WIP: add getMethodAuthorization method

vlewin · vlewin · commit ebaf2fd69c4d · 2018-07-11T23:17:12.000+02:00
diff --git a/lib/deploy/events/apiGateway/authorizers.js b/lib/deploy/events/apiGateway/authorizers.js
@@ -6,7 +6,11 @@ const awsArnRegExs = require('../../../utils/arnRegularExpressions');
 
 module.exports = {
   compileAuthorizers() {
+    console.log("*** compileAuthorizers")
     this.pluginhttpValidated.events.forEach((event) => {
+      console.log(event)
+
+
       if (event.http.authorizer && event.http.authorizer.arn) {
         const authorizer = event.http.authorizer;
         const authorizerProperties = {
diff --git a/lib/deploy/events/apiGateway/methods.js b/lib/deploy/events/apiGateway/methods.js
@@ -2,6 +2,8 @@
 
 const BbPromise = require('bluebird');
 const _ = require('lodash');
+const awsArnRegExs = require('../../../utils/arnRegularExpressions');
+
 
 module.exports = {
 
@@ -17,7 +19,7 @@ module.exports = {
         Properties: {
           HttpMethod: event.http.method.toUpperCase(),
           RequestParameters: {},
-          AuthorizationType: 'NONE',
+          AuthorizationType: 'CUSTOM',
           ApiKeyRequired: Boolean(event.http.private),
           ResourceId: resourceId,
           RestApiId: this.provider.getApiGatewayRestApiId(),
@@ -26,7 +28,8 @@ module.exports = {
 
       _.merge(template,
         this.getMethodIntegration(event.stateMachineName, stateMachineObj, event.http),
-        this.getMethodResponses(event.http)
+        this.getMethodResponses(event.http),
+        this.getMethodAuthorization(event.http)
       );
 
       const methodLogicalId = this.provider.naming
@@ -179,4 +182,64 @@ module.exports = {
 
     return methodResponse;
   },
+
+  getMethodAuthorization(http) {
+    console.log('*** http')
+    console.log(http)
+    if (_.get(http, 'authorizer.type') === 'AWS_IAM') {
+      return {
+        Properties: {
+          AuthorizationType: 'AWS_IAM',
+        },
+      };
+    }
+
+    if (http.authorizer) {
+      if (http.authorizer.type && http.authorizer.authorizerId) {
+        return {
+          Properties: {
+            AuthorizationType: http.authorizer.type,
+            AuthorizerId: http.authorizer.authorizerId,
+          },
+        };
+      }
+      // if (http.authorizer && awsArnRegExs.lambdaArnExpr.test(http.authorizer)) {
+      if (http.authorizer && typeof(http.authorizer) === 'string') {
+        return {
+          Properties: {
+            AuthorizationType: 'CUSTOM',
+            AuthorizerId: http.authorizer,
+            ApiKeyRequired: true,
+            // AuthorizerId: { Ref: http.authorizer } ,
+          },
+        };
+      }
+
+      const authorizerLogicalId = this.provider.naming
+        .getAuthorizerLogicalId(http.authorizer.name);
+
+      let authorizationType;
+      const authorizerArn = http.authorizer.arn;
+      if (typeof authorizerArn === 'string'
+        && awsArnRegExs.cognitoIdpArnExpr.test(authorizerArn)) {
+        authorizationType = 'COGNITO_USER_POOLS';
+      } else {
+        authorizationType = 'CUSTOM';
+      }
+
+      return {
+        Properties: {
+          AuthorizationType: authorizationType,
+          AuthorizerId: { Ref: authorizerLogicalId },
+        },
+        DependsOn: authorizerLogicalId,
+      };
+    }
+
+    return {
+      Properties: {
+        AuthorizationType: 'NONE',
+      },
+    };
+  },
 };
