@bitblit/epsilon
Version:
Tiny adapter to simplify building API gateway Lambda APIS
370 lines • 20.8 kB
JavaScript
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
var __spreadArrays = (this && this.__spreadArrays) || function () {
for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;
for (var r = Array(s), k = 0, i = 0; i < il; i++)
for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)
r[k] = a[j];
return r;
};
Object.defineProperty(exports, "__esModule", { value: true });
var logger_1 = require("@bitblit/ratchet/dist/common/logger");
var Route = require("route-parser");
var unauthorized_error_1 = require("./error/unauthorized-error");
var forbidden_error_1 = require("./error/forbidden-error");
var misconfigured_error_1 = require("./error/misconfigured-error");
var bad_request_error_1 = require("./error/bad-request-error");
var response_util_1 = require("./response-util");
var event_util_1 = require("./event-util");
var map_ratchet_1 = require("@bitblit/ratchet/dist/common/map-ratchet");
var web_token_manipulator_util_1 = require("./auth/web-token-manipulator-util");
var promise_ratchet_1 = require("@bitblit/ratchet/dist/common/promise-ratchet");
var timeout_token_1 = require("@bitblit/ratchet/dist/common/timeout-token");
var request_timeout_error_1 = require("./error/request-timeout-error");
var require_ratchet_1 = require("@bitblit/ratchet/dist/common/require-ratchet");
/**
* This class functions as the adapter from a default lamda function to the handlers exposed via Epsilon
*/
var WebHandler = /** @class */ (function () {
function WebHandler(routerConfig) {
this.routerConfig = routerConfig;
require_ratchet_1.RequireRatchet.notNullOrUndefined(routerConfig);
}
WebHandler.prototype.lambdaHandler = function (event, context) {
return __awaiter(this, void 0, void 0, function () {
var rval, err_1, err_2, errProxy, errWithCORS;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
_a.trys.push([0, 5, , 10]);
rval = null;
if (!this.routerConfig) {
throw new Error('Router config not found');
}
// Make sure no params of the format amp;(param) are in the event
if (this.routerConfig.autoFixStillEncodedQueryParams) {
event_util_1.EventUtil.fixStillEncodedQueryParams(event);
}
if (!(!!this.routerConfig.apolloRegex && this.routerConfig.apolloRegex.test(event.path))) return [3 /*break*/, 2];
return [4 /*yield*/, this.apolloLambdaHandler(event, context)];
case 1:
rval = _a.sent();
return [3 /*break*/, 4];
case 2: return [4 /*yield*/, this.openApiLambdaHandler(event, context)];
case 3:
rval = _a.sent();
_a.label = 4;
case 4: return [2 /*return*/, rval];
case 5:
err_1 = _a.sent();
// Force the request id in there
err_1['requestId'] = context.awsRequestId || 'Request-Id-Missing';
if (!!err_1['statusCode']) return [3 /*break*/, 9];
_a.label = 6;
case 6:
_a.trys.push([6, 8, , 9]);
return [4 /*yield*/, this.routerConfig.errorProcessor(event, err_1, this.routerConfig)];
case 7:
_a.sent();
return [3 /*break*/, 9];
case 8:
err_2 = _a.sent();
logger_1.Logger.error('Really bad - your error processor has an error in it : %s', err_2, err_2);
return [3 /*break*/, 9];
case 9:
// Do this after the above code, since we want timeouts logged
if (err_1.message === 'Timeout') {
err_1['statusCode'] = 504; // Set as a gateway timeout
}
errProxy = response_util_1.ResponseUtil.errorToProxyResult(err_1, context.awsRequestId, this.routerConfig.defaultErrorMessage);
errWithCORS = this.addCors(errProxy, event);
logger_1.Logger.setTracePrefix(null); // Just in case it was set
return [2 /*return*/, errWithCORS];
case 10: return [2 /*return*/];
}
});
});
};
WebHandler.prototype.openApiLambdaHandler = function (event, context) {
return __awaiter(this, void 0, void 0, function () {
var handler, result, proxyResult, initSize, encodingHeader;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
handler = this.findHandler(event, context);
logger_1.Logger.debug('Processing event with epsilon: %j', event);
return [4 /*yield*/, handler];
case 1:
result = _a.sent();
if (result instanceof timeout_token_1.TimeoutToken) {
result.writeToLog();
throw new request_timeout_error_1.RequestTimeoutError('Timed out');
}
