def _add_tags(self):
"""
Adds tags to the Http Api, including a default SAM tag.
"""
if self.tags and not self.definition_body:
raise InvalidResourceException(
self.logical_id,
"Tags works only with inline OpenApi specified in the 'DefinitionBody' property."
)
if not self.definition_body:
return
if self.tags and not OpenApiEditor.is_valid(self.definition_body):
raise InvalidResourceException(
self.logical_id,
"Unable to add `Tags` because 'DefinitionBody' does not contain a valid OpenApi definition.",
)
elif not OpenApiEditor.is_valid(self.definition_body):
return
if not self.tags:
self.tags = {}
self.tags[HttpApiTagName] = "SAM"
open_api_editor = OpenApiEditor(self.definition_body)
# authorizers is guaranteed to return a value or raise an exception
open_api_editor.add_tags(self.tags)
self.definition_body = open_api_editor.openapi
def _add_auth(self):
"""
Add Auth configuration to the OAS file, if necessary
"""
if not self.auth:
return
if self.auth and not self.definition_body:
raise InvalidResourceException(
self.logical_id,
"Auth works only with inline OpenApi specified in the 'DefinitionBody' property."
)
# Make sure keys in the dict are recognized
if not all(key in AuthProperties._fields for key in self.auth.keys()):
raise InvalidResourceException(
self.logical_id, "Invalid value for 'Auth' property")
if not OpenApiEditor.is_valid(self.definition_body):
raise InvalidResourceException(
self.logical_id,
"Unable to add Auth configuration because 'DefinitionBody' does not contain a valid OpenApi definition.",
)
open_api_editor = OpenApiEditor(self.definition_body)
auth_properties = AuthProperties(**self.auth)
authorizers = self._get_authorizers(auth_properties.Authorizers,
auth_properties.DefaultAuthorizer)
# authorizers is guaranteed to return a value or raise an exception
open_api_editor.add_authorizers_security_definitions(authorizers)
self._set_default_authorizer(open_api_editor, authorizers,
auth_properties.DefaultAuthorizer,
auth_properties.Authorizers)
self.definition_body = open_api_editor.openapi
def test_must_fail_for_invalid_values(self, data, case):
self.assertFalse(OpenApiEditor.is_valid(data), "openapi dictionary with {} must not be valid".format(case))
def _add_cors(self):
"""
Add CORS configuration if CORSConfiguration property is set in SAM.
Adds CORS configuration only if DefinitionBody is present and
APIGW extension for CORS is not present in the DefinitionBody
"""
if self.cors_configuration and not self.definition_body:
raise InvalidResourceException(
self.logical_id,
"Cors works only with inline OpenApi specified in 'DefinitionBody' property."
)
# If cors configuration is set to true add * to the allow origins.
# This also support referencing the value as a parameter
if isinstance(self.cors_configuration, bool):
# if cors config is true add Origins as "'*'"
properties = CorsProperties(AllowOrigins=[_CORS_WILDCARD])
elif is_intrinsic(self.cors_configuration):
# Just set Origin property. Intrinsics will be handledOthers will be defaults
properties = CorsProperties(AllowOrigins=self.cors_configuration)
elif isinstance(self.cors_configuration, dict):
# Make sure keys in the dict are recognized
if not all(key in CorsProperties._fields
for key in self.cors_configuration.keys()):
raise InvalidResourceException(
self.logical_id, "Invalid value for 'Cors' property.")
properties = CorsProperties(**self.cors_configuration)
else:
raise InvalidResourceException(
self.logical_id, "Invalid value for 'Cors' property.")
if not OpenApiEditor.is_valid(self.definition_body):
raise InvalidResourceException(
self.logical_id,
"Unable to add Cors configuration because "
"'DefinitionBody' does not contain a valid "
"OpenApi definition.",
)
if properties.AllowCredentials is True and properties.AllowOrigins == [
_CORS_WILDCARD
]:
raise InvalidResourceException(
self.logical_id,
"Unable to add Cors configuration because "
"'AllowCredentials' can not be true when "
"'AllowOrigin' is \"'*'\" or not set.",
)
editor = OpenApiEditor(self.definition_body)
# if CORS is set in both definition_body and as a CorsConfiguration property,
# SAM merges and overrides the cors headers in definition_body with headers of CorsConfiguration
editor.add_cors(
properties.AllowOrigins,
properties.AllowHeaders,
properties.AllowMethods,
properties.ExposeHeaders,
properties.MaxAge,
properties.AllowCredentials,
)
# Assign the OpenApi back to template
self.definition_body = editor.openapi
def test_must_work_on_valid_values(self, openapi):
self.assertTrue(OpenApiEditor.is_valid(openapi))