From 872f428735ac357098e727ba74c954aa11a78114 Mon Sep 17 00:00:00 2001 From: Kyle Robertson Date: Thu, 23 Sep 2021 22:34:36 -0400 Subject: [PATCH 1/7] feat(aws-apigatewayv2): add support for api-key in websocket apis --- packages/@aws-cdk/aws-apigatewayv2/README.md | 14 +++++++ .../aws-apigatewayv2/lib/websocket/api.ts | 26 +++++++++++++ .../aws-apigatewayv2/lib/websocket/route.ts | 7 ++++ .../test/websocket/api.test.ts | 22 +++++++++++ .../websocket/integ.api-apikey.expected.json | 13 +++++++ .../test/websocket/integ.api-apikey.ts | 14 +++++++ .../websocket/integ.api-default.expected.json | 12 ++++++ .../test/websocket/integ.api-default.ts | 11 ++++++ .../test/websocket/route.test.ts | 38 +++++++++++++++++++ 9 files changed, 157 insertions(+) create mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.expected.json create mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts create mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json create mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts diff --git a/packages/@aws-cdk/aws-apigatewayv2/README.md b/packages/@aws-cdk/aws-apigatewayv2/README.md index cc6c6f48c5827..16f6bc06ca309 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2/README.md @@ -423,3 +423,17 @@ stage.grantManageConnections(lambda); // for all the stages permission webSocketApi.grantManageConnections(lambda); ``` + +### API Keys + +Websocket APIs also support usage of API Keys. An API Key is a key that is used to grant access to an API. These are useful for controlling and tracking access to an API, when used together with [usage plans](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html). These together allow you to configure controls around API access such as quotas and throttling, along with per-API Key metrics on usage. + +To require an API Key when accessing the Websocket API: + +```ts +const webSocketApi = new WebSocketApi(stack, 'mywsapi',{ + apiKeySelectionExpression: ApiKeySelectionExpression.X_API_KEY, + }); +... +``` + diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts index fdcfbdbce6d30..9240260141cbe 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts @@ -18,6 +18,24 @@ export interface IWebSocketApi extends IApi { _addIntegration(scope: Construct, config: WebSocketRouteIntegrationConfig): WebSocketIntegration } +/** + * Represents the currently available API Key Selection Expressions + */ +export enum ApiKeySelectionExpression { + /** + * x-api-key type + * This represents an API Key that is provided via an `x-api-key` header in the user request. + */ + X_API_KEY = '$request.header.x-api-key', + + /** + * usageIdentifierKey type + * This represents an API Key that is provided via the context of an Lambda Authorizer + * See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html + */ + USAGE_IDENTIFIER_KEY = '$context.authorizer.usageIdentifierKey' +} + /** * Props for WebSocket API */ @@ -28,6 +46,13 @@ export interface WebSocketApiProps { */ readonly apiName?: string; + /** + * An API key selection expression. Providing this option will require an API Key be provided to access the API. + * Currently only supports '$request.header.x-api-key' and '$context.authorizer.usageIdentifierKey' + * @default - none + */ + readonly apiKeySelectionExpression?: ApiKeySelectionExpression + /** * The description of the API. * @default - none @@ -82,6 +107,7 @@ export class WebSocketApi extends ApiBase implements IWebSocketApi { const resource = new CfnApi(this, 'Resource', { name: this.webSocketApiName, + apiKeySelectionExpression: props?.apiKeySelectionExpression, protocolType: 'WEBSOCKET', description: props?.description, routeSelectionExpression: props?.routeSelectionExpression ?? '$request.body.action', diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts index 0588889a603bc..ebaf874963268 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts @@ -45,6 +45,12 @@ export interface WebSocketRouteProps extends WebSocketRouteOptions { * The key to this route. */ readonly routeKey: string; + + /** + * Whether the route requires an API Key to be provided + * @default - false + */ + readonly apiKeyRequired?: boolean; } /** @@ -76,6 +82,7 @@ export