Trait AuthorizationExtension

pub trait AuthorizationExtension: Sized + 'static {
    // Required methods
    fn new(config: Configuration) -> Result<Self, Error>;
    fn authorize_query(
        &mut self,
        ctx: AuthorizationContext,
        elements: QueryElements<'_>,
    ) -> Result<impl IntoQueryAuthorization, ErrorResponse>;

    // Provided method
    fn authorize_response(
        &mut self,
        ctx: AuthorizationContext,
        state: Vec<u8>,
        elements: ResponseElements<'_>,
    ) -> Result<AuthorizationDecisions, Error> { ... }
}

A trait that extends Extension and provides authorization functionality.

Required Methods

fn new(config: Configuration) -> Result<Self, Error>

Creates a new instance of the extension.

Arguments

• config - The configuration for this extension, from the gateway TOML.

Returns

Returns an instance of this resolver. Upon failure, every call to this extension will fail.

fn authorize_query( &mut self, ctx: AuthorizationContext, elements: QueryElements<'_>, ) -> Result<impl IntoQueryAuthorization, ErrorResponse>

Authorize query elements before sending any subgraph requests. The query elements will contain every element in the operation with a definition annotated with one of the extension’s authorization directive. This naturally includes fields, but also objects, interfaces, unions, enums and scalars.

Only elements explicitly mentioned in the query will be taken into account. Authorization on a object behind an interface won’t be called if it’s not explicitly mentioned, so if only interface fields are used.

Provided Methods

fn authorize_response( &mut self, ctx: AuthorizationContext, state: Vec<u8>, elements: ResponseElements<'_>, ) -> Result<AuthorizationDecisions, Error>

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors