Detect introspection queries dynamically during validation

andimarek · claude · andimarek · commit 02fcf271f7c0 · 2026-03-23T11:30:22.000+10:00
Instead of pre-scanning the document with containsIntrospectionFields,
let checkGoodFaithIntrospection detect introspection queries at
validation time when it first encounters __schema or __type on the
Query type. At that point it tightens the complexity limits and sets
a flag so that subsequent limit breaches throw
GoodFaithIntrospectionExceeded directly.

This eliminates the pre-scan (which could miss introspection fields
hidden inside inline fragments or fragment spreads) and simplifies
GraphQL.validate().

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/src/main/java/graphql/GraphQL.java b/src/main/java/graphql/GraphQL.java
@@ -30,7 +30,6 @@
 import graphql.validation.OperationValidationRule;
 import graphql.validation.QueryComplexityLimits;
 import graphql.validation.ValidationError;
-import graphql.validation.ValidationErrorType;
 import org.jspecify.annotations.NullMarked;
 import org.jspecify.annotations.NullUnmarked;
 
@@ -609,32 +608,17 @@ private List<ValidationError> validate(ExecutionInput executionInput, Document d
         validationCtx.onDispatched();
 
         Predicate<OperationValidationRule> validationRulePredicate = executionInput.getGraphQLContext().getOrDefault(ParseAndValidate.INTERNAL_VALIDATION_PREDICATE_HINT, r -> true);
-        Locale locale = executionInput.getLocale() != null ? executionInput.getLocale() : Locale.getDefault();
+        Locale locale = executionInput.getLocale();
         QueryComplexityLimits limits = executionInput.getGraphQLContext().get(QueryComplexityLimits.KEY);
 
-        // Good Faith Introspection: apply tighter limits and enable the rule for introspection queries
-        boolean goodFaithActive = GoodFaithIntrospection.isEnabled(executionInput.getGraphQLContext())
-                && GoodFaithIntrospection.containsIntrospectionFields(document);
-        if (goodFaithActive) {
-            limits = GoodFaithIntrospection.goodFaithLimits(limits);
-        } else {
+        // Good Faith Introspection: disable the rule if good faith is off
+        if (!GoodFaithIntrospection.isEnabled(executionInput.getGraphQLContext())) {
             Predicate<OperationValidationRule> existing = validationRulePredicate;
             validationRulePredicate = rule -> rule != OperationValidationRule.GOOD_FAITH_INTROSPECTION && existing.test(rule);
         }
 
         List<ValidationError> validationErrors = ParseAndValidate.validate(graphQLSchema, document, validationRulePredicate, locale, limits);
 
-        // If good faith is active and a complexity limit error was produced, convert it to a bad faith error
-        if (goodFaithActive) {
-            for (ValidationError error : validationErrors) {
-                if (error.getValidationErrorType() == ValidationErrorType.MaxQueryFieldsExceeded
-                        || error.getValidationErrorType() == ValidationErrorType.MaxQueryDepthExceeded) {
-                    validationCtx.onCompleted(null, null);
-                    throw GoodFaithIntrospectionExceeded.tooBigOperation(error.getDescription());
-                }
-            }
-        }
-
         validationCtx.onCompleted(validationErrors, null);
         return validationErrors;
     }
diff --git a/src/main/java/graphql/introspection/GoodFaithIntrospection.java b/src/main/java/graphql/introspection/GoodFaithIntrospection.java
@@ -4,12 +4,6 @@
 import graphql.GraphQLContext;
 import graphql.GraphQLError;
 import graphql.PublicApi;
-import graphql.language.Definition;
-import graphql.language.Document;
-import graphql.language.Field;
-import graphql.language.OperationDefinition;
-import graphql.language.Selection;
-import graphql.language.SelectionSet;
 import graphql.language.SourceLocation;
 import graphql.validation.QueryComplexityLimits;
 import org.jspecify.annotations.NullMarked;
@@ -89,33 +83,6 @@ public static boolean isEnabled(GraphQLContext graphQLContext) {
         return !graphQLContext.getBoolean(GOOD_FAITH_INTROSPECTION_DISABLED, false);
     }
 