class WebSocketRoute extends Resource implements IWebSocketRoute { const route = new CfnRoute(this, 'Resource', { apiId: props.webSocketApi.apiId, + apiKeyRequired: props.apiKeyRequired, routeKey: props.routeKey, target: `integrations/${integration.integrationId}`, }); diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts index 24337a3f7c3f2..33b37e5b5bd1e 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts @@ -2,6 +2,7 @@ import { Match, Template } from '@aws-cdk/assertions'; import { User } from '@aws-cdk/aws-iam'; import { Stack } from '@aws-cdk/core'; import { + ApiKeySelectionExpression, IWebSocketRouteIntegration, WebSocketApi, WebSocketIntegrationType, WebSocketRouteIntegrationBindOptions, WebSocketRouteIntegrationConfig, } from '../../lib'; @@ -25,6 +26,27 @@ describe('WebSocketApi', () => { Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Integration', 0); }); + test('apiKeySelectionExpression: given a value', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + new WebSocketApi(stack, 'api', { + apiKeySelectionExpression: ApiKeySelectionExpression.USAGE_IDENTIFIER_KEY, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Api', { + ApiKeySelectionExpression: '$context.authorizer.usageIdentifierKey', + Name: 'api', + ProtocolType: 'WEBSOCKET', + }); + + Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Stage', 0); + Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Route', 0); + Template.fromStack(stack).resourceCountIs('AWS::ApiGatewayV2::Integration', 0); + }); + test('addRoute: adds a route with passed key', () => { // GIVEN const stack = new Stack(); diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.expected.json b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.expected.json new file mode 100644 index 0000000000000..bc0b6f740acc8 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.expected.json @@ -0,0 +1,13 @@ +{ + "Resources": { + "MyWebsocketApiEBAC53DF": { + "Type": "AWS::ApiGatewayV2::Api", + "Properties": { + "ApiKeySelectionExpression": "$request.header.x-api-key", + "Name": "MyWebsocketApi", + "ProtocolType": "WEBSOCKET", + "RouteSelectionExpression": "$request.body.action" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts new file mode 100644 index 0000000000000..fe6205fb6c79c --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts @@ -0,0 +1,14 @@ +#!/usr/bin/env node +import * as cdk from '@aws-cdk/core'; +import * as apigw from '../../lib'; +import { ApiKeySelectionExpression } from '../../lib'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websockets'); + +new apigw.WebSocketApi(stack, 'MyWebsocketApi', { + apiKeySelectionExpression: ApiKeySelectionExpression.X_API_KEY, +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json new file mode 100644 index 0000000000000..bda5b8ee08af4 --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json @@ -0,0 +1,12 @@ +{ + "Resources": { + "MyWebsocketApiEBAC53DF": { + "Type": "AWS::ApiGatewayV2::Api", + "Properties": { + "Name": "MyWebsocketApi", + "ProtocolType": "WEBSOCKET", + "RouteSelectionExpression": "$request.body.action" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts new file mode 100644 index 0000000000000..e9acb82402cfa --- /dev/null +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts @@ -0,0 +1,11 @@ +#!/usr/bin/env node +import * as cdk from '@aws-cdk/core'; +import * as apigw from '../../lib'; + +const app = new cdk.App(); + +const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websockets'); + +new apigw.WebSocketApi(stack, 'MyWebsocketApi'); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts index 07eadc5300a85..63e82bc579552 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts @@ -41,6 +41,44 @@ describe('WebSocketRoute', () => { IntegrationUri: 'some-uri', }); }); + + test('Api Key is required for route when apiKeyIsRequired is true', () => { + // GIVEN + const stack = new Stack(); + const webSocketApi = new WebSocketApi(stack, 'Api'); + + // WHEN + new WebSocketRoute(stack, 'Route', { + webSocketApi, + integration: new DummyIntegration(), + routeKey: 'message', + apiKeyRequired: true, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Route', { + ApiId: