samples.Server/Samples.Server.csproj

@@ -9,11 +9,11 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="GraphQL.DataLoader" Version="5.1.1" />
+    <PackageReference Include="GraphQL.DataLoader" Version="$(GraphQLVersion)" />
     <PackageReference Include="Serilog.AspNetCore" Version="5.0.0" />
     <PackageReference Include="Serilog.Sinks.Console" Version="4.0.1" />
-    <PackageReference Include="GraphQL.MicrosoftDI" Version="5.1.1" />
-    <PackageReference Include="GraphQL.SystemTextJson" Version="5.1.1" />
+    <PackageReference Include="GraphQL.MicrosoftDI" Version="$(GraphQLVersion)" />
+    <PackageReference Include="GraphQL.SystemTextJson" Version="$(GraphQLVersion)" />
   </ItemGroup>
 
   <ItemGroup>

samples/Samples.Server/Startup.cs

@@ -1,6 +1,5 @@
 using GraphQL.DataLoader;
 using GraphQL.Execution;
-using GraphQL.Instrumentation;
 using GraphQL.MicrosoftDI;
 using GraphQL.Samples.Schemas.Chat;
 using GraphQL.Server;
@@ -34,8 +33,7 @@ public void ConfigureServices(IServiceCollection services)
             .AddTransient<IAuthorizationErrorMessageBuilder, DefaultAuthorizationErrorMessageBuilder>(); // required by CustomErrorInfoProvider
 
         services.AddGraphQL(builder => builder
-            .AddMetrics()
-            .AddDocumentExecuter<ApolloTracingDocumentExecuter>()
+            .AddApolloTracing()
             .AddHttpMiddleware<ChatSchema, GraphQLHttpMiddlewareWithLogs<ChatSchema>>()
             .AddWebSocketsHttpMiddleware<ChatSchema>()
             .AddSchema<ChatSchema>()

samples/Samples.Server/StartupWithRouting.cs

@@ -1,6 +1,5 @@
 using GraphQL.DataLoader;
 using GraphQL.Execution;
-using GraphQL.Instrumentation;
 using GraphQL.MicrosoftDI;
 using GraphQL.Samples.Schemas.Chat;
 using GraphQL.Server;
@@ -35,8 +34,7 @@ public void ConfigureServices(IServiceCollection services)
             .AddTransient<IAuthorizationErrorMessageBuilder, DefaultAuthorizationErrorMessageBuilder>(); // required by CustomErrorInfoProvider
 
         services.AddGraphQL(builder => builder
-            .AddMetrics()
-            .AddDocumentExecuter<ApolloTracingDocumentExecuter>()
+            .AddApolloTracing()
             .AddHttpMiddleware<ChatSchema, GraphQLHttpMiddlewareWithLogs<ChatSchema>>()
             .AddWebSocketsHttpMiddleware<ChatSchema>()
             .AddSchema<ChatSchema>()

src/All/All.csproj

@@ -18,9 +18,9 @@
     <ProjectReference Include="..\Ui.Playground\Ui.Playground.csproj" />
     <ProjectReference Include="..\Ui.Voyager\Ui.Voyager.csproj" />
 
-    <PackageReference Include="GraphQL.MemoryCache" Version="5.1.1" />
-    <PackageReference Include="GraphQL.MicrosoftDI" Version="5.1.1" />
-    <PackageReference Include="GraphQL.SystemTextJson" Version="5.1.1" />
+    <PackageReference Include="GraphQL.MemoryCache" Version="$(GraphQLVersion)" />
+    <PackageReference Include="GraphQL.MicrosoftDI" Version="$(GraphQLVersion)" />
+    <PackageReference Include="GraphQL.SystemTextJson" Version="$(GraphQLVersion)" />
   </ItemGroup>
 
 </Project>

src/Authorization.AspNetCore/Authorization.AspNetCore.csproj

@@ -8,7 +8,7 @@
 
   <ItemGroup>
     <FrameworkReference Include="Microsoft.AspNetCore.App" />
-    <PackageReference Include="GraphQL" Version="5.1.1" />
+    <PackageReference Include="GraphQL" Version="$(GraphQLVersion)" />
   </ItemGroup>
 