-    /**
-     * Performs a shallow scan of the document to check if any operation's top-level selections
-     * contain introspection fields ({@code __schema} or {@code __type}).
-     *
-     * @param document the parsed document
-     *
-     * @return true if the document contains top-level introspection fields
-     */
-    public static boolean containsIntrospectionFields(Document document) {
-        for (Definition<?> definition : document.getDefinitions()) {
-            if (definition instanceof OperationDefinition) {
-                SelectionSet selectionSet = ((OperationDefinition) definition).getSelectionSet();
-                if (selectionSet != null) {
-                    for (Selection<?> selection : selectionSet.getSelections()) {
-                        if (selection instanceof Field) {
-                            String name = ((Field) selection).getName();
-                            if ("__schema".equals(name) || "__type".equals(name)) {
-                                return true;
-                            }
-                        }
-                    }
-                }
-            }
-        }
-        return false;
-    }
-
     /**
      * Returns query complexity limits that are the minimum of the existing limits and the
      * good faith introspection limits. This ensures introspection queries are bounded
@@ -125,10 +92,7 @@ public static boolean containsIntrospectionFields(Document document) {
      *
      * @return complexity limits with good faith bounds applied
      */
-    public static QueryComplexityLimits goodFaithLimits(@Nullable QueryComplexityLimits existing) {
-        if (existing == null) {
-            existing = QueryComplexityLimits.getDefaultLimits();
-        }
+    public static QueryComplexityLimits goodFaithLimits(QueryComplexityLimits existing) {
         int maxFields = Math.min(existing.getMaxFieldsCount(), GOOD_FAITH_MAX_FIELDS_COUNT);
         int maxDepth = Math.min(existing.getMaxDepth(), GOOD_FAITH_MAX_DEPTH_COUNT);
         return QueryComplexityLimits.newLimits()
diff --git a/src/main/java/graphql/validation/OperationValidator.java b/src/main/java/graphql/validation/OperationValidator.java
@@ -14,6 +14,7 @@
 import graphql.execution.TypeFromAST;
 import graphql.execution.ValuesResolver;
 import graphql.i18n.I18nMsg;
+import graphql.introspection.GoodFaithIntrospection;
 import graphql.introspection.Introspection.DirectiveLocation;
 import graphql.language.Argument;
 import graphql.language.AstComparator;
@@ -332,14 +333,15 @@ public class OperationValidator implements DocumentVisitor {
     private int fieldCount = 0;
     private int currentFieldDepth = 0;
     private int maxFieldDepthSeen = 0;
-    private final QueryComplexityLimits complexityLimits;
+    private QueryComplexityLimits complexityLimits;
     // Fragment complexity calculated lazily during first spread
     private final Map<String, FragmentComplexityInfo> fragmentComplexityMap = new HashMap<>();
     // Max depth seen during current fragment traversal (for calculating fragment's internal depth)
     private int fragmentTraversalMaxDepth = 0;
 
     // --- State: Good Faith Introspection ---
     private final Map<String, Integer> introspectionFieldCounts = new HashMap<>();
+    private boolean introspectionQueryDetected = false;
 
