Is it possible to inject spring beans into data fetchers?

[onomesotu]

In SpringBoot controllers, we can inject certain spring-managed beans such as Authentication, Principal, etc.

@PostMapping("/{id}/post")
@PreAuthorize(
    "@securityService.checkPermissionsForPosts(#authentication, #id, " +
        "'ADMIN', 'CUSTOMER', 'SERVICE')"
)
@ResponseStatus(HttpStatus.ACCEPTED)
public ResponseEntity updatePost(
    @PathVariable Integer id,
    @ApiIgnore Authentication authentication
) {
   ....
}

In the example above, spring will inject the authentication which is used by the @PreAuthorized annotation to determine access to the endpoint.

This doesn't seem to be supported in DGS.
Specifically, I am trying to inject the Authentication bean into a mutation as shown below so I can reference it in the @PreAuthorize annotation but authentication is always null.

@PreAuthorize(
    "@securityService.checkPermissionsForPosts(#authentication" +
        "'ADMIN', 'CUSTOMER', 'SERVICE')"
)
public TypeResult someMutation(
      @InputArgument SomeInput input, DgsDataFetchingEnvironment dgsDataFetchingEnvironment, Authentication authentication
  ) {

The authentication is always null in this case.
Is there a way to inject beans into data fetchers?

[berngp]

That pattern is not currently supported, that said, recent changes in master will make this possible in the near future. In the meantime, you could use the SecurityContextHolder to fetch the Authentication from thread local.

Please consider that the bean exposing the method used for data fetching is a managed bean and you can inject in its constructor any other bean that you want.

[onomesotu]

Thanks @berngp.

[etylermoss]

Hi @berngp , has there been any change in this do you know?

[berngp]

Hi @etylermoss, not sure. Tagging @srinivasankavitha and @kilink just in case they are aware of a change that will allow

to inject spring beans into data fetchers

[srinivasankavitha]

Hi @etylermoss - we have not made any changes to the framework to allow for this behavior. This is not a feature we plan to support in the DGS framework.