From daaf0aaa18e5f0120e58c9d7655605c5351e8671 Mon Sep 17 00:00:00 2001 From: Jon Wallsten Date: Tue, 8 Oct 2024 23:50:26 +0200 Subject: [PATCH] feat(cdk): expose authorizer id and authorization type (#31622) ### Issue # (if applicable) Closes #31605. ### Reason for this change I need to access the authorizer id and type to be able to import the authorizer in another CDK project ### Description of changes I have added a public readonly variable for the authorizationType that was previously a string in the return object from the bind function. I have also added a getter that will return the authorizerId after the first binding. If not bound yet it will throw an error. ### Description of how you validated changes I have added unit tests for all changed files. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../AuthorizerInteg.assets.json | 18 +++---- .../AuthorizerInteg.template.json | 12 ++++- .../index.js | 13 +++++ .../index.d.ts | 7 --- .../index.js | 14 ------ .../index.ts | 9 ---- .../index.js | 11 +++++ .../index.d.ts | 3 -- .../index.js | 12 ----- .../index.ts | 9 ---- .../http/integ.lambda.js.snapshot/cdk.out | 2 +- .../http/integ.lambda.js.snapshot/integ.json | 2 +- .../integ.lambda.js.snapshot/manifest.json | 17 ++++++- .../http/integ.lambda.js.snapshot/tree.json | 42 ++++++++++++----- .../test/http/integ.lambda.ts | 8 +++- .../AuthorizerInteg.assets.json | 12 ++--- .../AuthorizerInteg.template.json | 12 ++++- .../index.js | 27 +++++++++++ .../index.d.ts | 1 - .../index.js | 28 ----------- .../index.ts | 23 --------- .../http/integ.user-pool.js.snapshot/cdk.out | 2 +- .../integ.user-pool.js.snapshot/integ.json | 2 +- .../integ.user-pool.js.snapshot/manifest.json | 17 ++++++- .../integ.user-pool.js.snapshot/tree.json | 40 +++++++++++----- .../test/http/integ.user-pool.ts | 11 ++++- .../aws-apigatewayv2-authorizers/README.md | 47 +++++++++++++++++++ .../lib/http/iam.ts | 6 ++- .../lib/http/jwt.ts | 18 ++++++- .../lib/http/lambda.ts | 19 +++++++- .../lib/http/user-pool.ts | 19 +++++++- .../test/http/jwt.test.ts | 33 +++++++++++++ .../test/http/lambda.test.ts | 43 +++++++++++++++++ .../test/http/user-pool.test.ts | 40 ++++++++++++++++ .../aws-apigatewayv2/lib/http/authorizer.ts | 7 ++- 35 files changed, 420 insertions(+), 166 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.handler/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.handler/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json index 08bff1e7a6f72..59f6fdb972216 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.assets.json @@ -1,33 +1,33 @@ { - "version": "34.0.0", + "version": "38.0.1", "files": { - "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64": { + "9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714": { "source": { - "path": "asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64", + "path": "asset.9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip", + "objectKey": "9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8": { + "0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b": { "source": { - "path": "asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler", + "path": "asset.0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.handler", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip", + "objectKey": "0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553": { + "77c9c72d92fddd31c04ada6abdc24df11dca25e0064883babe03df06c8758761": { "source": { "path": "AuthorizerInteg.template.json", "packaging": "file" @@ -35,7 +35,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553.json", + "objectKey": "77c9c72d92fddd31c04ada6abdc24df11dca25e0064883babe03df06c8758761.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json index 002fb57113411..084447cf719b7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/AuthorizerInteg.template.json @@ -38,7 +38,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip" + "S3Key": "9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714.zip" }, "Handler": "index.handler", "Role": { @@ -360,7 +360,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip" + "S3Key": "0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.zip" }, "Handler": "index.handler", "Role": { @@ -497,6 +497,14 @@ ] ] } + }, + "AuthorizerId": { + "Value": { + "Ref": "MyHttpApiLambdaAuthorizerB8A0E2A4" + } + }, + "AuthorizationType": { + "Value": "CUSTOM" } }, "Parameters": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.handler/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.handler/index.js new file mode 100644 index 0000000000000..c17267a074794 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.handler/index.js @@ -0,0 +1,13 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const handler = async () => { + return { + statusCode: 200, + body: JSON.stringify({ message: 'Hello from authenticated lambda' }), + headers: { + 'Content-Type': 'application/json', + }, + }; +}; +exports.handler = handler; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts deleted file mode 100644 index e56796aad72e3..