Skip to content

Commit

Permalink
feat(cdk): Exposes authorizer id and authorization type
Browse files Browse the repository at this point in the history
  • Loading branch information
JonWallsten committed Oct 2, 2024
1 parent 0755561 commit ef489a3
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,10 @@ import {
* Authorize HTTP API Routes with IAM
*/
export class HttpIamAuthorizer implements IHttpRouteAuthorizer {
public readonly authorizationType = HttpAuthorizerType.IAM;
public bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
return {
authorizationType: HttpAuthorizerType.IAM,
authorizationType: this.authorizationType,
};
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ export interface HttpJwtAuthorizerProps {
*/
export class HttpJwtAuthorizer implements IHttpRouteAuthorizer {
private authorizer?: HttpAuthorizer;
public readonly authorizationType = "JWT";

/**
* Initialize a JWT authorizer to be bound with HTTP route.
Expand All @@ -50,6 +51,18 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer {
private readonly props: HttpJwtAuthorizerProps) {
}

/**
* Return the id of the authorizer if it's been constructed
*/
public get authorizerId(): string {
if (!this.authorizer) {
throw new Error(
"Cannot access authorizerId until authorizer is attached to a HttpRoute"
);
}
return this.authorizer.authorizerId;
}

public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
if (!this.authorizer) {
this.authorizer = new HttpAuthorizer(options.scope, this.id, {
Expand All @@ -64,7 +77,7 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer {

return {
authorizerId: this.authorizer.authorizerId,
authorizationType: 'JWT',
authorizationType: this.authorizationType,
};
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ export interface HttpLambdaAuthorizerProps {
export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {
private authorizer?: HttpAuthorizer;
private httpApi?: IHttpApi;

public readonly authorizationType = "CUSTOM";
/**
* Initialize a lambda authorizer to be bound with HTTP route.
* @param id The id of the underlying construct
Expand All @@ -80,6 +80,18 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {
private readonly props: HttpLambdaAuthorizerProps = {}) {
}

/**
* Return the id of the authorizer if it's been constructed
*/
public get authorizerId(): string {
if (!this.authorizer) {
throw new Error(
"Cannot access authorizerId until authorizer is attached to a HttpRoute"
);
}
return this.authorizer.authorizerId;
}

public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
if (this.httpApi && (this.httpApi.apiId !== options.route.httpApi.apiId)) {
throw new Error('Cannot attach the same authorizer to multiple Apis');
Expand Down Expand Up @@ -116,7 +128,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {

return {
authorizerId: this.authorizer.authorizerId,
authorizationType: 'CUSTOM',
authorizationType: this.authorizationType,
};
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ export interface HttpUserPoolAuthorizerProps {
*/
export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer {
private authorizer?: HttpAuthorizer;

public readonly authorizationType = "JWT";
/**
* Initialize a Cognito user pool authorizer to be bound with HTTP route.
* @param id The id of the underlying construct
Expand All @@ -51,6 +51,18 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer {
private readonly props: HttpUserPoolAuthorizerProps = {}) {
}

/**
* Return the id of the authorizer if it's been constructed
*/
public get authorizerId(): string {
if (!this.authorizer) {
throw new Error(
"Cannot access authorizerId until authorizer is attached to a HttpRoute"
);
}
return this.authorizer.authorizerId;
}

public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
if (!this.authorizer) {
const region = this.props.userPoolRegion ?? Stack.of(options.scope).region;
Expand All @@ -68,7 +80,7 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer {

return {
authorizerId: this.authorizer.authorizerId,
authorizationType: 'JWT',
authorizationType: this.authorizationType,
};
}
}
4 changes: 3 additions & 1 deletion packages/aws-cdk-lib/aws-apigatewayv2/lib/http/authorizer.ts
Original file line number Diff line number Diff line change
Expand Up @@ -257,9 +257,11 @@ function undefinedIfNoKeys<A extends { [key: string]: unknown }>(obj: A): A | un
* Explicitly configure no authorizers on specific HTTP API routes.
*/
export class HttpNoneAuthorizer implements IHttpRouteAuthorizer {
public readonly authorizationType = "NONE";
public bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
return {
authorizationType: 'NONE',
authorizationType: this.authorizationType,
};
}
}

0 comments on commit ef489a3

Please sign in to comment.