DataContext incorrectly passed to UserContext?

[jandrews377]

Hi Simon,

By passing the DataContext in on the UserContext, does this make it impossible to use authentication?
(such as nuget GraphQL.Authorization).
I am trying to implement JWT claims based authorisation, which needs to be able to access the claims via the UserContext but this happens to contain our db context instead.
Thoughts?

Many thanks,
Jeremy

[SimonCropp]

By passing the DataContext in on the UserContext, does this make it impossible to use authentication

yes. but nothing about GraphQL.EntityFramework forces u to take that approach. what u place in the graphql context, and how u read from it is up to u. So at my current client we have this model for the user context

public class GraphQlUserContext
{
    public ElectorateDbContext DbContext { get; set; }
    public ClaimsPrincipal User { get; set; }
}

then in the graphql controller we do

       var options = new ExecutionOptions
        {
            Schema = schema,
            Query = query,
            OperationName = operationName,
            Inputs = variables?.ToInputs(),
            UserContext = new GraphQlUserContext
            {
                DbContext = dataContext,
                User = User
            },
            CancellationToken = cancellation,
#if (DEBUG)
            ExposeExceptions = true,
            EnableMetrics = true,
#endif
        };

then we have some helper extension methods

static class UserContextExtensions
{
    public static ElectorateDbContext GetDataContext(this ResolveFieldContext<object> context)
    {
        var userContext = (GraphQlUserContext) context.UserContext;
        return userContext.DbContext;
    }

    public static ElectorateDbContext GetDataContext<T>(this ResolveFieldContext<T> context)
    {
        var userContext = (GraphQlUserContext) context.UserContext;
        return userContext.DbContext;
    }

    public static List<Claim> GetClaims(this ResolveFieldContext<object> context)
    {
        var userContext = (GraphQlUserContext)context.UserContext;
        return userContext.User.Claims.ToList();
    }
}

which enables a query like this

public class Query : EfObjectGraphType
{
    public Query(IEfGraphQLService efGraphQlService) : base(efGraphQlService)
    {
        AddSingleField<ProgramGraph, Program>(
            name:"program",
            resolve: context =>
            {
                var dataContext = context.GetDataContext();
                return dataContext.Programs;
            });

[jandrews377]

Hi Simon,

Thank you for the ultra-quick response :)
I have plumbed up as per your example, the dbcontext is working correctly.
I am missing something with the UserClaims as I keep getting the error message on my mutation:

GraphQL.Validation.ValidationError: You are not authorized to run this mutation.\nRequired claim 'role' with any value of 'Admin' is not present.

When I set a breakpoint on my:
var options = new ExecutionOptions

I can see that the User object has the correct claims, and my ValidationRule is being populated.
In you code, where are calling UserContextExtensions.GetClaims from?

Many thanks.
Jeremy

[SimonCropp]

UserContextExtensions.GetClaims is called within the resolve. BTW we are well off track from this having anything to do with GraphQL.EntityFramework, ie your current problem could be reproduced without using GraphQL.EntityFramework. Perhaps move the question to stackoverflow? Or i can quote you an hourly rate to help you debug further

[SimonCropp]

closing this for now