Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make it easier to use a CognitoUserPool authorizer when the pool is configured in the same service. #7799

Merged
merged 2 commits into from
Jun 1, 2020
Merged

Make it easier to use a CognitoUserPool authorizer when the pool is configured in the same service. #7799

merged 2 commits into from
Jun 1, 2020

Conversation

alexdebrie
Copy link
Contributor

This update makes it easier to use a Cognito User Pool as an APIGW authorizer when the pool is created in the same service.

Before this fix, it required this (suggested here):

...

functions:
  getStuff:
    handler: path/to/handler
    events:
      - http:
          path: /path/to/whatever
          method: get
          authorizer:
            type: COGNITO_USER_POOLS
            authorizerId:
              Ref: ApiGatewayAuthorizer

...

resources:
  Resources:
    CognitoUserPool:
      Type: AWS::Cognito::UserPool
      Properties:
        UserPoolName: whatever
    ApiGatewayAuthorizer:
      DependsOn:
        - ApiGatewayRestApi
      Type: AWS::ApiGateway::Authorizer
      Properties:
        Name: whatever
        IdentitySource: method.request.header.Authorization
        RestApiId:
          Ref: ApiGatewayRestApi
        Type: COGNITO_USER_POOLS
        ProviderARNs:
          - Fn::GetAtt: [CognitoUserPool, Arn]

...

Now you can achieve the same thing with this:

functions:
  getStuff:
    handler: path/to/handler
    events:
      - http:
          path: /path/to/whatever
          method: get
          authorizer:
            type: COGNITO_USER_POOLS
            name: 'MyAuthorizer'
            arn:
              Fn::GetAtt:
                - CognitoUserPool
                - Arn

Hattip to @brettstack for some pointers.

@codecov-commenter
Copy link

Codecov Report

Merging #7799 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #7799   +/-   ##
=======================================
  Coverage   88.15%   88.15%           
=======================================
  Files         245      245           
  Lines        9267     9269    +2     
=======================================
+ Hits         8169     8171    +2     
  Misses       1098     1098
Impacted Files Coverage Δ
...ckage/compile/events/apiGateway/lib/authorizers.js 100.00% <ø> (ø)
...ckage/compile/events/apiGateway/lib/permissions.js 88.23% <ø> (ø)
...pile/events/apiGateway/lib/method/authorization.js 100.00% <100.00%> (ø)
.../package/compile/events/apiGateway/lib/validate.js 97.00% <100.00%> (+0.02%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5e0af21...f4917b1. Read the comment docs.

medikoo
medikoo approved these changes Jun 1, 2020
View reviewed changes
Copy link
Contributor

@medikoo medikoo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @alexdebrie, It indeed simplifies this troublesome case

@medikoo medikoo merged commit 2e4377e into serverless:master Jun 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@medikoo medikoo medikoo approved these changes

Assignees
No one assigned
Labels
cat/aws-event-api-gateway enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@alexdebrie @codecov-commenter @medikoo