Skip to content

Commit

Permalink
Consistently throw BadRequestGraphQLException on invalid requests (#10
Browse files Browse the repository at this point in the history
)
  • Loading branch information
spawnia authored Apr 26, 2022
1 parent 7d6b247 commit 43b522c
Show file tree
Hide file tree
Showing 6 changed files with 44 additions and 25 deletions.
4 changes: 2 additions & 2 deletions .php-cs-fixer.php
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?php declare(strict_types=1);

use function MLL\PhpCsFixerConfig\config;
use function MLL\PhpCsFixerConfig\risky;

$finder = PhpCsFixer\Finder::create()
->notPath('vendor')
Expand All @@ -9,4 +9,4 @@
->ignoreDotFiles(true)
->ignoreVCS(true);

return config($finder);
return risky($finder);
9 changes: 8 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,17 @@

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## Unreleased

## v1.4.0

### Changed

- Consistently throw `BadRequestGraphQLException` on invalid requests

## v1.3.0

### Added
Expand Down
5 changes: 5 additions & 0 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@
]
},
"config": {
"allow-plugins": {
"infection/extension-installer": true,
"ergebnis/composer-normalize": true,
"phpstan/extension-installer": true
},
"preferred-install": "dist",
"sort-packages": true
}
Expand Down
9 changes: 9 additions & 0 deletions src/BadRequestGraphQLException.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
<?php declare(strict_types=1);

namespace Laragraph\Utils;

use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;

class BadRequestGraphQLException extends BadRequestHttpException
{
}
23 changes: 12 additions & 11 deletions src/RequestParser.php
Original file line number Diff line number Diff line change
@@ -1,16 +1,13 @@
<?php

declare(strict_types=1);
<?php declare(strict_types=1);

namespace Laragraph\Utils;

use GraphQL\Server\Helper;
use GraphQL\Server\OperationParams;
use GraphQL\Server\RequestError;
use GraphQL\Utils\Utils;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Safe\Exceptions\JsonException;

/**
* Follows https://github.com/graphql/graphql-over-http/blob/main/spec/GraphQLOverHTTP.md.
Expand All @@ -30,7 +27,7 @@ public function __construct()
/**
* Converts an incoming HTTP request to one or more OperationParams.
*
* @throws \GraphQL\Server\RequestError
* @throws \Laragraph\Utils\BadRequestGraphQLException
*
* @return \GraphQL\Server\OperationParams|array<int, \GraphQL\Server\OperationParams>
*/
Expand All @@ -52,10 +49,14 @@ public function parseRequest(Request $request)
if (Str::startsWith($contentType, ['application/json', 'application/graphql+json'])) {
/** @var string $content */
$content = $request->getContent();
$bodyParams = \Safe\json_decode($content, true);
try {
$bodyParams = \Safe\json_decode($content, true);
} catch (JsonException $e) {
throw new BadRequestGraphQLException("Invalid JSON: {$e->getMessage()}");
}

if (! is_array($bodyParams)) {
throw new RequestError(
throw new BadRequestGraphQLException(
'GraphQL Server expects JSON object or array, but got '
. Utils::printSafeJson($bodyParams)
);
Expand All @@ -70,7 +71,7 @@ public function parseRequest(Request $request)
} elseif (Str::startsWith($contentType, 'multipart/form-data')) {
$bodyParams = $this->inlineFiles($request);
} else {
throw new RequestError('Unexpected content type: ' . Utils::printSafeJson($contentType));
throw new BadRequestGraphQLException('Unexpected content type: ' . Utils::printSafeJson($contentType));
}
}

Expand All @@ -87,15 +88,15 @@ protected function inlineFiles(Request $request): array
/** @var string|null $mapParam */
$mapParam = $request->post('map');
if (null === $mapParam) {
throw new RequestError(
throw new BadRequestGraphQLException(
'Could not find a valid map, be sure to conform to GraphQL multipart request specification: https://github.com/jaydenseric/graphql-multipart-request-spec'
);
}

/** @var string|null $operationsParam */
$operationsParam = $request->post('operations');
if (null === $operationsParam) {
throw new RequestError(
throw new BadRequestGraphQLException(
'Could not find valid operations, be sure to conform to GraphQL multipart request specification: https://github.com/jaydenseric/graphql-multipart-request-spec'
);
}
Expand Down
19 changes: 8 additions & 11 deletions tests/Unit/RequestParserTest.php
Original file line number Diff line number Diff line change
@@ -1,19 +1,16 @@
<?php

declare(strict_types=1);
<?php declare(strict_types=1);

namespace Laragraph\Utils\Tests\Unit;

use GraphQL\Server\OperationParams;
use GraphQL\Server\RequestError;
use Illuminate\Http\Request;
use Illuminate\Http\UploadedFile;
use Laragraph\Utils\BadRequestGraphQLException;
use Laragraph\Utils\RequestParser;
use Orchestra\Testbench\TestCase;
use Safe\Exceptions\JsonException;
use Symfony\Component\HttpFoundation\Request as SymfonyRequest;

class RequestParserTest extends TestCase
final class RequestParserTest extends TestCase
{
public function testGetWithQuery(): void
{
Expand Down Expand Up @@ -138,7 +135,7 @@ public function testNonsensicalContentTypes(string $contentType): void
);
$parser = new RequestParser();

$this->expectException(RequestError::class);
$this->expectException(BadRequestGraphQLException::class);
$parser->parseRequest($request);
}

Expand Down Expand Up @@ -175,7 +172,7 @@ public function testInvalidJson(): void
);
$parser = new RequestParser();

$this->expectException(JsonException::class);
$this->expectException(BadRequestGraphQLException::class);
$parser->parseRequest($request);
}

Expand All @@ -190,7 +187,7 @@ public function testNonArrayJson(): void
);
$parser = new RequestParser();

$this->expectException(RequestError::class);
$this->expectException(BadRequestGraphQLException::class);
$parser->parseRequest($request);
}

Expand Down Expand Up @@ -258,7 +255,7 @@ public function testMultipartFormWithoutMap(): void
);
$parser = new RequestParser();

$this->expectException(RequestError::class);
$this->expectException(BadRequestGraphQLException::class);
$parser->parseRequest($request);
}

Expand All @@ -281,7 +278,7 @@ public function testMultipartFormWithoutOperations(): void

$parser = new RequestParser();

$this->expectException(RequestError::class);
$this->expectException(BadRequestGraphQLException::class);
$parser->parseRequest($request);
}

Expand Down

0 comments on commit 43b522c

Please sign in to comment.