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.d.ts +++ /dev/null @@ -1,7 +0,0 @@ -export declare const handler: () => Promise<{ - statusCode: number; - body: string; - headers: { - 'Content-Type': string; - }; -}>; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js deleted file mode 100644 index 7d76216c7ee0a..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.js +++ /dev/null @@ -1,14 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async () => { - return { - statusCode: 200, - body: JSON.stringify({ message: 'Hello from authenticated lambda' }), - headers: { - 'Content-Type': 'application/json', - }, - }; -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBTyxNQUFNLE9BQU8sR0FBRyxLQUFLLElBQUksRUFBRTtJQUNoQyxPQUFPO1FBQ0wsVUFBVSxFQUFFLEdBQUc7UUFDZixJQUFJLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxFQUFFLE9BQU8sRUFBRSxpQ0FBaUMsRUFBRSxDQUFDO1FBQ3BFLE9BQU8sRUFBRTtZQUNQLGNBQWMsRUFBRSxrQkFBa0I7U0FDbkM7S0FDRixDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBUlcsUUFBQSxPQUFPLFdBUWxCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoKSA9PiB7XG4gIHJldHVybiB7XG4gICAgc3RhdHVzQ29kZTogMjAwLFxuICAgIGJvZHk6IEpTT04uc3RyaW5naWZ5KHsgbWVzc2FnZTogJ0hlbGxvIGZyb20gYXV0aGVudGljYXRlZCBsYW1iZGEnIH0pLFxuICAgIGhlYWRlcnM6IHtcbiAgICAgICdDb250ZW50LVR5cGUnOiAnYXBwbGljYXRpb24vanNvbicsXG4gICAgfSxcbiAgfTtcbn07Il19 \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts deleted file mode 100644 index def194e303e1e..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.handler/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -export const handler = async () => { - return { - statusCode: 200, - body: JSON.stringify({ message: 'Hello from authenticated lambda' }), - headers: { - 'Content-Type': 'application/json', - }, - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714/index.js new file mode 100644 index 0000000000000..f3d6f6e5fab01 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714/index.js @@ -0,0 +1,11 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const handler = async (event) => { + const key = event.headers['x-api-key']; + return { + isAuthorized: key === '123', + }; +}; +exports.handler = handler; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts deleted file mode 100644 index 6bd63fa6af1d0..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.d.ts +++ /dev/null @@ -1,3 +0,0 @@ -export declare const handler: (event: import("aws-lambda").APIGatewayProxyEventV2) => Promise<{ - isAuthorized: boolean; -}>; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js deleted file mode 100644 index 1ce5c01da6d56..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.js +++ /dev/null @@ -1,12 +0,0 @@ -"use strict"; -/* eslint-disable no-console */ -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async (event) => { - const key = event.headers['x-api-key']; - return { - isAuthorized: key === '123', - }; -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsK0JBQStCOzs7QUFFeEIsTUFBTSxPQUFPLEdBQUcsS0FBSyxFQUFFLEtBQXVDLEVBQUUsRUFBRTtJQUN2RSxNQUFNLEdBQUcsR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRXZDLE9BQU87UUFDTCxZQUFZLEVBQUUsR0FBRyxLQUFLLEtBQUs7S0FDNUIsQ0FBQztBQUNKLENBQUMsQ0FBQztBQU5XLFFBQUEsT0FBTyxXQU1sQiIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoZXZlbnQ6IEFXU0xhbWJkYS5BUElHYXRld2F5UHJveHlFdmVudFYyKSA9PiB7XG4gIGNvbnN0IGtleSA9IGV2ZW50LmhlYWRlcnNbJ3gtYXBpLWtleSddO1xuXG4gIHJldHVybiB7XG4gICAgaXNBdXRob3JpemVkOiBrZXkgPT09ICcxMjMnLFxuICB9O1xufTsiXX0= \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts deleted file mode 100644 index f08c1bdb1b42a..