add support for connection strings

shivaji-kharse · shivaji-kharse · commit d3f73424058a · 2025-03-26T17:43:48.000+05:30
diff --git a/.gitignore b/.gitignore
@@ -34,7 +34,7 @@ Thumbs.db
 
 # Dgraph
 
-
+dgraph-local-data/
 tls/
 p/
 w/
diff --git a/src/client.ts b/src/client.ts
@@ -4,6 +4,8 @@
  */
 
 import * as grpc from "@grpc/grpc-js"
+import * as url from "url"
+import * as querystring from "querystring"
 
 import * as messages from "../generated/api_pb"
 
@@ -13,6 +15,11 @@ import { Txn, TxnOptions } from "./txn"
 import * as types from "./types"
 import { isUnauthenticatedError, stringifyMessage } from "./util"
 
+const dgraphScheme = "dgraph:"
+const sslModeDisable = "disable"
+const sslModeRequire = "require"
+const sslModeVerifyCA = "verify-ca"
+
 /**
  * Client is a transaction aware client to a set of Dgraph server instances.
  */
@@ -127,3 +134,102 @@ export function deleteEdges(mu: types.Mutation, uid: string, ...predicates: stri
     mu.addDel(nquad)
   }
 }
+
+function addApiKeyToCredentials(
+  baseCreds: grpc.ChannelCredentials,
+  apiKey: string,
+): grpc.ChannelCredentials {
+  const metaCreds = grpc.credentials.createFromMetadataGenerator((_, callback) => {
+    const metadata = new grpc.Metadata()
+    metadata.add("authorization", apiKey)
+    callback(null, metadata)
+  })
+  return grpc.credentials.combineChannelCredentials(baseCreds, metaCreds)
+}
+
+function addBearerTokenToCredentials(
+  baseCreds: grpc.ChannelCredentials,
+  bearerToken: string,
+): grpc.ChannelCredentials {
+  const metaCreds = grpc.credentials.createFromMetadataGenerator((_, callback) => {
+    const metadata = new grpc.Metadata()
+    metadata.add("Authorization", `Bearer ${bearerToken}`)
+    callback(null, metadata)
+  })
+  return grpc.credentials.combineChannelCredentials(baseCreds, metaCreds)
+}
+
+export async function Open(connStr: string): Promise<DgraphClient> {
+  const parsedUrl = url.parse(connStr)
+
+  if (parsedUrl.protocol !== dgraphScheme) {
+    throw new Error("Invalid scheme: must start with dgraph://")
+  }
+
+  const host = parsedUrl.hostname
+  const port = parsedUrl.port
+  if (!host) {
+    throw new Error("Invalid connection string: hostname required")
+  }
+  if (!port) {
+    throw new Error("Invalid connection string: port required")
+  }
+
+  const queryParams: Record<string, string> = {}
+  if (parsedUrl.query) {
+    const parsedQuery = querystring.parse(parsedUrl.query)
+    Object.entries(parsedQuery).forEach(([key, value]) => {
+      queryParams[key] = Array.isArray(value) ? value[0] : value
+    })
+  }
+
+  if (queryParams.apikey && queryParams.bearertoken) {
+    throw new Error("Both apikey and bearertoken cannot be provided")
+  }
+
+  let sslMode = queryParams.sslmode
+  if (sslMode === undefined) {
+    sslMode = sslModeDisable
+  }
+
+  let credentials
+  switch (sslMode) {
+    case sslModeDisable:
+      credentials = grpc.credentials.createInsecure()
+      break
+    case sslModeRequire:
+      credentials = grpc.credentials.createSsl(null, null, null, {
+        checkServerIdentity: () => undefined, // Skip certificate verification
+      })
+      break
+    case sslModeVerifyCA:
+      credentials = grpc.credentials.createSsl() // Use system CA for verification
+      break
+    default:
+      throw new Error(`Invalid SSL mode: ${sslMode} (must be one of disable, require, verify-ca)`)
+  }
+
+  // Add API key or Bearer token to credentials if provided
+  if (queryParams.apikey) {
+    credentials = addApiKeyToCredentials(credentials, queryParams.apikey)
+  } else if (queryParams.bearertoken) {
+    credentials = addBearerTokenToCredentials(credentials, queryParams.bearertoken)
+  }
+
+  const clientStub = new DgraphClientStub(`${host}:${port}`, credentials)
+
+  if (parsedUrl.auth) {
+    const [username, password] = parsedUrl.auth.split(":")
+    if (!password) {
+      throw new Error("Invalid connection string: password required when username is provided")
+    }
+
+    try {
+      await clientStub.login(username, password)
+    } catch (err) {
+      throw new Error(`Failed to sign in user: ${err.message}`)
+    }
+  }
+
+  return new DgraphClient(clientStub)
+}
diff --git a/tests/integration/connect.spec.ts b/tests/integration/connect.spec.ts
@@ -0,0 +1,71 @@
+/*
+ * SPDX-FileCopyrightText: © Hypermode Inc. <hello@hypermode.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import * as dgraph from "../../src"
+
+import { SERVER_ADDR } from "../helper"
+
+describe("open function", () => {
+  it("should connect with authentication and execute a query", async () => {
+    const url = `dgraph://groot:password@${SERVER_ADDR}`
+    const client = await dgraph.Open(url)
+    const query = `
+      {
+        me(func: uid(1)) {
+          uid
+        }
+      }
+    `
+    const txn = client.newTxn({ readOnly: true })
+    const response = await txn.query(query)
+
+    // Assertions
+    expect(response).not.toBeNull()
+    const parsedJson = response.getJson() // No need for JSON.parse
+    expect(parsedJson.me[0].uid).toBe("0x1")
+  })
+
+  it("should throw an error for invalid scheme", async () => {
+    const invalidUrl = `http://${SERVER_ADDR}`
+    await expect(async () => dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Invalid scheme: must start with dgraph://",
+    )
+  })
+
+  it("should throw an error for missing hostname", async () => {
+    const invalidUrl = `dgraph://:${SERVER_ADDR.split(":")[1]}`
+    await expect(async () => dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Invalid connection string: hostname required",
+    )
+  })
+
+  it("should throw an error for missing port", async () => {
+    const invalidUrl = `dgraph://${SERVER_ADDR.split(":")[0]}`
+    await expect(async () => await dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Invalid connection string: port required",
+    )
+  })
+
+  it("should throw an error for username without password", async () => {
+    const invalidUrl = `dgraph://groot@${SERVER_ADDR}`
+    await expect(async () => await dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Invalid connection string: password required when username is provided",
+    )
+  })
+
+  it("should throw an error for unsupported sslmode", async () => {
+    const invalidUrl = `dgraph://${SERVER_ADDR}?sslmode=invalidsllmode`
+    await expect(async () => await dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Invalid SSL mode: invalidsllmode (must be one of disable, require, verify-ca)",
+    )
+  })
+
+  it("should fail login with invalid credentials", async () => {
+    const invalidUrl = `dgraph://groot:wrongpassword@${SERVER_ADDR}`
+    await expect(async () => await dgraph.Open(invalidUrl)).rejects.toThrowError(
+      "Failed to sign in user:",
+    )
+  })
+})
