Skip to content
This repository has been archived by the owner on Mar 14, 2024. It is now read-only.

digicatapult/apollo-type-validation-plugin

Apollo type validation plugin

Deprecation Notice

This application was deprecated on March 14th 2024, there will be no further dependency or security updates.

A library for performing directive based validations against input values passed in a GraphQL query.

Usage

The library can be used to instantiate an Apollo server plugin which can be configured to perform the required validation checks. For example:

import { ApolloServer } from '@apollo/server'
import validationPlugin from '@digicatapult/apollo-type-validation-plugin'

const {
  plugin: typeValidationPlugin,
  directives: { arrayLengthDirective },
} = validationPlugin

const typeDefs = ...
const resolvers = ...

const server = new ApolloServer({
    schema,
    // build a plugin to get the complexity of a query before running the resolvers
    // allows us to set a max complexity per query, or meter rate-limiting by complexity
    plugins: [typeValidationPlugin({ schema, directives: [arrayLengthDirective()] })],
    allowBatchedHttpRequests: true
})

A worked example using the arrayLengthDirective can be found here.

Supported Directives

The following directives are currently supported:

maxArrayLength

A directive used to limit the maximum size of an input array that can be passed as part of an argument. For example:

# directive definition used by arrayLengthDirective
directive @maxArrayLength(length: Int!) on ARGUMENT_DEFINITION | INPUT_FIELD_DEFINITION

type Query {
  echo(values: [Int!]! @maxArrayLength(length: 5)): [Echo!]!
}

type Echo {
  value: Int!
  times(number: [Int!]! @maxArrayLength(length: 2)): [Int!]!
}

In this schema the maximum number of elements that can be validly passed as values to the field echo is 5 whilst the maximum number that can be passed to number on the field times is 2.

boundedInteger

A directive used to bound the value of an integer that can be passed as an argument. For example:

# directive definition used by boundedIntegerDirective
directive @boundedInteger(min: Int!, max: Int!) on ARGUMENT_DEFINITION | INPUT_FIELD_DEFINITION

type Query {
  echo(input: Int! @boundedInteger(min: 5, max: 10)): Echo!
}

type Echo {
  value: Int!
}

In this schema the value that can be validly passed as input to the field echo must be greater than or equal to 5 and less than or equal to 10.