8000 fix importing API with Cognito Authorizer · localstack/localstack@a913597 · GitHub
[go: up one dir, main page]
Skip to content

Commit a913597

Browse files
bentskubentsku
committed
fix importing API with Cognito Authorizer
1 parent 17156d0 commit a913597

File tree

5 files changed

+182
-2
lines changed

5 files changed

+182
-2
lines changed

localstack-core/localstack/services/apigateway/helpers.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -537,7 +537,7 @@ def create_authorizers(security_schemes: dict) -> None:
537537
name=security_scheme_name,
538538
type=authorizer_type,
539539
authorizerResultTtlInSeconds=aws_apigateway_authorizer.get(
540-
"authorizerResultTtlInSeconds", 300
540+
"authorizerResultTtlInSeconds", None
541541
),
542542
)
543543
if provider_arns := aws_apigateway_authorizer.get("providerARNs"):
@@ -548,7 +548,7 @@ def create_authorizers(security_schemes: dict) -> None:
548548
authorizer["authorizerUri"] = authorizer_uri
549549
if authorizer_credentials := aws_apigateway_authorizer.get("authorizerCredentials"):
550550
authorizer["authorizerCredentials"] = authorizer_credentials
551-
if authorizer_type == "TOKEN":
551+
if authorizer_type in ("TOKEN", "COGNITO_USER_POOLS"):
552552
header_name = security_config.get("name")
553553
authorizer["identitySource"] = f"method.request.header.{header_name}"
554554
elif identity_source := aws_apigateway_authorizer.get("identitySource"):

tests/aws/files/openapi.cognito-auth.json

Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,97 @@
1+
{
2+
"openapi": "3.0.1",
3+
"info": {
4+
"title": "Example Pet Store",
5+
"description": "A Pet Store API.",
6+
"version": "1.0"
7+
},
8+
"paths": {
9+
"/pets": {
10+
"get": {
11+
"operationId": "GET HTTP",
12+
"parameters": [
13< 8000 code class="diff-text syntax-highlighted-line addition">+
{
14+
"name": "type",
15+
"in": "query",
16+
"schema": {
17+
"type": "string"
18+
}
19+
},
20+
{
21+
"name": "page",
22+
"in": "query",
23+
"schema": {
24+
"type": "string"
25+
}
26+
}
27+
],
28+
"responses": {
29+
"200": {
30+
"description": "200 response",
31+
"headers": {
32+
"Access-Control-Allow-Origin": {
33+
"schema": {
34+
"type": "string"
35+
}
36+
}
37+
},
38+
"content": {
39+
"application/json": {
40+
"schema": {
41+
"$ref": "#/components/schemas/Pets"
42+
}
43+
}
44+
}
45+
}
46+
},
47+
"x-amazon-apigateway-integration": {
48+
"type": "HTTP_PROXY",
49+
"httpMethod": "GET",
50+
"uri": "http://petstore.execute-api.us-west-1.amazonaws.com/petstore/pets",
51+
"payloadFormatVersion": 1.0
52+
}
53+
}
54+
}
55+
},
56+
"components": {
57+
"securitySchemes": {
58+
"cognito-test-identity-source": {
59+
"type": "apiKey",
60+
"name": "TestHeaderAuth",
61+
"in": "header",
62+
"x-amazon-apigateway-authtype": "cognito_user_pools",
63+
"x-amazon-apigateway-authorizer": {
64+
"type": "cognito_user_pools",
65+
"providerARNs": [
66+
"${cognito_pool_arn}"
67+
]
68+
}
69+
}
70+
},
71+
"schemas": {
72+
"Pets": {
73+
"type": "array",
74+
"items": {
75+
"$ref": "#/components/schemas/Pet"
76+
}
77+
},
78+
"Empty": {
79+
"type": "object"
80+
},
81+
"Pet": {
82+
"type": "object",
83+
"properties": {
84+
"id": {
85+
"type": "string"
86+
},
87+
"type": {
88+
"type": "string"
89+
},
90+
"price": {
91+
"type": "number"
92+
}
93+
}
94+
}
95+
}
96+
}
97+
}