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/asset.d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: AWSLambda.APIGatewayProxyEventV2) => { - const key = event.headers['x-api-key']; - - return { - isAuthorized: key === '123', - }; -}; \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/cdk.out index 2313ab5436501..c6e612584e352 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"34.0.0"} \ No newline at end of file +{"version":"38.0.1"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/integ.json index 14ebc70ec9ca2..9a5785fe7421a 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "38.0.1", "testCases": { "integ.lambda": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/manifest.json index 9636d2c7f226b..098add3bfbfe9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "38.0.1", "artifacts": { "AuthorizerInteg.assets": { "type": "cdk:asset-manifest", @@ -16,9 +16,10 @@ "templateFile": "AuthorizerInteg.template.json", "terminationProtection": false, "validateOnSynth": false, + "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1392f7df97b60ac420a8ba97f1d6ac2f6e984a168d85bb763108846d396c6553.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/77c9c72d92fddd31c04ada6abdc24df11dca25e0064883babe03df06c8758761.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -154,6 +155,18 @@ "data": "URLWithDefaultAuthorizer" } ], + "/AuthorizerInteg/AuthorizerId": [ + { + "type": "aws:cdk:logicalId", + "data": "AuthorizerId" + } + ], + "/AuthorizerInteg/AuthorizationType": [ + { + "type": "aws:cdk:logicalId", + "data": "AuthorizationType" + } + ], "/AuthorizerInteg/BootstrapVersion": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/tree.json index 08ec1606edb94..7464f8eae6274 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.js.snapshot/tree.json @@ -105,7 +105,7 @@ "s3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "s3Key": "d7d3785243d748927f2a8d6edcecf909f96191df27a815e305aaeba98bcd2c64.zip" + "s3Key": "9b3143f6d2fe3103f2f3162c221163ad6a5a0ba2219cc1e5af2e300325588714.zip" }, "handler": "index.handler", "role": { @@ -171,7 +171,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpStage", "version": "0.0.0" } }, @@ -209,7 +209,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpIntegration", "version": "0.0.0" } }, @@ -292,7 +292,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpRoute", "version": "0.0.0" } }, @@ -349,7 +349,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpAuthorizer", "version": "0.0.0" } }, @@ -403,7 +403,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpApi", "version": "0.0.0" } }, @@ -450,7 +450,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpStage", "version": "0.0.0" } }, @@ -507,7 +507,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpAuthorizer", "version": "0.0.0" } }, @@ -561,7 +561,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpApi", "version": "0.0.0" } }, @@ -662,7 +662,7 @@ "s3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "s3Key": "54deaef2af5b9afbfc9cbcbb9261b1c0d4cce6560831d7ae1959f3da899011c8.zip" + "s3Key": "0793b3c94d0be9d628975dbbcd1dc523196de50a41fb1920880248ae3c24259b.zip" }, "handler": "index.handler", "role": { @@ -719,7 +719,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpIntegration", "version": "0.0.0" } }, @@ -802,7 +802,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpRoute", "version": "0.0.0" } }, @@ -822,6 +822,22 @@ "version": "0.0.0" } }, + "AuthorizerId": { + "id": "AuthorizerId", + "path": "AuthorizerInteg/AuthorizerId", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "AuthorizationType": { + "id": "AuthorizationType", + "path": "AuthorizerInteg/AuthorizationType", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, "BootstrapVersion": { "id": "BootstrapVersion", "path": "AuthorizerInteg/BootstrapVersion", @@ -849,7 +865,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.ts index ec54d8ecfc28e..697f27cf44335 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.lambda.ts @@ -62,4 +62,10 @@ new CfnOutput(stack, 'URL', { }); new CfnOutput(stack, 'URLWithDefaultAuthorizer', { value: httpApiWithDefaultAuthorizer.url!, -}); \ No newline at end of file +}); +new CfnOutput(stack, 'AuthorizerId', { + value: authorizer.authorizerId, +}); +new CfnOutput(stack, 'AuthorizationType', { + value: authorizer.authorizationType, +}); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json index 523c011b3c99d..3e1eded265cb2 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.assets.json @@ -1,20 +1,20 @@ { - "version": "34.0.0", + "version": "38.0.1", "files": { - "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc": { + "305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a": { "source": { - "path": "asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler", + "path": "asset.305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.handler", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip", + "objectKey": "305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978": { + "88d5ad156d2cbb044227b4188a274f0800e0bfd4c8564e1eb29c296b68081937": { "source": { "path": "AuthorizerInteg.