stack.resolve(webSocketApi.apiId), + ApiKeyRequired: true, + RouteKey: 'message', + Target: { + 'Fn::Join': [ + '', + [ + 'integrations/', + { + Ref: 'RouteWebSocketIntegrationb7742333c7ab20d7b2b178df59bb17f20338431E', + }, + ], + ], + }, + }); + + Template.fromStack(stack).hasResourceProperties('AWS::ApiGatewayV2::Integration', { + ApiId: stack.resolve(webSocketApi.apiId), + IntegrationType: 'AWS_PROXY', + IntegrationUri: 'some-uri', + }); + }); }); From 3d1ddee0c76e184ad2a7efd18280c8beb2c0af35 Mon Sep 17 00:00:00 2001 From: Kyle Robertson Date: Tue, 9 Nov 2021 01:11:17 -0500 Subject: [PATCH 2/7] Update packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts Co-authored-by: Niranjan Jayakar --- packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts index ebaf874963268..0d30a60aed6d5 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/route.ts @@ -48,7 +48,7 @@ export interface WebSocketRouteProps extends WebSocketRouteOptions { /** * Whether the route requires an API Key to be provided - * @default - false + * @default false */ readonly apiKeyRequired?: boolean; } From 030bc2f5192a46a5345ad160b6b504f88cc2d9ae Mon Sep 17 00:00:00 2001 From: Kyle Robertson Date: Wed, 1 Dec 2021 18:59:24 -0500 Subject: [PATCH 3/7] Update packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts Co-authored-by: Niranjan Jayakar --- packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts index 9240260141cbe..f66094ed84c17 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts @@ -48,8 +48,7 @@ export interface WebSocketApiProps { /** * An API key selection expression. Providing this option will require an API Key be provided to access the API. - * Currently only supports '$request.header.x-api-key' and '$context.authorizer.usageIdentifierKey' - * @default - none + * @default - Key is not required to access these APIs */ readonly apiKeySelectionExpression?: ApiKeySelectionExpression From 5f1e0edc9a4694f4d2a9779b162a7b7c0ecb3148 Mon Sep 17 00:00:00 2001 From: Kyle Robertson Date: Wed, 1 Dec 2021 19:00:12 -0500 Subject: [PATCH 4/7] addressing feedback --- packages/@aws-cdk/aws-apigatewayv2/README.md | 2 +- .../@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts | 8 +++++--- .../aws-apigatewayv2/test/websocket/api.test.ts | 5 ++--- .../test/websocket/integ.api-apikey.ts | 4 ++-- .../test/websocket/integ.api-default.expected.json | 12 ------------ .../test/websocket/integ.api-default.ts | 11 ----------- 6 files changed, 10 insertions(+), 32 deletions(-) delete mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json delete mode 100644 packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts diff --git a/packages/@aws-cdk/aws-apigatewayv2/README.md b/packages/@aws-cdk/aws-apigatewayv2/README.md index 16f6bc06ca309..e91c24f13701b 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2/README.md @@ -432,7 +432,7 @@ To require an API Key when accessing the Websocket API: ```ts const webSocketApi = new WebSocketApi(stack, 'mywsapi',{ - apiKeySelectionExpression: ApiKeySelectionExpression.X_API_KEY, + apiKeySelectionExpression: WebSocketApiKeySelectionExpression.HEADER_X_API_KEY, }); ... ``` diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts index f66094ed84c17..81f573c78ce82 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts @@ -21,19 +21,21 @@ export interface IWebSocketApi extends IApi { /** * Represents the currently available API Key Selection Expressions */ -export enum ApiKeySelectionExpression { +export class WebSocketApiKeySelectionExpression { /** * x-api-key type * This represents an API Key that is provided via an `x-api-key` header in the user request. */ - X_API_KEY = '$request.header.x-api-key', + public static HEADER_X_API_KEY = new WebSocketApiKeySelectionExpression('$request.header.x-api-key'); /** * usageIdentifierKey type * This represents an API Key that is provided via the context of an Lambda Authorizer * See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html */ - USAGE_IDENTIFIER_KEY = '$context.authorizer.usageIdentifierKey' + public static AUTHORIZER_USAGE_IDENTIFIER_KEY = new WebSocketApiKeySelectionExpression('$context.authorizer.usageIdentifierKey'); + + public