Authorization middleware for GraphQL

Related tags

GraphQLgraphql-authz
Overview

graphql-authz

GraphQL-Authz is a Python3.6+ port of GraphQL-Authz, the node.js implementation for the Casbin authorization middleware.

PyPi Build Status codecov

This package should use with GraphQL-core 3, allowing to limit access to each endpoint using casbin policy.

Installation

Install the package using pip.

pip install graphql-authz

Get Started

This package should use with graphql and graphql-middleware. To limit access to each graphql resource you can use a casbin policy. For example, given this policy for an RBAC model:

p, authorized_user, hello, query

Validation can be enforced using:

import casbin
from authz.middleware import enforcer_middleware

from graphql import (
    graphql_sync,
    GraphQLSchema,
    GraphQLObjectType,
    GraphQLField,
    GraphQLString,
)


schema = GraphQLSchema(
    query=GraphQLObjectType(
        name="RootQueryType",
        fields={
            "hello": GraphQLField(
                GraphQLString,
                resolve=lambda obj, info: "world")
        }))

enforcer = casbin.Enforcer("model_file.conf", "policy_file.csv")
casbin_middleware = enforcer_middleware(enforcer)

query = """{ hello }"""

# Authorized user ("authorized_user") has access to data
response = graphql_sync(
    schema,
    query,
    middleware=[casbin_middleware],
    context_value={"role": "authorized_user"}
)
assert response.data == {"hello": "world"}

# Unauthorized users ("unauthorized_user") are rejected
response = graphql_sync(
    schema,
    query,
    middleware=[casbin_middleware],
    context_value={"role": "unauthorized_user"}
)
assert response.errors[0].message == "unauthorized_user can not query hello"

For more interesting scenarios see tests folder.

Credits

This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.

You might also like...
Ariadne is a Python library for implementing GraphQL servers using schema-first approach.
Ariadne is a Python library for implementing GraphQL servers using schema-first approach.

Ariadne Ariadne is a Python library for implementing GraphQL servers. Schema-first: Ariadne enables Python developers to use schema-first approach to

Mirumee Labs 1.9k Jan 1, 2023
Adds GraphQL support to your Flask application.

Flask-GraphQL Adds GraphQL support to your Flask application. Usage Just use the GraphQLView view from flask_graphql from flask import Flask from flas

GraphQL Python 1.3k Dec 31, 2022
A library to help construct a graphql-py server supporting react-relay

Relay Library for GraphQL Python GraphQL-relay-py is the Relay library for GraphQL-core. It allows the easy creation of Relay-compliant servers using

GraphQL Python 143 Nov 15, 2022
GraphQL Engine built with Python 3.6+ / asyncio
GraphQL Engine built with Python 3.6+ / asyncio

Tartiflette is a GraphQL Server implementation built with Python 3.6+. Summary Motivation Status Usage Installation Installation dependencies Tartifle

tartiflette 839 Dec 31, 2022
Django registration and authentication with GraphQL.
Django registration and authentication with GraphQL.

Django GraphQL Auth Django registration and authentication with GraphQL. Demo About Abstract all the basic logic of handling user accounts out of your

pedrobern 301 Dec 9, 2022
A new GraphQL library for Python πŸ“
A new GraphQL library for Python πŸ“

Strawberry GraphQL Python GraphQL library based on dataclasses Installation ( Quick Start ) The quick start method provides a server and CLI to get go

Strawberry GraphQL 2.8k Jan 1, 2023
tartiflette-aiohttp is a wrapper of aiohttp which includes the Tartiflette GraphQL Engine, do not hesitate to take a look of the Tartiflette project.
tartiflette-aiohttp is a wrapper of aiohttp which includes the Tartiflette GraphQL Engine, do not hesitate to take a look of the Tartiflette project.

tartiflette-aiohttp is a wrapper of aiohttp which includes the Tartiflette GraphQL Engine. You can take a look at the Tartiflette API documentation. U

tartiflette 60 Nov 8, 2022
(Now finding maintainer) 🐍A Pythonic way to provide JWT authentication for Flask-GraphQL

Flask-GraphQL-Auth What is Flask-GraphQL-Auth? Flask-GraphQL-Auth is JWT decorator for flask-graphql inspired from Flask-JWT-Extended. all you have to

Seonghyeon Kim 64 Feb 19, 2022
ASGI support for the Tartiflette GraphQL engine
ASGI support for the Tartiflette GraphQL engine

tartiflette-asgi is a wrapper that provides ASGI support for the Tartiflette Python GraphQL engine. It is ideal for serving a GraphQL API over HTTP, o

tartiflette 99 Dec 27, 2022
Releases(v0.1.2)
Owner
GitHub Repository
A Python dependency resolver

python-resolver A Python dependency resolver. Issues Only supports wheels (no sdists!) Usage Python library import packaging.requirements import resol