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978.json", + "objectKey": "88d5ad156d2cbb044227b4188a274f0800e0bfd4c8564e1eb29c296b68081937.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json index e3d22ec70cf41..91c170f53385f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/AuthorizerInteg.template.json @@ -333,7 +333,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip" + "S3Key": "305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.zip" }, "Handler": "index.handler", "Role": { @@ -430,6 +430,16 @@ } } }, + "Outputs": { + "AuthorizerId": { + "Value": { + "Ref": "MyHttpApiUserPoolAuthorizer8754262B" + } + }, + "AuthorizationType": { + "Value": "JWT" + } + }, "Parameters": { "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.handler/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.handler/index.js new file mode 100644 index 0000000000000..639bf36478dd2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.handler/index.js @@ -0,0 +1,27 @@ +"use strict"; +/* eslint-disable no-console */ +Object.defineProperty(exports, "__esModule", { value: true }); +exports.handler = void 0; +const handler = async (event, _context = {}) => { + const authToken = event.authorizationToken; + console.log(`event.authorizationToken = ${authToken}`); + if (authToken === 'allow' || authToken === 'deny') { + return { + principalId: 'user', + policyDocument: { + Version: '2012-10-17', + Statement: [ + { + Action: 'execute-api:Invoke', + Effect: authToken, + Resource: event.methodArn, + }, + ], + }, + }; + } + else { + throw new Error('Unauthorized'); + } +}; +exports.handler = handler; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts deleted file mode 100644 index 8795919cf34fc..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.d.ts +++ /dev/null @@ -1 +0,0 @@ -export declare const handler: (event: any, _context?: any) => Promise; diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js deleted file mode 100644 index 556121224d713..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.js +++ /dev/null @@ -1,28 +0,0 @@ -"use strict"; -/* eslint-disable no-console */ -Object.defineProperty(exports, "__esModule", { value: true }); -exports.handler = void 0; -const handler = async (event, _context = {}) => { - const authToken = event.authorizationToken; - console.log(`event.authorizationToken = ${authToken}`); - if (authToken === 'allow' || authToken === 'deny') { - return { - principalId: 'user', - policyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: authToken, - Resource: event.methodArn, - }, - ], - }, - }; - } - else { - throw new Error('Unauthorized'); - } -}; -exports.handler = handler; -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsK0JBQStCOzs7QUFFeEIsTUFBTSxPQUFPLEdBQUcsS0FBSyxFQUFFLEtBQVUsRUFBRSxXQUFnQixFQUFFLEVBQWdCLEVBQUU7SUFDNUUsTUFBTSxTQUFTLEdBQVcsS0FBSyxDQUFDLGtCQUFrQixDQUFDO0lBQ25ELE9BQU8sQ0FBQyxHQUFHLENBQUMsOEJBQThCLFNBQVMsRUFBRSxDQUFDLENBQUM7SUFDdkQsSUFBSSxTQUFTLEtBQUssT0FBTyxJQUFJLFNBQVMsS0FBSyxNQUFNLEVBQUU7UUFDakQsT0FBTztZQUNMLFdBQVcsRUFBRSxNQUFNO1lBQ25CLGNBQWMsRUFBRTtnQkFDZCxPQUFPLEVBQUUsWUFBWTtnQkFDckIsU0FBUyxFQUFFO29CQUNUO3dCQUNFLE1BQU0sRUFBRSxvQkFBb0I7d0JBQzVCLE1BQU0sRUFBRSxTQUFTO3dCQUNqQixRQUFRLEVBQUUsS0FBSyxDQUFDLFNBQVM7cUJBQzFCO2lCQUNGO2FBQ0Y7U0FDRixDQUFDO0tBQ0g7U0FBTTtRQUNMLE1BQU0sSUFBSSxLQUFLLENBQUMsY0FBYyxDQUFDLENBQUM7S0FDakM7QUFDSCxDQUFDLENBQUM7QUFwQlcsUUFBQSxPQUFPLFdBb0JsQiIsInNvdXJjZXNDb250ZW50IjpbIi8qIGVzbGludC1kaXNhYmxlIG5vLWNvbnNvbGUgKi9cblxuZXhwb3J0IGNvbnN0IGhhbmRsZXIgPSBhc3luYyAoZXZlbnQ6IGFueSwgX2NvbnRleHQ6IGFueSA9IHt9KTogUHJvbWlzZTxhbnk+ID0+IHtcbiAgY29uc3QgYXV0aFRva2VuOiBzdHJpbmcgPSBldmVudC5hdXRob3JpemF0aW9uVG9rZW47XG4gIGNvbnNvbGUubG9nKGBldmVudC5hdXRob3JpemF0aW9uVG9rZW4gPSAke2F1dGhUb2tlbn1gKTtcbiAgaWYgKGF1dGhUb2tlbiA9PT0gJ2FsbG93JyB8fCBhdXRoVG9rZW4gPT09ICdkZW55Jykge1xuICAgIHJldHVybiB7XG4gICAgICBwcmluY2lwYWxJZDogJ3VzZXInLFxuICAgICAgcG9saWN5RG9jdW1lbnQ6IHtcbiAgICAgICAgVmVyc2lvbjogJzIwMTItMTAtMTcnLFxuICAgICAgICBTdGF0ZW1lbnQ6IFtcbiAgICAgICAgICB7XG4gICAgICAgICAgICBBY3Rpb246ICdleGVjdXRlLWFwaTpJbnZva2UnLFxuICAgICAgICAgICAgRWZmZWN0OiBhdXRoVG9rZW4sXG4gICAgICAgICAgICBSZXNvdXJjZTogZXZlbnQubWV0aG9kQXJuLFxuICAgICAgICAgIH0sXG4gICAgICAgIF0sXG4gICAgICB9LFxuICAgIH07XG4gIH0gZWxzZSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKCdVbmF1dGhvcml6ZWQnKTtcbiAgfVxufTsiXX0= \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts deleted file mode 100644 index afedb7efe3311..