logger_1.Logger.debug('Initial return value : %j', result);
proxyResult = response_util_1.ResponseUtil.coerceToProxyResult(result);
initSize = proxyResult.body.length;
logger_1.Logger.silly('Proxy result : %j', proxyResult);
proxyResult = this.addCors(proxyResult, event);
logger_1.Logger.silly('CORS result : %j', proxyResult);
if (!!this.routerConfig.disableCompression) return [3 /*break*/, 3];
encodingHeader = event && event.headers ? map_ratchet_1.MapRatchet.extractValueFromMapIgnoreCase(event.headers, 'accept-encoding') : null;
return [4 /*yield*/, response_util_1.ResponseUtil.applyGzipIfPossible(encodingHeader, proxyResult)];
case 2:
proxyResult = _a.sent();
_a.label = 3;
case 3:
logger_1.Logger.setTracePrefix(null); // Just in case it was set
logger_1.Logger.debug('Pre-process: %d bytes, post: %d bytes', initSize, proxyResult.body.length);
return [2 /*return*/, proxyResult];
}
});
});
};
WebHandler.prototype.apolloLambdaHandler = function (event, context) {
return __awaiter(this, void 0, void 0, function () {
var _this = this;
return __generator(this, function (_a) {
logger_1.Logger.silly('Processing event with apollo: %j', event);
return [2 /*return*/, new Promise(function (res, rej) {
if (!_this.cacheApolloHandler) {
_this.cacheApolloHandler = _this.routerConfig.apolloServer.createHandler(_this.routerConfig.apolloCreateHandlerOptions);
}
try {
event.httpMethod = event.httpMethod.toUpperCase();
if (event.isBase64Encoded && !!event.body) {
event.body = Buffer.from(event.body, 'base64').toString();
}
_this.cacheApolloHandler(event, context, function (err, value) {
if (!!err) {
logger_1.Logger.error('Error when processing : %j : %s', event, err, err);
rej(err);
}
else {
res(value);
}
});
}
catch (err) {
logger_1.Logger.error('External catch fired for %j : %s : %s', event, err, err);
rej(err);
}
})];
});
});
};
// Public so it can be used in auth-web-handler
WebHandler.prototype.addCors = function (input, srcEvent) {
if (!this.routerConfig.disableCORS) {
response_util_1.ResponseUtil.addCORSToProxyResult(input, this.routerConfig, srcEvent);
}
return input;
};
WebHandler.prototype.findHandler = function (event, context, add404OnMissing) {
if (add404OnMissing === void 0) { add404OnMissing = true; }
return __awaiter(this, void 0, void 0, function () {
var rval, cleanPath, methodLower, matchRoutes, rm, passAuth, extEvent, passBodyValid;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
rval = null;
cleanPath = this.cleanPath(event);
methodLower = event.httpMethod.toLowerCase();
matchRoutes = this.routerConfig.routes
.map(function (r) {
var rval = null;
if (r.method && r.method.toLowerCase() === methodLower) {
var routeParser = new Route(r.path);
var parsed = routeParser.match(cleanPath);
if (parsed !== false) {
rval = {
mapping: r,
route: routeParser,
parsed: parsed
};
}
}
return rval;
})
.filter(function (r) { return r != null; });
// Pick the 'best' match
matchRoutes.sort(function (a, b) {
return Object.keys(a.parsed).length - Object.keys(b.parsed).length;
});
if (!(matchRoutes.length > 0)) return [3 /*break*/, 3];
rm = matchRoutes[0];
// We extend with the parsed params here in case we are using the AWS any proxy
event.pathParameters = Object.assign({}, event.pathParameters, rm.parsed);
return [4 /*yield*/, this.applyAuth(event, rm.mapping)];
case 1:
passAuth = _a.sent();
extEvent = this.extendApiGatewayEvent(event, rm.mapping);
return [4 /*yield*/, this.applyBodyObjectValidation(extEvent, rm.mapping)];
case 2:
passBodyValid = _a.sent();
rval = promise_ratchet_1.PromiseRatchet.timeout(rm.mapping.function(extEvent, context), 'Timed out after ' + rm.mapping.timeoutMS + ' ms', rm.mapping.timeoutMS);
_a.label = 3;
case 3:
if (!rval && add404OnMissing) {
logger_1.Logger.debug('Failed to find handler for %s (cleaned path was %s, strip prefixes were %j)', event.path, cleanPath, this.routerConfig.prefixesToStripBeforeRouteMatch);
rval = Promise.resolve(response_util_1.ResponseUtil.errorResponse(['No such endpoint'], 404, context.awsRequestId));
}
return [2 /*return*/, rval];
}
});
});
};
WebHandler.prototype.cleanPath = function (event) {
var rval = event.path;
