Obtain GraphQL API Schema even if the introspection is not enabled

These details have not been verified by PyPI

Project links

Project description

Clairvoyance

Obtain GraphQL API schema even if the introspection is disabled.

Introduction

Some GraphQL APIs have disabled introspection. For example, Apollo Server disables introspection automatically if the NODE_ENV environment variable is set to production.

Clairvoyance helps to obtain GraphQL API schema even if the introspection is disabled. It produces schema in JSON format suitable for other tools like GraphQL Voyager, InQL or graphql-path-enum.

Contributors

Thanks to the contributors for their work.

nikitastupin
Escape team
- iCarossio
- Swan
- QuentinN42
- Nohehf
i-tsaturov
EONRaider
noraj
belane

Getting Started

pip

pip install clairvoyance
clairvoyance https://rickandmortyapi.com/graphql -o schema.json
# should take about 2 minutes

docker

docker run --rm nikitastupin/clairvoyance --help

Advanced Usage

Which wordlist should I use?

There are at least two approaches:

Use general English words (e.g. google-10000-english).
Create target specific wordlist by extracting all valid GraphQL names from application HTTP traffic, from mobile application static files, etc. Regex for GraphQL name is [_A-Za-z][_0-9A-Za-z]*.

Environment variables

LOG_FMT=`%(asctime)s \t%(levelname)s\t| %(message)s` # A string format for logging.
LOG_DATEFMT=`%Y-%m-%d %H:%M:%S` # A string format for logging date.
LOG_LEVEL=`INFO` # A string level for logging.

Support

Due to time constraints @nikitastupin won't be able to answer all the issues for some time but he'll do his best to review & merge PRs

In case of questions or issues with Clairvoyance please refer to wiki or issues. If this doesn't solve your problem feel free to open a new issue.

Contributing

Pull requests are welcome! For major changes, please open an issue first to discuss what you would like to change. For more information about tests, internal project structure and so on refer to Development wiki page.

Documentation

You may find more details on how the tool works in the second half of the GraphQL APIs from bug hunter's perspective by Nikita Stupin talk.

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

2.5.2

Jul 10, 2023

2.5.1

Mar 18, 2023

2.0.6

Dec 5, 2022

2.0.1

Aug 20, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

clairvoyance-2.5.2.tar.gz (55.5 kB view details)

Uploaded Jul 10, 2023 Source

Built Distribution

clairvoyance-2.5.2-py3-none-any.whl (57.8 kB view details)

Uploaded Jul 10, 2023 Python 3

File details

Details for the file clairvoyance-2.5.2.tar.gz.

File metadata

Download URL: clairvoyance-2.5.2.tar.gz
Upload date: Jul 10, 2023
Size: 55.5 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.1 CPython/3.11.4

File hashes

Hashes for clairvoyance-2.5.2.tar.gz
Algorithm	Hash digest
SHA256	`a9b70dca44c0be5d2489f1b30a1f01fc2f5e557db05671723ccc1f83cc945010`
MD5	`0fd3db8bd4872ff6382ca455af407d51`
BLAKE2b-256	`303d4d2911ed1e1b3c16b2a8e0d032f93d498f1d78c4836c54dd1cb224e9b82f`

See more details on using hashes here.

File details

Details for the file clairvoyance-2.5.2-py3-none-any.whl.

File metadata

Download URL: clairvoyance-2.5.2-py3-none-any.whl
Upload date: Jul 10, 2023
Size: 57.8 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.1 CPython/3.11.4

File hashes

Hashes for clairvoyance-2.5.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`37e5c8f88a904a8553355a828827512eb2020589b3b3f28c531461dbdac0f1d1`
MD5	`54265384e05fca0a7bf8179ab5cadf75`
BLAKE2b-256	`0b08ee2dc8a16c8bafeaf153fff95502907e1a50a17289e81fa492485b22d96d`