implement

Author: enisdenjo

src/handler.ts

@@ -161,6 +161,31 @@ export type FormatError = (
   err: Readonly<GraphQLError | Error>,
 ) => GraphQLError | Error;
 
+/**
+ * The request parser for an incoming GraphQL request. It parses and validates the
+ * request itself, including the request method and the content-type of the body.
+ *
+ * In case you are extending the server to handle more request types, this is the
+ * perfect place to do so.
+ *
+ * If an error is thrown, it will be formatted using the provided {@link FormatError}
+ * and handled following the spec to be gracefully reported to the client.
+ *
+ * Throwing an instance of `Error` will _always_ have the client respond with a `400: Bad Request`
+ * and the error's message in the response body; however, if an instance of `GraphQLError` is thrown,
+ * it will be reported depending on the accepted content-type.
+ *
+ * If you return nothing, the default parser will be used instead.
+ *
+ * @category Server
+ */
+export type ParseRequestParams<
+  RequestRaw = unknown,
+  RequestContext = unknown,
+> = (
+  req: Request<RequestRaw, RequestContext>,
+) => Promise<RequestParams | Response | void> | RequestParams | Response | void;
+
 /** @category Server */
 export type OperationArgs<Context extends OperationContext = undefined> =
   ExecutionArgs & { contextValue?: Context };
@@ -326,6 +351,12 @@ export interface HandlerOptions<
    * this formatter.
    */
   formatError?: FormatError;
+  /**
+   * The request parser for an incoming GraphQL request.
+   *
+   * Read more about it in {@link ParseRequestParams}.
+   */
+  parseRequestParams?: ParseRequestParams<RequestRaw, RequestContext>;
 }
 
 /**
@@ -416,23 +447,10 @@ export function createHandler<
     onSubscribe,
     onOperation,
     formatError = (err) => err,
+    parseRequestParams = defaultParseRequestParams,
   } = options;
 
   return async function handler(req) {
-    const method = req.method;
-    if (method !== 'GET' && method !== 'POST') {
-      return [
-        null,
-        {
-          status: 405,
-          statusText: 'Method Not Allowed',
-          headers: {
-            allow: 'GET, POST',
-          },
-        },
-      ];
-    }
-
     let acceptedMediaType: AcceptableMediaType | null = null;
     const accepts = (getHeader(req, 'accept') || '*/*')
       .replace(/\s/g, '')
@@ -478,96 +496,12 @@ export function createHandler<
       ];
     }
 
-    // TODO: should graphql-http care about content-encoding? I'd say unzipping should happen before handler is reached
-
-    const [
-      mediaType,
-      charset = 'charset=utf-8', // utf-8 is assumed when not specified. this parameter is either "charset" or "boundary" (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length)
-    ] = (getHeader(req, 'content-type') || '')
-      .replace(/\s/g, '')
-      .toLowerCase()
-      .split(';');
-
-    let params;
+    let params: RequestParams;
     try {
-      const partParams: Partial<RequestParams> = {};
-      switch (true) {
-        case method === 'GET': {
-          // TODO: what if content-type is specified and is not application/x-www-form-urlencoded?
-          try {
-            const [, search] = req.url.split('?');
-            const searchParams = new URLSearchParams(search);
-            partParams.operationName =
-              searchParams.get('operationName') ?? undefined;
-            partParams.query = searchParams.get('query') ?? undefined;
-            const variables = searchParams.get('variables');
-            if (variables) partParams.variables = JSON.parse(variables);
-            const extensions = searchParams.get('extensions');
-            if (extensions) partParams.extensions = JSON.parse(extensions);
-          } catch {
-            throw new Error('Unparsable URL');
-          }
-          break;
-        }
-        case method === 'POST' &&
-          mediaType === 'application/json' &&
-          charset === 'charset=utf-8': {
-          if (!req.body) {
-            throw new Error('Missing body');
-          }
-          let data;
-          try {
-            const body =
-              typeof req.body === 'function' ? await req.body() : req.body;
-            data = typeof body === 'string' ? JSON.parse(body) : body;
-          } catch (err) {
-            throw new Error('Unparsable JSON body');
-          }
-          if (!isObject(data)) {
-            throw new Error('JSON body must be an object');
-          }
-          partParams.operationName = data.operationName;
-          partParams.query = data.query;
-          partParams.variables = data.variables;
-          partParams.extensions = data.extensions;
-          break;
-        }
-        default: // graphql-http doesnt support any other content type
-          return [
-            null,
-            {
-              status: 415,
-              statusText: 'Unsupported Media Type',
-            },
-          ];
-      }
-
-      if (partParams.query == null) throw new Error('Missing query');
-      if (typeof partParams.query !== 'string')
-        throw new Error('Invalid query');
-      if (
-        partParams.variables != null &&
-        (typeof partParams.variables !== 'object' ||
-          Array.isArray(partParams.variables))
-      ) {
-        throw new Error('Invalid variables');
-      }
-      if (
-        partParams.operationName != null &&
-        typeof partParams.operationName !== 'string'
-      ) {
-        throw new Error('Invalid operationName');
-      }
-      if (
-        partParams.extensions != null &&
-        (typeof partParams.extensions !== 'object' ||
-          Array.isArray(partParams.extensions))
-      ) {
-        throw new Error('Invalid extensions');
-      }
-
-      // request parameters are checked and now complete
-      params = partParams as RequestParams;
+      let paramsOrRes = await parseRequestParams(req);
+      if (!paramsOrRes) paramsOrRes = await defaultParseRequestParams(req);
+      if (isResponse(paramsOrRes)) return paramsOrRes;
+      params = paramsOrRes;
     } catch (err) {
       return makeResponse(err, acceptedMediaType, formatError);
     }
@@ -653,7 +587,7 @@ export function createHandler<
 