// First, strip any leading /
while (rval.startsWith('/')) {
rval = rval.substring(1);
}
// If there are any listed prefixes, strip them
if (this.routerConfig.prefixesToStripBeforeRouteMatch) {
this.routerConfig.prefixesToStripBeforeRouteMatch.forEach(function (prefix) {
if (rval.toLowerCase().startsWith(prefix.toLowerCase() + '/')) {
rval = rval.substring(prefix.length);
}
});
}
// Strip any more leading /
while (rval.startsWith('/')) {
rval = rval.substring(1);
}
// Finally, put back exactly 1 leading / to match what comes out of open api
rval = '/' + rval;
return rval;
};
WebHandler.prototype.extendApiGatewayEvent = function (event, routeMap) {
var rval = Object.assign({}, event);
// Default all the key maps
if (!rval.queryStringParameters && !routeMap.disableQueryMapAssure) {
rval.queryStringParameters = {};
}
if (!rval.headers && !routeMap.disableHeaderMapAssure) {
rval.headers = {};
}
if (!rval.pathParameters && !routeMap.disablePathMapAssure) {
rval.pathParameters = {};
}
if (event.body && !routeMap.disableAutomaticBodyParse) {
rval.parsedBody = event_util_1.EventUtil.bodyObject(rval);
}
return rval;
};
WebHandler.prototype.applyBodyObjectValidation = function (event, route) {
return __awaiter(this, void 0, void 0, function () {
var rval, errors, newError;
return __generator(this, function (_a) {
if (!event || !route) {
throw new misconfigured_error_1.MisconfiguredError('Missing event or route');
}
rval = true;
if (route.validation) {
if (!this.routerConfig.modelValidator) {
throw new misconfigured_error_1.MisconfiguredError('Requested body validation but supplied no validator');
}
errors = this.routerConfig.modelValidator.validate(route.validation.modelName, event.parsedBody, route.validation.emptyAllowed, route.validation.extraPropertiesAllowed);
if (errors.length > 0) {
logger_1.Logger.info('Found errors while validating %s object %j', route.validation.modelName, errors);
newError = new (bad_request_error_1.BadRequestError.bind.apply(bad_request_error_1.BadRequestError, __spreadArrays([void 0], errors)))();
rval = false;
throw newError;
}
}
return [2 /*return*/, rval];
});
});
};
// Returns a failing proxy result if no auth, otherwise returns null
WebHandler.prototype.applyAuth = function (event, route) {
return __awaiter(this, void 0, void 0, function () {
var rval, token, authorizer, passes, newAuth;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!event || !route) {
throw new misconfigured_error_1.MisconfiguredError('Missing event or route');
}
rval = true;
if (!route.authorizerName) return [3 /*break*/, 5];
if (!this.routerConfig.webTokenManipulator) {
throw new misconfigured_error_1.MisconfiguredError('Auth is defined, but token manipulator not set');
}
return [4 /*yield*/, this.routerConfig.webTokenManipulator.extractTokenFromStandardEvent(event)];
case 1:
token = _a.sent();
if (!!token) return [3 /*break*/, 2];
logger_1.Logger.info('Failed auth for route : %s - missing/bad token', route.path);
rval = false; // Not that it matters
throw new unauthorized_error_1.UnauthorizedError('Missing or bad token');
case 2:
authorizer = this.routerConfig.authorizers.get(route.authorizerName);
if (!authorizer) {
throw new misconfigured_error_1.MisconfiguredError('Route requires authorizer ' + route.authorizerName + ' but its not in the config');
}
if (!authorizer) return [3 /*break*/, 4];
return [4 /*yield*/, authorizer(token, event, route)];
case 3:
passes = _a.sent();
if (!passes) {
rval = false;
throw new forbidden_error_1.ForbiddenError('Failed authorization');
}
_a.label = 4;
case 4:
if (rval) {
newAuth = Object.assign({}, event.requestContext.authorizer);
newAuth.userData = token;
newAuth.userDataJSON = token ? JSON.stringify(token) : null;
newAuth.srcData = web_token_manipulator_util_1.WebTokenManipulatorUtil.extractTokenStringFromStandardEvent(event);
event.requestContext.authorizer = newAuth;
}
else {
logger_1.Logger.debug('RouteAuth is %s, but no auth created : %j : %j', route.authorizerName, token, event);
}
_a.label = 5;
case 5: return [2 /*return*/, rval];
}
});
});
};
return WebHandler;
}());
exports.WebHandler = WebHandler;
//# sourceMappingURL=web-handler.js.map