Authorization and remote schemas

[iDVB]

We have setup a Apollo server to act as a primary endpoint to (for now) our Contentful GraphQL endpoint.
This proxy is aware of the calling user's role (Auth0 authorizer).

We'd like the modify / limit the VideoPost returned based on that role. Effectively to return a null for the VideoPost.url from non-premium (not logged in users) (Paywalled) We still want anonymous users to be able to query all videos... just not be able to view the video itself. Hence the idea to just return VideoPost.url = null.

Perhaps there is a better way to do this altogether, but right now we we're just trying to proxy the resolver for url field like this..

const localResolvers = {
  VideoPost: {
    url: (parent, args, context, info) => {
      const isAllowed =
        !parent.restrictToRoles?.length || parent.restrictToRoles?.includes(context.role)
      return isAllowed ? parent.title : null
    },
  },
}

However, parent only includes what was asked for in the query.... so if the query didn't ask for parent.restrictToRoles then we're unable to modify things cause we don't know the restrictToRoles data on that VideoPost.

Is there a better way to do this?

Been reading a lot about “delegateSchema” and “transforms”, however, I think I’m unsure as to if these ONLY deal with the “schema” and not the actual data results.
What we we’re hoping to do was to remove the Video.url from all requests or from the response if the user’s role/identity is not “premium” and the “Video.allowedRole” doesnt match.

Gist Here

[glasser]

I'm not sure what you mean by "proxy" here. You can use Apollo Federation for this, having a subgraph's url field using @requires to pull in information from other fields from other subgraphs.

[iDVB]

@glasser Yes! we thought the same... but can't seem to get Federation working.
Not quite sure how to create a supergraph given the code we have now.

[iDVB]

Will this even work if the schema is a remote schema (Contentful schema)?
Sounds like no?

[iDVB]

Seems like this is possible without Federation, although, we really can't make heads of tails of this. We would really appreciate someone connecting the dots for us.