tests/aws/services/apigateway/test_apigateway_import.py

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@
3232
SWAGGER_MOCK_CORS_JSON = os.path.join(PARENT_DIR, "../../files/swagger-mock-cors.json")
3333
PETSTORE_SWAGGER_JSON = os.path.join(PARENT_DIR, "../../files/petstore-authorizer.swagger.json")
3434
TEST_SWAGGER_FILE_JSON = os.path.join(PARENT_DIR, "../../files/swagger.json")
35+
TEST_OPENAPI_COGNITO_AUTH = os.path.join(PARENT_DIR, "../../files/openapi.cognito-auth.json")
3536
TEST_OAS30_BASE_PATH_SERVER_VAR_FILE_YAML = os.path.join(
3637
PARENT_DIR, "../../files/openapi-basepath-server-variable.yaml"
3738
)
@@ -839,3 +840,40 @@ def test_import_with_http_method_integration(
839840
# this fixture will iterate over every resource and match its method, methodResponse, integration and
840841
# integrationResponse
841842
apigw_snapshot_imported_resources(rest_api_id=rest_api_id, resources=response)
843+
844+
@pytest.mark.no_apigw_snap_transformers
845+
@markers.aws.validated
846+
def test_import_with_cognito_auth_identity_source(
847+
self,
848+
region_name,
849+
account_id,
850+
import_apigw,
851+
snapshot,
852+
aws_client,
853+
apigw_snapshot_imported_resources,
854+
):
855+
snapshot.add_transformers_list(
856+
[
857+
snapshot.transform.jsonpath("$.import-swagger.id", value_replacement="rest-id"),
858+
snapshot.transform.jsonpath(
859+
"$.import-swagger.rootResourceId", value_replacement="root-resource-id"
860+
),
861+
snapshot.transform.jsonpath(
862+
"$.get-authorizers.items..id", value_replacement="authorizer-id"
863+
),
864+
]
865+
)
866+
spec_file = load_file(TEST_OPENAPI_COGNITO_AUTH)
867+
# the authorizer does not need to exist in AWS
868+
spec_file = spec_file.replace(
869+
"${cognito_pool_arn}",
870+
f"arn:aws:cognito-idp:{region_name}:{account_id}:userpool/{region_name}_ABC123",
871+
)
872+
response, root_id = import_apigw(body=spec_file, failOnWarnings=True)
873+
snapshot.match("import-swagger", response)
874+
875+
rest_api_id = response["id"]
876+
877+
# assert that are no multiple authorizers
878+
authorizers = aws_client.apigateway.get_authorizers(restApiId=rest_api_id)
879+
snapshot.match("get-authorizers", authorizers)

tests/aws/services/apigateway/test_apigateway_import.snapshot.json

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4808,5 +4808,47 @@
48084808
"message": "Internal server error"
48094809
}
48104810
}
4811+
},
4812+
"tests/aws/services/apigateway/test_apigateway_import.py::TestApiGatewayImportRestApi::test_import_with_cognito_auth_identity_source": {
4813+
"recorded-date": "05-11-2024, 11:37:35",
4814+
"recorded-content": {
4815+
"import-swagger": {
4816+
"apiKeySource": "HEADER",
4817+
"createdDate": "datetime",
4818+
"description": "A Pet Store API.",
4819+
"disableExecuteApiEndpoint": false,
4820+
"endpointConfiguration": {
4821+
"types": [
4822+
"EDGE"
4823+
]
4824+
},
4825+
"id": "<rest-id:1>",
4826+
"name": "Example Pet Store",
4827+
"rootResourceId": "<root-resource-id:1>",
4828+
"version": "1.0",
4829+
"ResponseMetadata": {
4830+
"HTTPHeaders": {},
4831+
"HTTPStatusCode": 201
4832+
}
4833+
},
4834+
"get-authorizers": {
4835+
"items": [
4836+
{
4837+
"authType": "cognito_user_pools",
4838+
"id": "<authorizer-id:1>",
4839+
"identitySource": "method.request.header.TestHeaderAuth",
4840+
"name": "cognito-test-identity-source",
4841+
"providerARNs": [
4842+
"arn:<partition>:cognito-idp:<region>:111111111111:us C8B7 erpool/<region>_ABC123"
4843+
],
4844+
"type": "COGNITO_USER_POOLS"
4845+
}
4846+
],
4847+
"ResponseMetadata": {
4848+
"HTTPHeaders": {},
4849+
"HTTPStatusCode": 200
4850+
}
4851+
}
4852+
}
48114853
}
48124854
}

tests/aws/services/apigateway/test_apigateway_import.validation.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,9 @@
3535
"tests/aws/services/apigateway/test_apigateway_import.py::TestApiGatewayImportRestApi::test_import_with_circular_models_and_request_validation": {
3636
"last_validated_date": "2024-04-15T21:37:44+00:00"
3737
},
38+
"tests/aws/services/apigateway/test_apigateway_import.py::TestApiGatewayImportRestApi::test_import_with_cognito_auth_identity_source": {
39+
"last_validated_date": "2024-11-05T11:37:34+00:00"
40+
},
3841
"tests/aws/services/apigateway/test_apigateway_import.py::TestApiGatewayImportRestApi::test_import_with_global_api_key_authorizer": {
3942
"last_validated_date": "2024-04-15T21:36:29+00:00"
4043
},

0 commit comments

Comments
 (0)
0