     // mutations cannot happen over GETs
     // https://graphql.github.io/graphql-over-http/draft/#sel-CALFJRPAAELBAAxwP
-    if (operation === 'mutation' && method === 'GET') {
+    if (operation === 'mutation' && req.method === 'GET') {
       return [
         JSON.stringify({
           errors: [new GraphQLError('Cannot perform mutations over GET')],
@@ -701,6 +635,116 @@ type AcceptableMediaType =
   | 'application/graphql-response+json'
   | 'application/json';
 
+/**
+ * The default request params parser. Used when no custom one is provided or if it
+ * returns nothing.
+ *
+ * TODO: should graphql-http itself care about content-encoding? I'd say unzipping should happen before handler is reached
+ */
+async function defaultParseRequestParams(
+  req: Request<unknown, unknown>,
+): Promise<Response | RequestParams> {
+  const method = req.method;
+  if (method !== 'GET' && method !== 'POST') {
+    return [
+      null,
+      {
+        status: 405,
+        statusText: 'Method Not Allowed',
+        headers: {
+          allow: 'GET, POST',
+        },
+      },
+    ];
+  }
+
+  const [
+    mediaType,
+    charset = 'charset=utf-8', // utf-8 is assumed when not specified. this parameter is either "charset" or "boundary" (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length)
+  ] = (getHeader(req, 'content-type') || '')
+    .replace(/\s/g, '')
+    .toLowerCase()
+    .split(';');
+
+  const partParams: Partial<RequestParams> = {};
+  switch (true) {
+    case method === 'GET': {
+      // TODO: what if content-type is specified and is not application/x-www-form-urlencoded?
+      try {
+        const [, search] = req.url.split('?');
+        const searchParams = new URLSearchParams(search);
+        partParams.operationName =
+          searchParams.get('operationName') ?? undefined;
+        partParams.query = searchParams.get('query') ?? undefined;
+        const variables = searchParams.get('variables');
+        if (variables) partParams.variables = JSON.parse(variables);
+        const extensions = searchParams.get('extensions');
+        if (extensions) partParams.extensions = JSON.parse(extensions);
+      } catch {
+        throw new Error('Unparsable URL');
+      }
+      break;
+    }
+    case method === 'POST' &&
+      mediaType === 'application/json' &&
+      charset === 'charset=utf-8': {
+      if (!req.body) {
+        throw new Error('Missing body');
+      }
+      let data;
+      try {
+        const body =
+          typeof req.body === 'function' ? await req.body() : req.body;
+        data = typeof body === 'string' ? JSON.parse(body) : body;
+      } catch (err) {
+        throw new Error('Unparsable JSON body');
+      }
+      if (!isObject(data)) {
+        throw new Error('JSON body must be an object');
+      }
+      partParams.operationName = data.operationName;
+      partParams.query = data.query;
+      partParams.variables = data.variables;
+      partParams.extensions = data.extensions;
+      break;
+    }
+    default: // graphql-http doesnt support any other content type
+      return [
+        null,
+        {
+          status: 415,
+          statusText: 'Unsupported Media Type',
+        },
+      ];
+  }
+
+  if (partParams.query == null) throw new Error('Missing query');
+  if (typeof partParams.query !== 'string') throw new Error('Invalid query');
+  if (
+    partParams.variables != null &&
+    (typeof partParams.variables !== 'object' ||
+      Array.isArray(partParams.variables))
+  ) {
+    throw new Error('Invalid variables');
+  }
+  if (
+    partParams.operationName != null &&
+    typeof partParams.operationName !== 'string'
+  ) {
+    throw new Error('Invalid operationName');
+  }
+  if (
+    partParams.extensions != null &&
+    (typeof partParams.extensions !== 'object' ||
+      Array.isArray(partParams.extensions))
+  ) {
+    throw new Error('Invalid extensions');
+  }
+
+  // request parameters are checked and now complete
+  return partParams as RequestParams;
+}
+
 /**
  * Creates an appropriate GraphQL over HTTP response following the provided arguments.
  *