Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: normalize the open api version #3551

Merged
merged 3 commits into from
Feb 28, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 5 additions & 7 deletions samtranslator/model/api/api_generator.py
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,6 @@ def __init__( # noqa: PLR0913
self.resource_attributes = resource_attributes
self.passthrough_resource_attributes = passthrough_resource_attributes
self.open_api_version = open_api_version
self.remove_extra_stage = open_api_version
self.models = models
self.domain = domain
self.fail_on_warnings = fail_on_warnings
Expand Down Expand Up @@ -400,7 +399,7 @@ def _construct_deployment(self, rest_api: ApiGatewayRestApi) -> ApiGatewayDeploy
self.logical_id + "Deployment", attributes=self.passthrough_resource_attributes
)
deployment.RestApiId = rest_api.get_runtime_attr("rest_api_id")
if not self.remove_extra_stage:
xazhao marked this conversation as resolved.
Show resolved Hide resolved
if not self.open_api_version:
deployment.StageName = "Stage"

return deployment
Expand Down Expand Up @@ -438,7 +437,7 @@ def _construct_stage(
if swagger is not None:
deployment.make_auto_deployable(
stage,
self.remove_extra_stage,
self.open_api_version,
swagger,
self.domain,
redeploy_restapi_parameters,
Expand Down Expand Up @@ -1125,11 +1124,10 @@ def _openapi_postprocess(self, definition_body: Dict[str, Any]) -> Dict[str, Any
if definition_body.get("swagger") is not None:
return definition_body

if definition_body.get("openapi") is not None and self.open_api_version is None:
self.open_api_version = definition_body.get("openapi")
normalized_open_api_version = definition_body.get("openapi", self.open_api_version)

if self.open_api_version and SwaggerEditor.safe_compare_regex_with_string(
SwaggerEditor._OPENAPI_VERSION_3_REGEX, self.open_api_version
if normalized_open_api_version and SwaggerEditor.safe_compare_regex_with_string(
SwaggerEditor._OPENAPI_VERSION_3_REGEX, normalized_open_api_version
):
if definition_body.get("securityDefinitions"):
components = definition_body.get("components", Py27Dict())
Expand Down
166 changes: 166 additions & 0 deletions tests/translator/input/api_open_api_version_override.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,166 @@
Transform:
- AWS::Serverless-2016-10-31
Resources:
ApiGatewayCognitoExecutionRole4F7CB5C8:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: apigateway.amazonaws.com
Version: '2012-10-17'
Policies:
- PolicyDocument:
Statement:
- Action: lambda:Invoke*
Effect: Allow
Resource:
Fn::GetAtt:
- LambdaFunction7804BD21
- Arn
Version: '2012-10-17'
PolicyName: apigInvokeLambda
LambdaFunctionServiceRoleD6E423C9:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: lambda.amazonaws.com
Version: '2012-10-17'
ManagedPolicyArns:
- Fn::Join:
- ''
- - 'arn:'
- Ref: AWS::Partition
- :iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
LambdaFunctionServiceRoleDefaultPolicyF01A7EDC:
Type: AWS::IAM::Policy
Properties:
PolicyDocument:
Statement:
- Action: sns:Publish
Effect: Allow
Resource: '*'
Version: '2012-10-17'
PolicyName: LambdaFunctionServiceRoleDefaultPolicyF01A7EDC
Roles:
- Ref: LambdaFunctionServiceRoleD6E423C9
LambdaFunction7804BD21:
Type: AWS::Lambda::Function
Properties:
Code:
ZipFile: |
exports.handler = async (event, context, callback) => {
const auth = event.queryStringParameters.authorization
const policyDocument = {
Version: '2012-10-17',
Statement: [{
Action: 'execute-api:Invoke',
Effect: auth && auth.toLowerCase() === 'allow' ? 'Allow' : 'Deny',
Resource: event.methodArn
}]
}

