From af635d23267c9f7d9dcc55be0a4f527f109c45a4 Mon Sep 17 00:00:00 2001 From: Aayush Thapa Date: Mon, 18 Mar 2024 14:30:11 -0700 Subject: [PATCH 1/3] fix dip --- samtranslator/model/apigatewayv2.py | 9 ++++- ...tp_api_with_invalid_jwt_configuration.yaml | 37 +++++++++++++++++++ ...tp_api_with_invalid_jwt_configuration.json | 9 +++++ 3 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 tests/translator/input/error_http_api_with_invalid_jwt_configuration.yaml create mode 100644 tests/translator/output/error_http_api_with_invalid_jwt_configuration.json diff --git a/samtranslator/model/apigatewayv2.py b/samtranslator/model/apigatewayv2.py index c5cae3ea7..d7599ea4a 100644 --- a/samtranslator/model/apigatewayv2.py +++ b/samtranslator/model/apigatewayv2.py @@ -129,7 +129,9 @@ def __init__( # type: ignore[no-untyped-def] # noqa: PLR0913 self.api_logical_id = api_logical_id self.name = name self.authorization_scopes = authorization_scopes - self.jwt_configuration: Optional[JwtConfiguration] = self._get_jwt_configuration(jwt_configuration) + self.jwt_configuration: Optional[JwtConfiguration] = self._get_jwt_configuration( + jwt_configuration, api_logical_id + ) self.id_source = id_source self.function_arn = function_arn self.function_invoke_role = function_invoke_role @@ -344,7 +346,9 @@ def _get_identity_source(self, auth_identity: Dict[str, Any]) -> List[str]: return identity_source @staticmethod - def _get_jwt_configuration(props: Optional[Dict[str, Union[str, List[str]]]]) -> Optional[JwtConfiguration]: + def _get_jwt_configuration( + props: Optional[Dict[str, Union[str, List[str]]]], logical_id: str + ) -> Optional[JwtConfiguration]: """Make sure that JWT configuration dict keys are lower case. ApiGatewayV2Authorizer doesn't create `AWS::ApiGatewayV2::Authorizer` but generates @@ -368,4 +372,5 @@ def _get_jwt_configuration(props: Optional[Dict[str, Union[str, List[str]]]]) -> """ if not props: return None + sam_expect(props, logical_id, "JwtConfiguration").to_be_a_map() return {k.lower(): v for k, v in props.items()} diff --git a/tests/translator/input/error_http_api_with_invalid_jwt_configuration.yaml b/tests/translator/input/error_http_api_with_invalid_jwt_configuration.yaml new file mode 100644 index 000000000..8e28a8a91 --- /dev/null +++ b/tests/translator/input/error_http_api_with_invalid_jwt_configuration.yaml @@ -0,0 +1,37 @@ +Resources: + MyApi: + Type: AWS::Serverless::HttpApi + Properties: + Tags: + Tag1: value1 + Tag2: value2 + Auth: + Authorizers: + MyLambdaAuth: + FunctionArn: + Fn::GetAtt: + - MyAuthFn + - Arn + FunctionInvokeRole: + Fn::GetAtt: + - MyAuthFnRole + - Arn + Identity: + Context: + - contextVar + Headers: + - Authorization + QueryStrings: + - petId + StageVariables: + - stageVar + ReauthorizeEvery: 23 + EnableSimpleResponses: true + AuthorizerPayloadFormatVersion: 2.0 + MyOAuth2Auth: + AuthorizationScopes: + - scope4 + JwtConfiguration: + - issuer: https://openid-connect.onelogin.com/oidc + IdentitySource: $request.querystring.param + DefaultAuthorizer: MyOAuth2Auth diff --git a/tests/translator/output/error_http_api_with_invalid_jwt_configuration.json b/tests/translator/output/error_http_api_with_invalid_jwt_configuration.json new file mode 100644 index 000000000..b8b629d18 --- /dev/null +++ b/tests/translator/output/error_http_api_with_invalid_jwt_configuration.json @@ -0,0 +1,9 @@ +{ + "_autoGeneratedBreakdownErrorMessage": [ + "Invalid Serverless Application Specification document. ", + "Number of errors found: 1. ", + "Resource with id [MyApi] is invalid. ", + "Property 'JwtConfiguration' should be a map." + ], + "errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [MyApi] is invalid. Property 'JwtConfiguration' should be a map." +} From 3102064a63e2e7da7880d8d5935935f249b230b3 Mon Sep 17 00:00:00 2001 From: Aayush Thapa Date: Mon, 18 Mar 2024 15:28:34 -0700 Subject: [PATCH 2/3] add comment --- samtranslator/model/apigatewayv2.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samtranslator/model/apigatewayv2.py b/samtranslator/model/apigatewayv2.py index d7599ea4a..7fc681cf2 100644 --- a/samtranslator/model/apigatewayv2.py +++ b/samtranslator/model/apigatewayv2.py @@ -363,8 +363,8 @@ def _get_jwt_configuration( Parameters ---------- - props - jwt configuration dict with the keys either lower case or capitalized + props: jwt configuration dict with the keys either lower case or capitalized + logical_id: logical id of the Serverless Api resource with the jwt configuration Returns ------- From a1be7554a8779449ee14cfb6b1dd707581d33ef0 Mon Sep 17 00:00:00 2001 From: Aayush Thapa Date: Mon, 18 Mar 2024 15:29:28 -0700 Subject: [PATCH 3/3] fix name --- samtranslator/model/apigatewayv2.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/samtranslator/model/apigatewayv2.py b/samtranslator/model/apigatewayv2.py index 7fc681cf2..abed87dbe 100644 --- a/samtranslator/model/apigatewayv2.py +++ b/samtranslator/model/apigatewayv2.py @@ -347,7 +347,7 @@ def _get_identity_source(self, auth_identity: Dict[str, Any]) -> List[str]: @staticmethod def _get_jwt_configuration( - props: Optional[Dict[str, Union[str, List[str]]]], logical_id: str + props: Optional[Dict[str, Union[str, List[str]]]], api_logical_id: str ) -> Optional[JwtConfiguration]: """Make sure that JWT configuration dict keys are lower case. @@ -364,7 +364,7 @@ def _get_jwt_configuration( Parameters ---------- props: jwt configuration dict with the keys either lower case or capitalized - logical_id: logical id of the Serverless Api resource with the jwt configuration + api_logical_id: logical id of the Serverless Api resource with the jwt configuration Returns ------- @@ -372,5 +372,5 @@ def _get_jwt_configuration( """ if not props: return None - sam_expect(props, logical_id, "JwtConfiguration").to_be_a_map() + sam_expect(props, api_logical_id, "JwtConfiguration").to_be_a_map() return {k.lower(): v for k, v in props.items()}