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/asset.867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.handler/index.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* eslint-disable no-console */ - -export const handler = async (event: any, _context: any = {}): Promise => { - const authToken: string = event.authorizationToken; - console.log(`event.authorizationToken = ${authToken}`); - if (authToken === 'allow' || authToken === 'deny') { - return { - principalId: 'user', - policyDocument: { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: authToken, - Resource: event.methodArn, - }, - ], - }, - }; - } else { - throw new Error('Unauthorized'); - } -}; \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/cdk.out index 2313ab5436501..c6e612584e352 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"34.0.0"} \ No newline at end of file +{"version":"38.0.1"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/integ.json index 8ee9159e80ace..aeaa05231820f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "38.0.1", "testCases": { "integ.user-pool": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/manifest.json index 85761c96e101e..b5cc401e2e3b9 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "34.0.0", + "version": "38.0.1", "artifacts": { "AuthorizerInteg.assets": { "type": "cdk:asset-manifest", @@ -16,9 +16,10 @@ "templateFile": "AuthorizerInteg.template.json", "terminationProtection": false, "validateOnSynth": false, + "notificationArns": [], "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/8e1b12f5d12c6de951105961b92d6c971a32d4cbbc394e1542bcbedf77450978.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/88d5ad156d2cbb044227b4188a274f0800e0bfd4c8564e1eb29c296b68081937.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -142,6 +143,18 @@ "data": "RouteA67450D2" } ], + "/AuthorizerInteg/AuthorizerId": [ + { + "type": "aws:cdk:logicalId", + "data": "AuthorizerId" + } + ], + "/AuthorizerInteg/AuthorizationType": [ + { + "type": "aws:cdk:logicalId", + "data": "AuthorizationType" + } + ], "/AuthorizerInteg/BootstrapVersion": [ { "type": "aws:cdk:logicalId", diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/tree.json index 23f942bfe3fdc..2a81c2370548b 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.js.snapshot/tree.json @@ -233,7 +233,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpStage", "version": "0.0.0" } }, @@ -271,7 +271,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpIntegration", "version": "0.0.0" } }, @@ -354,7 +354,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpRoute", "version": "0.0.0" } }, @@ -407,13 +407,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpAuthorizer", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpApi", "version": "0.0.0" } }, @@ -460,7 +460,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpStage", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpStage", "version": "0.0.0" } }, @@ -513,13 +513,13 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpAuthorizer", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpAuthorizer", "version": "0.0.0" } } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpApi", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpApi", "version": "0.0.0" } }, @@ -620,7 +620,7 @@ "s3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "s3Key": "867837e91f97aaf9c29d20a4fea18e3f520bb65d84e9bb59ec84058226225ffc.zip" + "s3Key": "305ef816d469be820f1dbbfee876dd1758bf6733bee4d3dba76995a755ac145a.zip" }, "handler": "index.handler", "role": { @@ -677,7 +677,7 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpIntegration", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpIntegration", "version": "0.0.0" } }, @@ -764,7 +764,23 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-apigatewayv2-alpha.HttpRoute", + "fqn": "aws-cdk-lib.aws_apigatewayv2.HttpRoute", + "version": "0.0.0" + } + }, + "AuthorizerId": { + "id": "AuthorizerId", + "path": "AuthorizerInteg/AuthorizerId", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", + "version": "0.0.0" + } + }, + "AuthorizationType": { + "id": "AuthorizationType", + "path": "AuthorizerInteg/AuthorizationType", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnOutput", "version": "0.0.0" } }, @@ -795,7 +811,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.2.70" + "version": "10.3.0" } } }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.ts index 8e193d3215326..2d50932e54d7e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2-authorizers/test/http/integ.user-pool.ts @@ -3,7 +3,7 @@ import { HttpApi, HttpMethod, HttpRoute, HttpRouteKey } from 'aws-cdk-lib/aws-ap import { HttpLambdaIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations'; import * as cognito from 'aws-cdk-lib/aws-cognito'; import * as lambda from 'aws-cdk-lib/aws-lambda'; -import { App, Stack } from 'aws-cdk-lib'; +import { App, Stack, CfnOutput } from 'aws-cdk-lib'; import { HttpUserPoolAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers'; /* @@ -45,4 +45,11 @@ new HttpRoute(stack, 'Route', { httpApi: httpApiWithDefaultAuthorizer, routeKey: HttpRouteKey.with('/v1/mything/{proxy+}', HttpMethod.ANY), integration: new HttpLambdaIntegration('RootIntegration', handler), -}); \ No newline at end of file +}); + +new CfnOutput(stack, 'AuthorizerId', { + value: authorizer.authorizerId, +}); +new CfnOutput(stack, 'AuthorizationType', { + value: authorizer.authorizationType, +}); diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/README.md b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/README.md index a633d395ce08a..6abf58aca682f 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/README.md +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/README.md @@ -306,3 +306,50 @@ import software.amazon.awscdk.aws_apigatewayv2_authorizers.*; // If you want to import a specific construct import software.amazon.awscdk.aws_apigatewayv2_authorizers.WebSocketIamAuthorizer; ``` + +## Export HTTP Authorizer Id +You can retrieve the authorizer's id once it has been bound to a route to export the value. + +`HttpAuthorizer.fromHttpAuthorizerAttributes` + +```ts +import { HttpLambdaAuthorizer, HttpLambdaResponseType } from 'aws-cdk-lib/aws-apigatewayv2-authorizers'; +import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations'; +import { CfnOutput } from 'aws-cdk-lib'; + +// This function handles your auth logic +declare const authHandler: lambda.Function; + +const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', authHandler, { + responseTypes: [HttpLambdaResponseType.SIMPLE], // Define if returns simple and/or iam response +}); + +const api = new apigwv2.HttpApi(this, 'HttpApi'); + +api.addRoutes({ + integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'), + path: '/books', + authorizer, +}); + +// You can only access authorizerId after it's been bound to a route +// In this example we expect use CfnOutput +new CfnOutput(this, 'authorizerId', { value: authorizer.authorizerId }); +new CfnOutput(this, 'authorizerType', { value: authorizer.authorizationType }); +``` + +## Import an existing HTTP Authorizer +If you want to import av existing HTTP Authorizer you simply provide the authorizer id and authorizer type used when the authorizer was created. + +```ts +import { HttpAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2'; +import { Fn } from 'aws-cdk-lib' + +const authorizerId = Fn.importValue('authorizerId'); +const authorizerType = Fn.importValue('authorizerType'); + +const authorizer = HttpAuthorizer.fromHttpAuthorizerAttributes(this, 'HttpAuthorizer', { + authorizerId, + authorizerType +}); +``` \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.ts index a8114badf9dca..da6b21936422c 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.ts @@ -9,9 +9,13 @@ import { * Authorize HTTP API Routes with IAM */ export class HttpIamAuthorizer implements IHttpRouteAuthorizer { + /** + * The authorizationType used for IAM Authorizer + */ + public readonly authorizationType = HttpAuthorizerType.IAM; public bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { return { - authorizationType: HttpAuthorizerType.IAM, + authorizationType: this.authorizationType, }; } } \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts index ea5ada879a754..4f1e382f909e9 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts @@ -37,6 +37,10 @@ export interface HttpJwtAuthorizerProps { */ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer { private authorizer?: HttpAuthorizer; + /** + * The