UNPKG

serverless-global-authorizer

Version:

Serverless framework plugin which allows to configure API Gateway authorizer globally and applies it for all http/httpApi lambda function events

github.com/Unh3ck3d/serverless-global-authorizer

Unh3ck3d/serverless-global-authorizer

116 lines (93 loc) 3.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
import * as Serverless from 'serverless'; import { ServerlessGlobalAuthorizerError } from './serverless-global-authorizer-error'; import Aws from 'serverless/aws'; import { defineServerlessSchema } from './define-serverless-schema'; type ApiGatewayEvent = (Aws.Http | Aws.HttpApiEvent) & { globalAuthorizerEnabled?: unknown }; class ServerlessGlobalAuthorizerPlugin { public hooks = { 'before:package:initialize': this.init.bind(this), }; public constructor(private serverless: Serverless) { serverless.getProvider('aws'); defineServerlessSchema(serverless); } public init() { (this.serverless.service.getAllFunctions() || []).forEach(this.processFunction.bind(this)); } private processFunction(functionName: string) { (this.serverless.service.getAllEventsInFunction(functionName) || []).forEach( this.processEvent.bind(this), ); } private processEvent(event: Serverless.Event) { if ( 'http' in event && event.http && event.http.authorizer === undefined && ServerlessGlobalAuthorizerPlugin.isGlobalAuthorizerEnabledAtEventLevel(event.http) ) { event.http = this.applyRestApiAuthorizer(event.http); } else if ( 'httpApi' in event && event.httpApi && event.httpApi.authorizer === undefined && ServerlessGlobalAuthorizerPlugin.isGlobalAuthorizerEnabledAtEventLevel(event.httpApi) ) { event.httpApi = this.applyHttpApiAuthorizer(event.httpApi); } } private applyRestApiAuthorizer(event: Aws.Http | string): Aws.Http { // if event specified in shorthand syntax if (typeof event === 'string') { const [method, path] = event.split(' '); event = { method, path }; } event.authorizer = this.getRestApiAuthorizerConfig(); return event; } private applyHttpApiAuthorizer(event: Aws.HttpApiEvent | string): Aws.HttpApiEvent { // if event specified in shorthand syntax if (typeof event === 'string') { // if default route if (event === '*') { return { method: '*', path: '*', authorizer: this.getHttpApiAuthorizerConfig(), }; } const [method, path] = event.split(' '); event = { method, path }; } event.authorizer = this.getHttpApiAuthorizerConfig(); return event; } private getRestApiAuthorizerConfig() { if (!this.serverless.service.custom?.globalAuthorizer?.restApi?.authorizer) { throw new ServerlessGlobalAuthorizerError( 'Missing global authorizer configuration for REST API Gateway', ); } return this.serverless.service.custom.globalAuthorizer.restApi?.authorizer; } private getHttpApiAuthorizerConfig() { if (!this.serverless.service.custom?.globalAuthorizer?.httpApi?.authorizer) { throw new ServerlessGlobalAuthorizerError( 'Missing global authorizer configuration for HTTP API Gateway', ); } return this.serverless.service.custom.globalAuthorizer.httpApi?.authorizer; } private static isGlobalAuthorizerEnabledAtEventLevel(event: ApiGatewayEvent | string) { if (typeof event === 'string' || event.globalAuthorizerEnabled === undefined) { return true; } if (event.globalAuthorizerEnabled !== false && event.globalAuthorizerEnabled !== true) { throw new ServerlessGlobalAuthorizerError( `"globalAuthorizerEnabled" property needs to be of boolean type. "${event.globalAuthorizerEnabled}" passed as a value`, ); } return event.globalAuthorizerEnabled; } } export = ServerlessGlobalAuthorizerPlugin;