return {
principalId: 'user',
context: {},
policyDocument
}
}
Role:
Fn::GetAtt:
- LambdaFunctionServiceRoleD6E423C9
- Arn
Handler: index.handler
Runtime: nodejs16.x
MyCognitoUserPool:
Type: AWS::Cognito::UserPool
Properties:
UserPoolName: MyCognitoUserPool
ApiGatewayCognitoService15108F0B:
Type: AWS::Serverless::Api
Properties:
StageName: prod
Auth:
AddDefaultAuthorizerToCorsPreflight: false
Authorizers:
CognitoAuthorizer:
UserPoolArn:
Fn::GetAtt: MyCognitoUserPool.Arn
DefaultAuthorizer: CognitoAuthorizer
DefinitionBody:
openapi: 3.0.2
info:
title: RxtHofApprovalServiceLambdaCognito
version: '2018-05-10'
paths:
/reviews:
post:
operationId: CreateReview
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CreateReviewRequestContent'
required: true
responses:
'200':
description: CreateReview 200 response
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Expose-Headers:
schema:
type: string
content:
application/json:
schema:
$ref: '#/components/schemas/CreateReviewResponseContent'
x-amazon-apigateway-integration:
type: aws_proxy
httpMethod: POST
uri:
Fn::Sub: arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaFunction7804BD21.Arn}/invocations
credentials:
Fn::Sub: ${ApiGatewayCognitoExecutionRole4F7CB5C8.Arn}
responses:
default:
statusCode: '200'
responseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
method.response.header.Access-Control-Expose-Headers: "'Content-Length,Content-Type,X-Amzn-Errortype,X-Amzn-Requestid'"
components:
schemas:
CreateReviewRequestContent:
type: object
properties:
reviewId:
type: string
CreateReviewResponseContent:
type: object
properties:
reviewId:
type: string
securitySchemes:
aws.auth.sigv4:
type: apiKey
description: AWS Signature Version 4 authentication
name: Authorization
in: header
x-amazon-apigateway-authtype: awsSigv4
security:
- aws.auth.sigv4: []
x-amazon-apigateway-gateway-responses:
DEFAULT_5XX:
responseTemplates:
application/json: '{"message":$context.error.messageString}'
responseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
OpenApiVersion: '2.0'
TracingEnabled: true
165 changes: 165 additions & 0 deletions tests/translator/input/error_api_openapi_not_set.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
Transform:
- AWS::Serverless-2016-10-31
Resources:
ApiGatewayCognitoExecutionRole4F7CB5C8:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: apigateway.amazonaws.com
Version: '2012-10-17'
Policies:
- PolicyDocument:
Statement:
- Action: lambda:Invoke*
Effect: Allow
Resource:
Fn::GetAtt:
- LambdaFunction7804BD21
- Arn
Version: '2012-10-17'
PolicyName: apigInvokeLambda
LambdaFunctionServiceRoleD6E423C9:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: lambda.amazonaws.com
Version: '2012-10-17'
ManagedPolicyArns:
- Fn::Join:
- ''
- - 'arn:'
- Ref: AWS::Partition
- :iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
LambdaFunctionServiceRoleDefaultPolicyF01A7EDC:
Type: AWS::IAM::Policy
Properties:
PolicyDocument:
Statement:
- Action: sns:Publish
Effect: Allow
Resource: '*'
Version: '2012-10-17'
PolicyName: LambdaFunctionServiceRoleDefaultPolicyF01A7EDC
Roles:
- Ref: LambdaFunctionServiceRoleD6E423C9
LambdaFunction7804BD21:
Type: AWS::Lambda::Function
Properties:
Code:
ZipFile: |
exports.handler = async (event, context, callback) => {
const auth = event.queryStringParameters.authorization
const policyDocument = {
Version: '2012-10-17',
Statement: [{
Action: 'execute-api:Invoke',
Effect: auth && auth.toLowerCase() === 'allow' ? 'Allow' : 'Deny',
Resource: event.methodArn
}]
}

return {
principalId: 'user',
context: {},
policyDocument
}
}
Role:
Fn::GetAtt:
- LambdaFunctionServiceRoleD6E423C9
- Arn
Handler: index.handler
Runtime: nodejs16.x
MyCognitoUserPool:
Type: AWS::Cognito::UserPool
Properties:
UserPoolName: MyCognitoUserPool
ApiGatewayCognitoService15108F0B:
Type: AWS::Serverless::Api
Properties:
StageName: prod
Auth:
AddDefaultAuthorizerToCorsPreflight: false
Authorizers:
CognitoAuthorizer:
UserPoolArn:
Fn::GetAtt: MyCognitoUserPool.Arn
DefaultAuthorizer: CognitoAuthorizer
DefinitionBody:
info:
title: RxtHofApprovalServiceLambdaCognito
version: '2018-05-10'
paths:
/reviews:
post:
operationId: CreateReview
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CreateReviewRequestContent'
required: true
responses:
'200':
description: CreateReview 200 response
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Expose-Headers:
schema:
type: string
content:
application/json:
schema:
$ref: '#/components/schemas/CreateReviewResponseContent'
x-amazon-apigateway-integration:
type: aws_proxy
httpMethod: POST
uri:
Fn::Sub: arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaFunction7804BD21.Arn}/invocations
credentials:
Fn::Sub: ${ApiGatewayCognitoExecutionRole4F7CB5C8.Arn}
responses:
default:
statusCode: '200'
responseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
method.response.header.Access-Control-Expose-Headers: "'Content-Length,Content-Type,X-Amzn-Errortype,X-Amzn-Requestid'"
components:
schemas:
CreateReviewRequestContent:
type: object
properties:
reviewId:
type: string
CreateReviewResponseContent:
type: object
properties:
reviewId:
type: string
securitySchemes:
aws.auth.sigv4:
type: apiKey
description: AWS Signature Version 4 authentication
name: Authorization
in: header
x-amazon-apigateway-authtype: awsSigv4
security:
- aws.auth.sigv4: []
x-amazon-apigateway-gateway-responses:
DEFAULT_5XX:
responseTemplates:
application/json: '{"message":$context.error.messageString}'
responseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
OpenApiVersion: '3.0'
TracingEnabled: true
Loading