constructor(public readonly customApiKeySelector: string) {} } /** diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts index 33b37e5b5bd1e..3295027ecefb9 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts @@ -2,8 +2,7 @@ import { Match, Template } from '@aws-cdk/assertions'; import { User } from '@aws-cdk/aws-iam'; import { Stack } from '@aws-cdk/core'; import { - ApiKeySelectionExpression, - IWebSocketRouteIntegration, WebSocketApi, WebSocketIntegrationType, + IWebSocketRouteIntegration, WebSocketApi, WebSocketApiKeySelectionExpression, WebSocketIntegrationType, WebSocketRouteIntegrationBindOptions, WebSocketRouteIntegrationConfig, } from '../../lib'; @@ -32,7 +31,7 @@ describe('WebSocketApi', () => { // WHEN new WebSocketApi(stack, 'api', { - apiKeySelectionExpression: ApiKeySelectionExpression.USAGE_IDENTIFIER_KEY, + apiKeySelectionExpression: WebSocketApiKeySelectionExpression.AUTHORIZER_USAGE_IDENTIFIER_KEY, }); // THEN diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts index fe6205fb6c79c..1c5482bd3848e 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-apikey.ts @@ -1,14 +1,14 @@ #!/usr/bin/env node import * as cdk from '@aws-cdk/core'; import * as apigw from '../../lib'; -import { ApiKeySelectionExpression } from '../../lib'; +import { WebSocketApiKeySelectionExpression } from '../../lib'; const app = new cdk.App(); const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websockets'); new apigw.WebSocketApi(stack, 'MyWebsocketApi', { - apiKeySelectionExpression: ApiKeySelectionExpression.X_API_KEY, + apiKeySelectionExpression: WebSocketApiKeySelectionExpression.HEADER_X_API_KEY, }); app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json deleted file mode 100644 index bda5b8ee08af4..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.expected.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "Resources": { - "MyWebsocketApiEBAC53DF": { - "Type": "AWS::ApiGatewayV2::Api", - "Properties": { - "Name": "MyWebsocketApi", - "ProtocolType": "WEBSOCKET", - "RouteSelectionExpression": "$request.body.action" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts deleted file mode 100644 index e9acb82402cfa..0000000000000 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/integ.api-default.ts +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env node -import * as cdk from '@aws-cdk/core'; -import * as apigw from '../../lib'; - -const app = new cdk.App(); - -const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websockets'); - -new apigw.WebSocketApi(stack, 'MyWebsocketApi'); - -app.synth(); \ No newline at end of file From 6b7fcdcf84c3069a3bcb8cc784a0214d44730c05 Mon Sep 17 00:00:00 2001 From: Otavio Macedo Date: Tue, 11 Jan 2022 10:47:10 +0000 Subject: [PATCH 5/7] Update api.ts --- .../aws-apigatewayv2/lib/websocket/api.ts | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts index 81f573c78ce82..a97c252cc7e6b 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts @@ -22,17 +22,17 @@ export interface IWebSocketApi extends IApi { * Represents the currently available API Key Selection Expressions */ export class WebSocketApiKeySelectionExpression { + /** - * x-api-key type - * This represents an API Key that is provided via an `x-api-key` header in the user request. - */ + * The API will extract the key value from the `x-api-key` header in the user request. + */ public static HEADER_X_API_KEY = new WebSocketApiKeySelectionExpression('$request.header.x-api-key'); - /** - * usageIdentifierKey type - * This represents an API Key that is provided via the context of an Lambda Authorizer - * See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html - */ + /** + * The API will extract the key value from the `usageIdentifierKey` attribute in the `context` map, + * returned by the Lambda Authorizer. + * See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html + */ public static AUTHORIZER_USAGE_IDENTIFIER_KEY = new WebSocketApiKeySelectionExpression('$context.authorizer.usageIdentifierKey'); public constructor(public readonly customApiKeySelector: string) {} From 5415dc50c7e077b6b75afa2583a55ed0ed5c2bc1 Mon Sep 17 00:00:00 2001 From: Otavio Macedo Date: