New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(AWS HTTP API): Add support for AWS IAM authorization #9195
Conversation
Codecov Report
@@ Coverage Diff @@
## master #9195 +/- ##
==========================================
- Coverage 87.24% 86.97% -0.27%
==========================================
Files 310 315 +5
Lines 11485 11665 +180
==========================================
+ Hits 10020 10146 +126
- Misses 1465 1519 +54
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pgrzesik looks great! I have just one doubt towards configuration schema setup, please see my comment
type: { const: 'aws_iam' }, | ||
}, | ||
additionalProperties: false, | ||
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Configuring definition like that is slightly problematic as it'll trigger vague mode for validation of other authorizers, as now any validation failure will now be reported simply with "Unsupported configuration format" without providing a hint which exactly property is misconfigured.
It's due to fact that two versions for object variant are provided, and validator won't know errors of which to report, hence it'll report just message that something is wrong.
(you may also confirm on that manually).
I think best way to recover is to use one object notation, and then inline ensure that for AWS IAM case it's just type
property that provided, and throw meaningful error if any other properties are found
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've adjusted the schema so it should be able to accept all possible versions + added additional validation to ensure that we're working with valid configuration.
96bf7db
to
e2826ee
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great 👍
is there an example about how to use a external lambda authorizer in httpApi ? |
Add support for
AWS_IAM
authorization forhttpApi
Closes: #8210