     // --- Track whether we're in a context where fragment spread rules should run ---
     // fragmentRetraversalDepth == 0 means we're NOT inside a manually-traversed fragment => run non-fragment-spread checks
@@ -406,6 +408,10 @@ private boolean shouldRunOperationScopedRules() {
 
     private void checkFieldCountLimit() {
         if (fieldCount > complexityLimits.getMaxFieldsCount()) {
+            if (introspectionQueryDetected) {
+                throw GoodFaithIntrospectionExceeded.tooBigOperation(
+                        "Query has " + fieldCount + " fields which exceeds maximum allowed " + complexityLimits.getMaxFieldsCount());
+            }
             throw new QueryComplexityLimitsExceeded(
                     ValidationErrorType.MaxQueryFieldsExceeded,
                     complexityLimits.getMaxFieldsCount(),
@@ -417,6 +423,10 @@ private void checkDepthLimit(int depth) {
         if (depth > maxFieldDepthSeen) {
             maxFieldDepthSeen = depth;
             if (maxFieldDepthSeen > complexityLimits.getMaxDepth()) {
+                if (introspectionQueryDetected) {
+                    throw GoodFaithIntrospectionExceeded.tooBigOperation(
+                            "Query depth " + maxFieldDepthSeen + " exceeds maximum allowed depth " + complexityLimits.getMaxDepth());
+                }
                 throw new QueryComplexityLimitsExceeded(
                         ValidationErrorType.MaxQueryDepthExceeded,
                         complexityLimits.getMaxDepth(),
@@ -629,6 +639,10 @@ private void checkGoodFaithIntrospection(Field field) {
             if (queryType != null && parentType.getName().equals(queryType.getName())) {
                 if ("__schema".equals(fieldName) || "__type".equals(fieldName)) {
                     key = parentType.getName() + "." + fieldName;
+                    if (!introspectionQueryDetected) {
+                        introspectionQueryDetected = true;
+                        complexityLimits = GoodFaithIntrospection.goodFaithLimits(complexityLimits);
+                    }
                 }
             }
         }
diff --git a/src/test/groovy/graphql/introspection/GoodFaithIntrospectionTest.groovy b/src/test/groovy/graphql/introspection/GoodFaithIntrospectionTest.groovy
@@ -189,6 +189,41 @@ class GoodFaithIntrospectionTest extends Specification {
         100 | GoodFaithIntrospection.BadFaithIntrospectionError.class
     }
 
+    def "introspection via inline fragment on Query is detected as bad faith"() {
+        def query = """
+            query badActor {
+                ...on Query {
+                    __schema{types{fields{type{fields{type{fields{type{fields{type{name}}}}}}}}}}
+                }
+            }
+        """
+
+        when:
+        ExecutionResult er = graphql.execute(query)
+
+        then:
+        !er.errors.isEmpty()
+        er.errors[0] instanceof GoodFaithIntrospection.BadFaithIntrospectionError
+    }
+
+    def "introspection via fragment spread is detected as bad faith"() {
+        def query = """
+            query badActor {
+                ...IntrospectionFragment
+            }
+            fragment IntrospectionFragment on Query {
+                __schema{types{fields{type{fields{type{fields{type{fields{type{name}}}}}}}}}}
+            }
+        """
+
+        when:
+        ExecutionResult er = graphql.execute(query)
+
+        then:
+        !er.errors.isEmpty()
+        er.errors[0] instanceof GoodFaithIntrospection.BadFaithIntrospectionError
+    }
+
     def "good faith limits are applied on top of custom user limits"() {
         given:
         def limits = QueryComplexityLimits.newLimits().maxFieldsCount(200).maxDepth(15).build()
@@ -203,18 +238,6 @@ class GoodFaithIntrospectionTest extends Specification {
         er.errors.isEmpty()
     }
 
-    def "containsIntrospectionFields handles operation with no selection set"() {
-        given:
-        def op = graphql.language.OperationDefinition.newOperationDefinition()
-                .name("empty")
-                .operation(graphql.language.OperationDefinition.Operation.QUERY)
-                .build()
-        def doc = Document.newDocument().definition(op).build()
-
-        expect:
-        !GoodFaithIntrospection.containsIntrospectionFields(doc)
-    }
-
     def "introspection query exceeding field count limit is detected as bad faith"() {
         given:
         // Build a wide introspection query that exceeds GOOD_FAITH_MAX_FIELDS_COUNT (500)