 </Project>

src/Transports.AspNetCore/GraphQLHttpMiddleware.cs

@@ -157,12 +157,6 @@ public virtual async Task InvokeAsync(HttpContext context, RequestDelegate next)
                 Extensions = urlGQLRequest.Extensions ?? bodyGQLRequest?.Extensions,
                 OperationName = urlGQLRequest.OperationName ?? bodyGQLRequest?.OperationName
             };
-
-            if (string.IsNullOrWhiteSpace(gqlRequest.Query))
-            {
-                await HandleNoQueryErrorAsync(context);
-                return;
-            }
         }
 
         // Prepare context and execute
@@ -284,7 +278,7 @@ protected virtual Task WriteErrorResponseAsync(HttpContext context, string error
     protected virtual Task WriteResponseAsync<TResult>(HttpResponse httpResponse, IGraphQLSerializer serializer, CancellationToken cancellationToken, TResult result)
     {
         httpResponse.ContentType = "application/json";
-        httpResponse.StatusCode = 200; // OK
+        httpResponse.StatusCode = result is not ExecutionResult executionResult || executionResult.Executed ? 200 : 400; // BadRequest when fails validation; OK otherwise
 
         return serializer.WriteAsync(httpResponse.Body, result, cancellationToken);
     }

src/Transports.AspNetCore/Transports.AspNetCore.csproj

@@ -8,7 +8,7 @@
 
   <ItemGroup>
     <FrameworkReference Include="Microsoft.AspNetCore.App" />
-    <PackageReference Include="GraphQL" Version="5.1.1" />
+    <PackageReference Include="GraphQL" Version="$(GraphQLVersion)" />
     <PackageReference Include="Microsoft.Extensions.Options" Version="3.1.0" Condition="'$(TargetFramework)' == 'netcoreapp3.1'" />
     <PackageReference Include="Microsoft.Extensions.Options" Version="5.0.0" Condition="'$(TargetFramework)' == 'net5'" />
   </ItemGroup>

src/Transports.Subscriptions.Abstractions/Transports.Subscriptions.Abstractions.csproj

@@ -6,7 +6,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="GraphQL" Version="5.1.1" />
+    <PackageReference Include="GraphQL" Version="$(GraphQLVersion)" />
     <PackageReference Include="Microsoft.Extensions.Logging" Version="3.1.0" />
     <PackageReference Include="System.Reactive" Version="5.0.0" />
     <PackageReference Include="System.Threading.Tasks.Dataflow" Version="5.0.0" />

tests/Samples.Server.Tests/ResponseTests.cs

@@ -71,10 +71,9 @@ public async Task Batched_Query_Should_Return_Single_Result_As_Array()
     [Theory]
     [MemberData(nameof(WrongQueryData))]
     public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpContent httpContent,
-        HttpStatusCode expectedStatusCode, string expectedErrorMsg)
+        HttpStatusCode expectedStatusCode, string expected)
     {
         var response = await SendRequestAsync(httpMethod, httpContent);
-        string expected = @"{""errors"":[{""message"":""" + expectedErrorMsg + @"""}]}";
 
         response.StatusCode.ShouldBe(expectedStatusCode);
 
@@ -90,7 +89,7 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Put,
             new StringContent(Serializer.ToJson(new GraphQLRequest { Query = "query { __schema { queryType { name } } }" }), Encoding.UTF8, "application/json"),
             HttpStatusCode.MethodNotAllowed,
-            "Invalid HTTP method. Only GET and POST are supported. See: http://graphql.org/learn/serving-over-http/.",
+            @"{""errors"":[{""message"":""Invalid HTTP method. Only GET and POST are supported. See: http://graphql.org/learn/serving-over-http/.""}]}",
         },
 
         // POST with unsupported mime type should be a unsupported media type
@@ -99,7 +98,7 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Post,
             new StringContent(Serializer.ToJson(new GraphQLRequest { Query = "query { __schema { queryType { name } } }" }), Encoding.UTF8, "something/unknown"),
             HttpStatusCode.UnsupportedMediaType,
-            "Invalid 'Content-Type' header: non-supported media type 'something/unknown; charset=utf-8'. Must be of 'application/json', 'application/graphql' or 'application/x-www-form-urlencoded'. See: http://graphql.org/learn/serving-over-http/."
+            @"{""errors"":[{""message"":""Invalid 'Content-Type' header: non-supported media type 'something/unknown; charset=utf-8'. Must be of 'application/json', 'application/graphql' or 'application/x-www-form-urlencoded'. See: http://graphql.org/learn/serving-over-http/.""}]}"
         },
 
