npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@bluehalo/sof-graphql-invariant

v2.1.0

Published

Smart on FHIR scope checker for GraphQL

Downloads

104

Readme

SOF-GraphQL-Invariant

Utility for validating patient and user level scopes for the SMART on FHIR specification in a GraphQL based server.

Install

yarn add @bluehalo/sof-graphql-invariant

Usage

In this example, we will implement this on a single schema, PatientSchema. It can work on queries and mutations. It does have some required arguments so please see Arguments below for more information. This will reject requests on a resource level instead of across the entire request and will reject them in a manner that meets conformance standards for FHIR and GraphQL.

const scopeInvariant = require('@bluehalo/sof-graphql-invariant');

// NOTE: All the paths for the following modules are fictional, you will need
// to provide your own path to these resources, these are for example only

// This needs to be of GraphQLInputObjectType type
const OperationOutcome = require('./inputs/operationoutcome.input.js');
// Patient Schema that will be used for returning the patient data
const PatientSchema = require('./schemas/patient.schema.js');
// Patient arguments
const PatientArgs = require('./args/patient.parameters.js');
// Resolver you wish to use for this particular query
const patientQueryResolver = require('./patient/resolver.js');

// When defining a query to be used in a Root Schema, use this module
// as your resolver, it will invoke yours if everything meets the requirements
const PatientQuery = {
  description: 'Patient specific graphql query',
  type: PatientSchema,
  args: PatientArgs.
  resolver: scopeInvariant({
    schema: OperationOutcome,
    action: 'read',
    name: 'Patient',
  }, patientQueryResolver)
};

// Now use this in your root graphql schema somewhere
let root = new GraphQLObjectType({
  name: 'Query',
  description: 'Root query for all resources',
  fields: { Patient: PatientQuery }
});

See sof-graphql-invariant tests for more usage examples.

Environment variables

SOF_AUTHENTICATION

Disable authentication, it is enabled by default. See disabling.

Type: String
Value: false

HAS_GRAPHIQL

Disable authentication for graphiql only while keeping it on other endpoints. See Disabling for Graphiql only.

Type: String
Value: true

Disabling

If you use this invariant, it will check scopes on all incoming requests. If you want to disable this or provide a toggle mechanism, you can do so by setting an environment variable. To disable authentication, set SOF_AUTHENTICATION to false. It will only disable authentication if this is explicitly set to false.

const scopeInvariant = require('@bluehalo/sof-graphql-invariant');

// Set the ENV
process.env.SOF_AUTHENTICATION = 'false';

/**
* NOTE: You *MUST* still provide a valid config if you are using
* sof-graphql-invariant, even if it is disabled. This is just a mock config and
* will not work unless you define all variables, see above for a more real world
* example.
*/
const ExamplePatientQuery = {
  description: 'PatientQuery'
  type: PatientSchema,
  args: PatientArgs,
  resolver: scopeInvariant({
    name: 'Patient',
    action: 'read',
    schema: OperationOutcomeInputSchema
  }, patientResolver)
};

Disabling for Graphiql only

Sometimes it is useful to enable authentication in development but disable it when you are using the graphiql explorer. This requires two things. First is an environment variable stating you are using it, HAS_GRAPHIQL. Second, that the endpoint ends with $graphiql. If you do this, you can have authentication enabled on your graphql schemas but not if the request is coming from GraphiQL.

const scopeInvariant = require('@bluehalo/sof-graphql-invariant');
// Set the ENV
process.env.HAS_GRAPHIQL = 'true';

/**
* NOTE: You *MUST* still provide a valid config if you are using
* sof-graphql-invariant, even if it is disabled. This is just a mock config and
* will not work unless you define all variables, see above for a more real world
* example.
*/
const ExamplePatientMutation = {
  description: 'PatientMutation'
  type: PatientSchema,
  args: PatientArgs,
  resolver: scopeInvariant({
    name: 'Patient',
    action: 'write',
    schema: OperationOutcomeInputSchema
  }, patientResolver)
};

Arguments

@bluehalo/sof-graphql-invariant exports a single function which takes two arguments. One is a set of options and the other is a resolver function.

Options

The first argument we have is an options object, it contains all of the following:

name

Name of the resource as it would appear in SMART on FHIR scopes.

Type: String
Required: true

action

The action the user wants to take. Can be read, write, or *.

Type: String
Required: true

schema

The GraphQLInputObjectType that represents an OperationOutcome error.

Type: GraphQLInputObjectType
Required: true

Resolver

The second argument is the resolver function you want to be invoked after this invariant checker checks the user scopes against the allowed scopes for the action being performed.

Type: Function
Required: true