Tue, 11 Jan 2022 11:37:05 +0000 Subject: [PATCH 6/7] Fixes after conflict resolution --- .../aws-apigatewayv2/lib/websocket/api.ts | 17 ++++++++++------- .../aws-apigatewayv2/test/websocket/api.test.ts | 7 ++++++- .../test/websocket/route.test.ts | 3 +++ 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts index 145675186f958..19bede1303437 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/websocket/api.ts @@ -16,20 +16,23 @@ export interface IWebSocketApi extends IApi { * Represents the currently available API Key Selection Expressions */ export class WebSocketApiKeySelectionExpression { - + /** * The API will extract the key value from the `x-api-key` header in the user request. */ - public static HEADER_X_API_KEY = new WebSocketApiKeySelectionExpression('$request.header.x-api-key'); + public static readonly HEADER_X_API_KEY = new WebSocketApiKeySelectionExpression('$request.header.x-api-key'); - /** + /** * The API will extract the key value from the `usageIdentifierKey` attribute in the `context` map, * returned by the Lambda Authorizer. * See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html */ - public static AUTHORIZER_USAGE_IDENTIFIER_KEY = new WebSocketApiKeySelectionExpression('$context.authorizer.usageIdentifierKey'); + public static readonly AUTHORIZER_USAGE_IDENTIFIER_KEY = new WebSocketApiKeySelectionExpression('$context.authorizer.usageIdentifierKey'); - public constructor(public readonly customApiKeySelector: string) {} + /** + * @param customApiKeySelector The expression used by API Gateway + */ + public constructor(public readonly customApiKeySelector: string) {} } /** @@ -46,7 +49,7 @@ export interface WebSocketApiProps { * An API key selection expression. Providing this option will require an API Key be provided to access the API. * @default - Key is not required to access these APIs */ - readonly apiKeySelectionExpression?: ApiKeySelectionExpression + readonly apiKeySelectionExpression?: WebSocketApiKeySelectionExpression /** * The description of the API. @@ -102,7 +105,7 @@ export class WebSocketApi extends ApiBase implements IWebSocketApi { const resource = new CfnApi(this, 'Resource', { name: this.webSocketApiName, - apiKeySelectionExpression: props?.apiKeySelectionExpression, + apiKeySelectionExpression: props?.apiKeySelectionExpression?.customApiKeySelector, protocolType: 'WEBSOCKET', description: props?.description, routeSelectionExpression: props?.routeSelectionExpression ?? '$request.body.action', diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts index 0563e9a02b447..ba687a79a9afe 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/api.test.ts @@ -2,7 +2,12 @@ import { Match, Template } from '@aws-cdk/assertions'; import { User } from '@aws-cdk/aws-iam'; import { Stack } from '@aws-cdk/core'; import { - IWebSocketRouteIntegration, WebSocketRouteIntegration, WebSocketApi, WebSocketApiKeySelectionExpression, WebSocketIntegrationType, WebSocketRouteIntegrationBindOptions, WebSocketRouteIntegrationConfig, + WebSocketRouteIntegration, + WebSocketApi, + WebSocketApiKeySelectionExpression, + WebSocketIntegrationType, + WebSocketRouteIntegrationBindOptions, + WebSocketRouteIntegrationConfig, } from '../../lib'; describe('WebSocketApi', () => { diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts index f69da9145115a..544d58eae40bc 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts @@ -78,6 +78,9 @@ describe('WebSocketRoute', () => { IntegrationType: 'AWS_PROXY', IntegrationUri: 'some-uri', }); + }); + + test('integration cannot be used across WebSocketApis', () => { // GIVEN const integration = new DummyIntegration(); From 9a429fabdc1ad8d4f128260c2dbce552c689a14d Mon Sep 17 00:00:00 2001 From: Otavio Macedo Date: Tue, 11 Jan 2022 13:54:21 +0000 Subject: [PATCH 7/7] Fixed test --- packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts index 544d58eae40bc..94c4e969a08b6 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/websocket/route.test.ts @@ -66,7 +66,7 @@ describe('WebSocketRoute', () => { [ 'integrations/', { - Ref: 'RouteWebSocketIntegrationb7742333c7ab20d7b2b178df59bb17f20338431E', + Ref: 'RouteDummyIntegrationE40E82B4', }, ], ],