authorizationType used for JWT Authorizer + */ + public readonly authorizationType = 'JWT'; /** * Initialize a JWT authorizer to be bound with HTTP route. @@ -50,6 +54,18 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer { private readonly props: HttpJwtAuthorizerProps) { } + /** + * Return the id of the authorizer if it's been constructed + */ + public get authorizerId(): string { + if (!this.authorizer) { + throw new Error( + 'Cannot access authorizerId until authorizer is attached to a HttpRoute', + ); + } + return this.authorizer.authorizerId; + } + public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { if (!this.authorizer) { this.authorizer = new HttpAuthorizer(options.scope, this.id, { @@ -64,7 +80,7 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer { return { authorizerId: this.authorizer.authorizerId, - authorizationType: 'JWT', + authorizationType: this.authorizationType, }; } } \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts index 446a178b3de82..68b8ba4cf938a 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts @@ -68,6 +68,11 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { private authorizer?: HttpAuthorizer; private httpApi?: IHttpApi; + /** + * The authorizationType used for Lambda Authorizer + */ + public readonly authorizationType = 'CUSTOM'; + /** * Initialize a lambda authorizer to be bound with HTTP route. * @param id The id of the underlying construct @@ -80,6 +85,18 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { private readonly props: HttpLambdaAuthorizerProps = {}) { } + /** + * Return the id of the authorizer if it's been constructed + */ + public get authorizerId(): string { + if (!this.authorizer) { + throw new Error( + 'Cannot access authorizerId until authorizer is attached to a HttpRoute', + ); + } + return this.authorizer.authorizerId; + } + public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { if (this.httpApi && (this.httpApi.apiId !== options.route.httpApi.apiId)) { throw new Error('Cannot attach the same authorizer to multiple Apis'); @@ -116,7 +133,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { return { authorizerId: this.authorizer.authorizerId, - authorizationType: 'CUSTOM', + authorizationType: this.authorizationType, }; } } diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts index 02752f9964b90..123a3df1ad294 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts @@ -38,7 +38,10 @@ export interface HttpUserPoolAuthorizerProps { */ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer { private authorizer?: HttpAuthorizer; - + /** + * The authorizationType used for UserPool Authorizer + */ + public readonly authorizationType = 'JWT'; /** * Initialize a Cognito user pool authorizer to be bound with HTTP route. * @param id The id of the underlying construct @@ -51,6 +54,18 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer { private readonly props: HttpUserPoolAuthorizerProps = {}) { } + /** + * Return the id of the authorizer if it's been constructed + */ + public get authorizerId(): string { + if (!this.authorizer) { + throw new Error( + 'Cannot access authorizerId until authorizer is attached to a HttpRoute', + ); + } + return this.authorizer.authorizerId; + } + public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { if (!this.authorizer) { const region = this.props.userPoolRegion ?? Stack.of(options.scope).region; @@ -68,7 +83,7 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer { return { authorizerId: this.authorizer.authorizerId, - authorizationType: 'JWT', + authorizationType: this.authorizationType, }; } } diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/jwt.test.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/jwt.test.ts index 34a34c8f68313..1b12c69ae6b1e 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/jwt.test.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/jwt.test.ts @@ -57,4 +57,37 @@ describe('HttpJwtAuthorizer', () => { // THEN Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Authorizer', 1); }); + + test('should expose authorizer id after authorizer has been bound to route', () => { + // GIVEN + const stack = new Stack(); + const api = new HttpApi(stack, 'HttpApi'); + const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', 'https://test.us.auth0.com', { + jwtAudience: ['3131231'], + }); + + // WHEN + api.addRoutes({ + integration: new DummyRouteIntegration(), + path: '/books', + authorizer, + }); + + // THEN + expect(authorizer.authorizerId).toBeDefined(); + }); + + test('should throw error when acessing authorizer before it been bound to route', () => { + // GIVEN + const stack = new Stack(); + const t = () => { + const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', 'https://test.us.auth0.com', { + jwtAudience: ['3131231'], + }); + const authorizerId = authorizer.authorizerId; + }; + + // THEN + expect(t).toThrow(Error); + }); }); diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/lambda.test.