From 74e76515ddde38eb2cd397957a4c3662aa79f062 Mon Sep 17 00:00:00 2001
From: aidant <15520814+aidant@users.noreply.github.com>
Date: Fri, 11 Aug 2023 15:01:16 +1000
Subject: [PATCH 1/4] add empty identity sources for request authorisers

---
 src/events/http/createAuthScheme.js | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/src/events/http/createAuthScheme.js b/src/events/http/createAuthScheme.js
index 71b56a70f..df849a3c5 100644
--- a/src/events/http/createAuthScheme.js
+++ b/src/events/http/createAuthScheme.js
@@ -71,13 +71,12 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
         } else if (identitySourceType === IDENTITY_SOURCE_TYPE_QUERYSTRING) {
           const queryStringParameters = parseQueryStringParameters(url) ?? {}
           authorization = queryStringParameters[identitySourceField]
-        } else {
-          throw new Error(
-            `No Authorization source has been specified. This should never happen. (λ: ${authFunName})`,
-          )
         }
 
-        if (authorization === undefined) {
+        if (
+          authorization === undefined &&
+          authorizerOptions.type !== 'request'
+        ) {
           log.error(
             `Identity Source is null for ${identitySourceType} ${identitySourceField} (λ: ${authFunName})`,
           )
@@ -266,10 +265,13 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
     return identitySourceMatch[expectedLength - 1]
   }
 
-  if (
-    authorizerOptions.type !== 'request' ||
-    authorizerOptions.identitySource
-  ) {
+  if (authorizerOptions.identitySource === '') {
+    identitySourceField = null
+    identitySourceType = null
+    return finalizeAuthScheme()
+  }
+
+  if (authorizerOptions.identitySource) {
     const headerRegExp = /^(method.|\$)request.header.((?:\w+-?)+\w+)$/
     const queryStringRegExp =
       /^(method.|\$)request.querystring.((?:\w+-?)+\w+)$/
@@ -291,9 +293,11 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
       return finalizeAuthScheme()
     }
 
-    throw new Error(
-      `Serverless Offline only supports retrieving tokens from headers and querystring parameters (λ: ${authFunName})`,
-    )
+    if (authorizerOptions.type !== 'request') {
+      throw new Error(
+        `Serverless Offline only supports retrieving tokens from headers and querystring parameters (λ: ${authFunName})`,
+      )
+    }
   }
 
   return finalizeAuthScheme()

From 56f233f78aa2494d7ac7f734fcb6ff18f57c781e Mon Sep 17 00:00:00 2001
From: aidant <15520814+aidant@users.noreply.github.com>
Date: Tue, 21 Nov 2023 11:50:45 +1100
Subject: [PATCH 2/4] fix formatting from editor

---
 src/events/http/createAuthScheme.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/events/http/createAuthScheme.js b/src/events/http/createAuthScheme.js
index ef09e18c2..0b1f99393 100644
--- a/src/events/http/createAuthScheme.js
+++ b/src/events/http/createAuthScheme.js
@@ -1,5 +1,7 @@
 import Boom from '@hapi/boom'
 import { log } from '@serverless/utils/log.js'
+import authCanExecuteResource from '../authCanExecuteResource.js'
+import authValidateContext from '../authValidateContext.js'
 import {
   getRawQueryParams,
   nullIfEmpty,
@@ -8,8 +10,6 @@ import {
   parseMultiValueQueryStringParameters,
   parseQueryStringParameters,
 } from '../../utils/index.js'
-import authCanExecuteResource from '../authCanExecuteResource.js'
-import authValidateContext from '../authValidateContext.js'
 
 const IDENTITY_SOURCE_TYPE_HEADER = 'header'
 const IDENTITY_SOURCE_TYPE_QUERYSTRING = 'querystring'

From a032cae611ab02c44f4ac34b08dcf98e061cc1b8 Mon Sep 17 00:00:00 2001
From: aidant <15520814+aidant@users.noreply.github.com>
Date: Tue, 21 Nov 2023 11:53:44 +1100
Subject: [PATCH 3/4] fix bad bracket from merge conflict

---
 src/events/http/createAuthScheme.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/events/http/createAuthScheme.js b/src/events/http/createAuthScheme.js
index 0b1f99393..8c564f39e 100644
--- a/src/events/http/createAuthScheme.js
+++ b/src/events/http/createAuthScheme.js
@@ -304,11 +304,11 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
         `Serverless Offline only supports retrieving tokens from headers and querystring parameters (λ: ${authFunName})`,
       )
     }
+  }
 
-    if (authorizerOptions.resultTtlInSeconds === 0) {
-      identitySourceType = IDENTITY_SOURCE_TYPE_NONE
-      return finalizeAuthScheme()
-    }
+  if (authorizerOptions.resultTtlInSeconds === 0) {
+    identitySourceType = IDENTITY_SOURCE_TYPE_NONE
+    return finalizeAuthScheme()
   }
 
   return finalizeAuthScheme()

From 27c62d48c18abbb28a7f68aefb2b1193c8361610 Mon Sep 17 00:00:00 2001
From: aidant <15520814+aidant@users.noreply.github.com>
Date: Tue, 21 Nov 2023 12:04:12 +1100
Subject: [PATCH 4/4] change identity source to none from null

---
 src/events/http/createAuthScheme.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/events/http/createAuthScheme.js b/src/events/http/createAuthScheme.js
index 8c564f39e..63058fd27 100644
--- a/src/events/http/createAuthScheme.js
+++ b/src/events/http/createAuthScheme.js
@@ -272,7 +272,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
 
   if (authorizerOptions.identitySource === '') {
     identitySourceField = null
-    identitySourceType = null
+    identitySourceType = IDENTITY_SOURCE_TYPE_NONE
     return finalizeAuthScheme()
   }