         // MediaTypeHeaderValue ctor throws exception
@@ -118,7 +117,7 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Post,
             new StringContent("Oops", Encoding.UTF8, "application/json"),
             HttpStatusCode.BadRequest,
-            "JSON body text could not be parsed. 'O' is an invalid start of a value. Path: $ | LineNumber: 0 | BytePositionInLine: 0."
+            @"{""errors"":[{""message"":""JSON body text could not be parsed. 'O' is an invalid start of a value. Path: $ | LineNumber: 0 | BytePositionInLine: 0.""}]}"
         },
 
         // POST with JSON mime type that is invalid JSON should be a bad request
@@ -127,7 +126,7 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Post,
             new StringContent("{oops}", Encoding.UTF8, "application/json"),
             HttpStatusCode.BadRequest,
-            "JSON body text could not be parsed. 'o' is an invalid start of a property name. Expected a '\"'. Path: $ | LineNumber: 0 | BytePositionInLine: 1."
+            @"{""errors"":[{""message"":""JSON body text could not be parsed. 'o' is an invalid start of a property name. Expected a '""'. Path: $ | LineNumber: 0 | BytePositionInLine: 1.""}]}"
         },
 
         // POST with JSON mime type that is null JSON should be a bad request
@@ -136,7 +135,7 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Post,
             new StringContent("null", Encoding.UTF8, "application/json"),
             HttpStatusCode.BadRequest,
-            "GraphQL query is missing."
+            @"{""errors"":[{""message"":""GraphQL query is missing."",""extensions"":{""code"":""QUERY_MISSING"",""codes"":[""QUERY_MISSING""]}}]}"
         },
 
         // GET with an empty QueryString should be a bad request
@@ -145,7 +144,34 @@ public async Task Wrong_Query_Should_Return_Error(HttpMethod httpMethod, HttpCon
             HttpMethod.Get,
             null,
             HttpStatusCode.BadRequest,
-            "GraphQL query is missing."
+            @"{""errors"":[{""message"":""GraphQL query is missing."",""extensions"":{""code"":""QUERY_MISSING"",""codes"":[""QUERY_MISSING""]}}]}"
+        },
+
+        // POST with a GraphQL parsing error should be a bad request
+        new object[]
+        {
+            HttpMethod.Post,
+            new StringContent(@"{""query"":""parseError""}", Encoding.UTF8, "application/json"),
+            HttpStatusCode.BadRequest,
+            @"{""errors"":[{""message"":""Error parsing query: Expected \u0022query/mutation/subscription/fragment/schema/scalar/type/interface/union/enum/input/extend/directive\u0022, found Name \u0022parseError\u0022"",""locations"":[{""line"":1,""column"":1}],""extensions"":{""code"":""SYNTAX_ERROR"",""codes"":[""SYNTAX_ERROR""]}}]}"
+        },
+
+        // POST with no operation should be a bad request
+        new object[]
+        {
+            HttpMethod.Post,
+            new StringContent(@"{""query"":""fragment frag on Query { hello }""}", Encoding.UTF8, "application/json"),
+            HttpStatusCode.BadRequest,
+            @"{""errors"":[{""message"":""Document does not contain any operations."",""extensions"":{""code"":""NO_OPERATION"",""codes"":[""NO_OPERATION""]}}]}"
+        },
+
+        // POST with validation error should be a bad request
+        new object[]
+        {
+            HttpMethod.Post,
+            new StringContent(@"{""query"":""{ dummy }""}", Encoding.UTF8, "application/json"),
+            HttpStatusCode.BadRequest,
+            @"{""errors"":[{""message"":""Cannot query field \u0027dummy\u0027 on type \u0027ChatQuery\u0027."",""locations"":[{""line"":1,""column"":3}],""extensions"":{""code"":""FIELDS_ON_CORRECT_TYPE"",""codes"":[""FIELDS_ON_CORRECT_TYPE""],""number"":""5.3.1""}}]}"
         },
     };