Access-Control-Allow-Origin set to undefined when using single origin

[pchynoweth]

This is a Bug Report

Description

• What went wrong?
  When trying to configure a single origin Access-Control-Allow-Origin is set to undefined causing API rejects:

{
  "Access-Control-Allow-Origin": "'undefined'",
  "Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent'",
  "Access-Control-Allow-Methods": "'OPTIONS,GET'",
  "Access-Control-Allow-Credentials": "'false'"
}

• What did you expect should have happened?
  For Access-Control-Allow-Origin to be set to the configured value.
• What was the config you used?

functions:
  hello:
    handler: handler.hello
    events:
      - http:
          path: hello
          method: get
          cors:
            origin: '*'
            headers:
              - Content-Type
              - X-Amz-Date
              - Authorization
              - X-Api-Key
              - X-Amz-Security-Token
              - X-Amz-User-Agent
            allowCredentials: false

• What stacktrace or error message from your provider did you see?
  None. Error doesn't become apparent until I try to use the API.

Similar or dependent issues:

• None found

Additional Data

• Serverless Framework Version you're using:
  master (1.36.3)
• Operating System:
  Linux (Arch)
• Stack Trace:
  N/A
• Provider Error messages:
  N/A

This appears to happen because of the following statement in lib/plugins/aws/package/compile/events/apiGateway/lib/cors.js:

      if (origins) {
        origin = origins[0];
      }

origins is an array so if the array is empty origin gets overridden with undefined. I will follow up with a PR.