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/lambda.test.ts index feb26e26a5159..3d48426c81834 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/lambda.test.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/lambda.test.ts @@ -158,4 +158,47 @@ describe('HttpLambdaAuthorizer', () => { AuthorizerResultTtlInSeconds: 600, }); }); + + test('should expose authorizer id after authorizer has been bound to route', () => { + // GIVEN + const stack = new Stack(); + const api = new HttpApi(stack, 'HttpApi'); + + const handler = new Function(stack, 'auth-function', { + runtime: lambda.Runtime.NODEJS_LATEST, + code: Code.fromInline('exports.handler = () => {return true}'), + handler: 'index.handler', + }); + + const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler); + + // WHEN + api.addRoutes({ + integration: new DummyRouteIntegration(), + path: '/books', + authorizer, + }); + + // THEN + expect(authorizer.authorizerId).toBeDefined(); + }); + + test('should throw error when acessing authorizer before it been bound to route', () => { + // GIVEN + const stack = new Stack(); + + const handler = new Function(stack, 'auth-function', { + runtime: lambda.Runtime.NODEJS_LATEST, + code: Code.fromInline('exports.handler = () => {return true}'), + handler: 'index.handler', + }); + + const t = () => { + const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', handler); + const authorizerId = authorizer.authorizerId; + }; + + // THEN + expect(t).toThrow(Error); + }); }); diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/user-pool.test.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/user-pool.test.ts index 4f99aa908e1f9..d5155d969bbf6 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/user-pool.test.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/test/http/user-pool.test.ts @@ -103,4 +103,44 @@ describe('HttpUserPoolAuthorizer', () => { }, }); }); + + test('should expose authorizer id after authorizer has been bound to route', () => { + // GIVEN + const stack = new Stack(); + const api = new HttpApi(stack, 'HttpApi'); + const userPool = new UserPool(stack, 'UserPool'); + const userPoolClient1 = userPool.addClient('UserPoolClient1'); + const userPoolClient2 = userPool.addClient('UserPoolClient2'); + const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool, { + userPoolClients: [userPoolClient1, userPoolClient2], + }); + + // WHEN + api.addRoutes({ + integration: new DummyRouteIntegration(), + path: '/books', + authorizer, + }); + + // THEN + expect(authorizer.authorizerId).toBeDefined(); + }); + + test('should throw error when acessing authorizer before it been bound to route', () => { + // GIVEN + const stack = new Stack(); + const userPool = new UserPool(stack, 'UserPool'); + const userPoolClient1 = userPool.addClient('UserPoolClient1'); + const userPoolClient2 = userPool.addClient('UserPoolClient2'); + + const t = () => { + const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool, { + userPoolClients: [userPoolClient1, userPoolClient2], + }); + const authorizerId = authorizer.authorizerId; + }; + + // THEN + expect(t).toThrow(Error); + }); }); diff --git a/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/authorizer.ts b/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/authorizer.ts index ab8a7a060d641..0221a11c1dfea 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/authorizer.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2/lib/http/authorizer.ts @@ -257,9 +257,14 @@ function undefinedIfNoKeys(obj: A): A | un * Explicitly configure no authorizers on specific HTTP API routes. */ export class HttpNoneAuthorizer implements IHttpRouteAuthorizer { + /** + * The authorizationType used for IAM Authorizer + */ + public readonly authorizationType = 'NONE'; public bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { return { - authorizationType: 'NONE', + authorizationType: this.authorizationType, }; } } +