apollo-server responding 500 on 4xx errors

Created on 17 May 2019  路  2Comments  路  Source: apollographql/apollo-server

apollo-server-plugin-operation-registry throws ForbiddenError when a forbidden operation is invoked. However, this error is responded with 500 http response code instead of 403 as in the following code:

https://github.com/apollographql/apollo-server/blob/577b35c4decf280cec612ac4e40efdcc4fe4601a/packages/apollo-server-core/src/runHttpQuery.ts#L287-L326

I think these 4xx Errors should be also handled separately with proper http response code as following example:

catch (error) {
    if (error instanceof HttpQueryError) {
      throw error;
    } else if (error instanceof AuthenticationError) {
        return throwHttpGraphQLError(401, [error], options);
    } else if (error instanceof ForbiddenError) {
        return throwHttpGraphQLError(403, [error], options);
    }
    return throwHttpGraphQLError(500, [error], options);
  }
picture mykevinjung

Most helpful comment

@mykevinjung could you give some example code? We are having this issue right now.

picture MM3y3r on 14 Jan 2020
👍3

All 2 comments

It seems that we can make it work using GraphQLRequestListener and ApolloServerPlugin. Closing.

mykevinjung picture mykevinjung on 5 Jun 2019

@mykevinjung could you give some example code? We are having this issue right now.

MM3y3r picture MM3y3r on 14 Jan 2020
👍3
Was this page helpful?
0 / 5 - 0 ratings

Related issues

stevezau picture stevezau  路  3Comments
veeramarni picture veeramarni  路  3Comments
nevyn-lookback picture nevyn-lookback  路  3Comments
hiucimon picture hiucimon  路  3Comments
jminz picture jminz  路  3Comments