UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

61 lines (52 loc) 2.03 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import * as path from 'path'; import * as lambda from '../../../aws-lambda'; import { App, Stack } from '../../../core'; import { MockIntegration, PassthroughBehavior, RestApi, RequestAuthorizer, IdentitySource } from '../../lib'; // Against the RestApi endpoint from the stack output, run // `curl -s -o /dev/null -w "%{http_code}" <url>` should return 401 // `curl -s -o /dev/null -w "%{http_code}" -H 'Authorization: deny' <url>?allow=yes` should return 403 // `curl -s -o /dev/null -w "%{http_code}" -H 'Authorization: allow' <url>?allow=yes` should return 200 const app = new App(); const stack = new Stack(app, 'RequestAuthorizerInteg'); const authorizerFn = new lambda.Function(stack, 'MyAuthorizerFunction', { runtime: lambda.Runtime.NODEJS_14_X, handler: 'index.handler', code: lambda.AssetCode.fromAsset(path.join(__dirname, 'integ.request-authorizer.handler')), }); const restapi = new RestApi(stack, 'MyRestApi', { cloudWatchRole: true }); const authorizer = new RequestAuthorizer(stack, 'MyAuthorizer', { handler: authorizerFn, identitySources: [IdentitySource.header('Authorization'), IdentitySource.queryString('allow')], }); const secondAuthorizer = new RequestAuthorizer(stack, 'MySecondAuthorizer', { handler: authorizerFn, identitySources: [IdentitySource.header('Authorization'), IdentitySource.queryString('allow')], }); restapi.root.addMethod('ANY', new MockIntegration({ integrationResponses: [ { statusCode: '200' }, ], passthroughBehavior: PassthroughBehavior.NEVER, requestTemplates: { 'application/json': '{ "statusCode": 200 }', }, }), { methodResponses: [ { statusCode: '200' }, ], authorizer, }); restapi.root.resourceForPath('auth').addMethod('ANY', new MockIntegration({ integrationResponses: [ { statusCode: '200' }, ], passthroughBehavior: PassthroughBehavior.NEVER, requestTemplates: { 'application/json': '{ "statusCode": 200 }', }, }), { methodResponses: [ { statusCode: '200' }, ], authorizer: secondAuthorizer, });