Filipe LaΓ­ns 19 Jun 29, 2022
Django GraphQL User Management

Django GraphQL User Management An app that explores User management with GraphQL using Graphene in Django. Topics covered: Login. Log Out. Authenticat

0101 Solutions 4 Feb 22, 2022
tartiflette-aiohttp is a wrapper of aiohttp which includes the Tartiflette GraphQL Engine, do not hesitate to take a look of the Tartiflette project.

tartiflette-aiohttp is a wrapper of aiohttp which includes the Tartiflette GraphQL Engine. You can take a look at the Tartiflette API documentation. U

tartiflette 60 Nov 08, 2022
This is a graphql api build using ariadne python that serves a graphql-endpoint at port 3002 to perform language translation and identification using deep learning in python pytorch.

Language Translation and Identification this machine/deep learning api that will be served as a graphql-api using ariadne, to perform the following ta

crispengari 2 Dec 30, 2021
UltraGraphQL - a GraphQL interface for querying and modifying RDF data on the Web.

UltraGraphQL - cloned from https://git.rwth-aachen.de/i5/ultragraphql Updated or extended files: build.gradle: updated maven to use maven {url "https:

DrSnowbird 1 Jan 07, 2023
Generate a FullStack Playground using GraphQL and FastAPI πŸš€

FastQL - FastAPI GraphQL Playground Generate a FullStack playground using FastAPI and GraphQL and Ariadne πŸš€ . This Repository is based on this Articl

OBytes 109 Dec 23, 2022
Burp Suite extension to log GraphQL operations as a comment

Burp GraphQL Logger A very simple, straightforward extension that logs GraphQL operations as a comment in the Proxy view. To enable the highlight, unc

22 Jul 02, 2022
graphw00f is Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

graphw00f - GraphQL Server Fingerprinting graphw00f (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL endpoints. Table of Contents How

Dolev Farhi 282 Jan 04, 2023
Translate APIs described by OpenAPI Specifications (OAS) into GraphQL

OpenAPI-to-GraphQL Translate APIs described by OpenAPI Specifications (OAS) or Swagger into GraphQL. Getting started OpenAPI-to-GraphQL can be used in

International Business Machines 1.4k Dec 29, 2022
RPyC (Remote Python Call) - A transparent and symmetric RPC library for python

RPyC (pronounced like are-pie-see), or Remote Python Call, is a transparent library for symmetrical remote procedure calls, clustering, and distribute

1.3k Jan 05, 2023
Support for Apollo's Automatic Persisted Queries in Strawberry GraphQL πŸ“

strawberry-apollo-apq Supporting Apollo's automatic persisted queries in Strawberry GraphQL πŸ“ Notes Don't use this for production yet, unless you kno

Bas 3 May 17, 2022
Integrate GraphQL with your Pydantic models

graphene-pydantic A Pydantic integration for Graphene. Installation pip install "graphene-pydantic" Examples Here is a simple Pydantic model: import u

GraphQL Python 179 Jan 02, 2023
The Foundation for All Legate Libraries

Legate The Legate project endeavors to democratize computing by making it possible for all programmers to leverage the power of large clusters of CPUs

Legate 144 Dec 26, 2022
Ariadne is a Python library for implementing GraphQL servers using schema-first approach.

Ariadne Ariadne is a Python library for implementing GraphQL servers. Schema-first: Ariadne enables Python developers to use schema-first approach to

Mirumee Labs 1.9k Jan 01, 2023
A small command-line tool for interacting with GQL APIs

igqloo A small tool for interacting with GQL APIs Arguments, mutations, aliases are all supported. Other features, such as fragments, are left unsuppo

Joshua Mottaz 7 Dec 20, 2021
Integrate GraphQL into your Django project.

Graphene-Django A Django integration for Graphene. πŸ’¬ Join the community on Slack Documentation Visit the documentation to get started! Quickstart For

GraphQL Python 4k Dec 31, 2022
An unofficial Blender add-on for Autodesk's Arnold render engine.

Arnold for Blender Arnold for Blender (or BtoA) provides a bridge to the Arnold renderer from within Blender's standard interface. BtoA is an unoffici

Luna Digital, Ltd. 89 Dec 28, 2022
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

BatchQL BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is not complex, and

Assetnote 267 Dec 24, 2022
GraphQL Engine built with Python 3.6+ / asyncio

Tartiflette is a GraphQL Server implementation built with Python 3.6+. Summary Motivation Status Usage Installation Installation dependencies Tartifle

tartiflette 839 Dec 31, 2022
Graphql-codegen library - a pure python implementation

turms DEVELOPMENT Inspiration Turms is a pure python implementation of the awesome graphql-codegen library, following a simliar extensible design. It

Johannes Roos 22 Dec 23, 2022