From 1c62f554ae3064003fbd654b5282a808d5a504ff Mon Sep 17 00:00:00 2001 From: Laurin Quast Date: Sat, 17 Jun 2017 14:50:24 +0200 Subject: [PATCH] Implements DisableIntrospection validation rule --- src/Validator/Rules/DisableIntrospection.php | 50 ++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 src/Validator/Rules/DisableIntrospection.php diff --git a/src/Validator/Rules/DisableIntrospection.php b/src/Validator/Rules/DisableIntrospection.php new file mode 100644 index 0000000..f820375 --- /dev/null +++ b/src/Validator/Rules/DisableIntrospection.php @@ -0,0 +1,50 @@ +setEnabled($enabled); + } + + public function setEnabled($enabled) + { + $this->isEnabled = $enabled; + } + + static function introspectionDisabledMessage() + { + return 'GraphQL introspection is not allowed, but the query contained __schema or __type'; + } + + protected function isEnabled() + { + return $this->isEnabled !== static::DISABLED; + } + + public function __invoke(ValidationContext $context) + { + return $this->invokeIfNeeded( + $context, + [ + NodeKind::FIELD => function (FieldNode $node) use ($context) { + if ($node->name->value === '__type' || $node->name->value === '__schema') { + $context->reportError(new Error( + static::introspectionDisabledMessage(), + [$node] + )); + } + } + ] + ); + } +}