This makes sure we also enforce authorizations for non-nullable
fields.
We are defining our authorizations on the unwrapped
types (Repository). But when a type like that is presented in a
non-nullable field, it's type is different (Repository!). The
non-nullable type would not have the authorization metadata.
This makes sure we check the metadata on the unwrapped type for
finding authorizations.
