agent-claw: automated task changes

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/cognito.d.ts

@@ -0,0 +1,73 @@
+import type { Construct } from 'constructs';
+import type * as cognito from '../../../aws-cognito';
+import type { Duration } from '../../../core';
+import type { IAuthorizer } from '../authorizer';
+import { Authorizer } from '../authorizer';
+import { AuthorizationType } from '../method';
+import type { IRestApi } from '../restapi';
+/**
+ * Properties for CognitoUserPoolsAuthorizer
+ */
+export interface CognitoUserPoolsAuthorizerProps {
+    /**
+     * An optional human friendly name for the authorizer. Note that, this is not the primary identifier of the authorizer.
+     *
+     * @default - the unique construct ID
+     */
+    readonly authorizerName?: string;
+    /**
+     * The user pools to associate with this authorizer.
+     */
+    readonly cognitoUserPools: cognito.IUserPool[];
+    /**
+     * How long APIGateway should cache the results. Max 1 hour.
+     * Disable caching by setting this to 0.
+     *
+     * @default Duration.minutes(5)
+     */
+    readonly resultsCacheTtl?: Duration;
+    /**
+     * The request header mapping expression for the bearer token. This is typically passed as part of the header, in which case
+     * this should be `method.request.header.Authorizer` where `Authorizer` is the header containing the bearer token.
+     *
+     * @see https://docs.aws.amazon.com/apigateway/latest/api/API_CreateAuthorizer.html#apigw-CreateAuthorizer-request-identitySource
+     * @default `IdentitySource.header('Authorization')`
+     */
+    readonly identitySource?: string;
+}
+/**
+ * Cognito user pools based custom authorizer
+ *
+ * @resource AWS::ApiGateway::Authorizer
+ */
+export declare class CognitoUserPoolsAuthorizer extends Authorizer implements IAuthorizer {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    /**
+     * The id of the authorizer.
+     * @attribute
+     */
+    readonly authorizerId: string;
+    /**
+     * The ARN of the authorizer to be used in permission policies, such as IAM and resource-based grants.
+     * @attribute
+     */
+    readonly authorizerArn: string;
+    /**
+     * The authorization type of this authorizer.
+     */
+    readonly authorizationType?: AuthorizationType;
+    private restApiId?;
+    private readonly authorizerProps;
+    constructor(scope: Construct, id: string, props: CognitoUserPoolsAuthorizerProps);
+    /**
+     * Attaches this authorizer to a specific REST API.
+     * @internal
+     */
+    _attachToApi(restApi: IRestApi): void;
+    /**
+     * Returns a token that resolves to the Rest Api Id at the time of synthesis.
+     * Throws an error, during token resolution, if no RestApi is attached to this authorizer.
+     */
+    private lazyRestApiId;
+}

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/identity-source.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Represents an identity source.
+ *
+ * The source can be specified either as a literal value (e.g: `Auth`) which
+ * cannot be blank, or as an unresolved string token.
+ */
+export declare class IdentitySource {
+    /**
+     * Provides a properly formatted header identity source.
+     * @param headerName the name of the header the `IdentitySource` will represent.
+     *
+     * @returns a header identity source.
+     */
+    static header(headerName: string): string;
+    /**
+     * Provides a properly formatted query string identity source.
+     * @param queryString the name of the query string the `IdentitySource` will represent.
+     *
+     * @returns a query string identity source.
+     */
+    static queryString(queryString: string): string;
+    /**
+     * Provides a properly formatted API Gateway stage variable identity source.
+     * @param stageVariable the name of the stage variable the `IdentitySource` will represent.
+     *
+     * @returns an API Gateway stage variable identity source.
+     */
+    static stageVariable(stageVariable: string): string;
+    /**
+     * Provides a properly formatted request context identity source.
+     * @param context the name of the context variable the `IdentitySource` will represent.
+     *
+     * @returns a request context identity source.
+     */
+    static context(context: string): string;
+    private static toString;
+}

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/identity-source.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.IdentitySource=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};class IdentitySource{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigateway.IdentitySource",version:"2.252.0"};static header(headerName){return IdentitySource.toString(headerName,"method.request.header")}static queryString(queryString){return IdentitySource.toString(queryString,"method.request.querystring")}static stageVariable(stageVariable){return IdentitySource.toString(stageVariable,"stageVariables")}static context(context){return IdentitySource.toString(context,"context")}static toString(source,type){if(!source.trim())throw new(errors_1()).UnscopedValidationError((0,literal_string_1().lit)`MustBeIdentitysourcesNonEmptyString`,"IdentitySources must be a non-empty string.");return`${type}.${source}`}}exports.IdentitySource=IdentitySource;

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/index.d.ts

@@ -0,0 +1,3 @@
+export * from './lambda';
+export * from './identity-source';
+export * from './cognito';

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/index.js

@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.TokenAuthorizer=void 0,Object.defineProperty(exports,_noFold="TokenAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lambda").TokenAuthorizer;return Object.defineProperty(exports,_noFold="TokenAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.RequestAuthorizer=void 0,Object.defineProperty(exports,_noFold="RequestAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lambda").RequestAuthorizer;return Object.defineProperty(exports,_noFold="RequestAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.IdentitySource=void 0,Object.defineProperty(exports,_noFold="IdentitySource",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identity-source").IdentitySource;return Object.defineProperty(exports,_noFold="IdentitySource",{enumerable:!0,configurable:!0,value}),value}}),exports.CognitoUserPoolsAuthorizer=void 0,Object.defineProperty(exports,_noFold="CognitoUserPoolsAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./cognito").CognitoUserPoolsAuthorizer;return Object.defineProperty(exports,_noFold="CognitoUserPoolsAuthorizer",{enumerable:!0,configurable:!0,value}),value}});

cdk/node_modules/aws-cdk-lib/aws-apigateway/lib/authorizers/lambda.d.ts

@@ -0,0 +1,155 @@
+import type { Construct } from 'constructs';
+import * as iam from '../../../aws-iam';
+import * as lambda from '../../../aws-lambda';
+import { Duration } from '../../../core';
+import type { CfnAuthorizerProps } from '../apigateway.generated';
+import type { IAuthorizer } from '../authorizer';
+import { Authorizer } from '../authorizer';
+import type { IRestApi } from '../restapi';
+/**
+ * Base properties for all lambda authorizers
+ */
+export interface LambdaAuthorizerProps {
+    /**
+     * An optional human friendly name for the authorizer. Note that, this is not the primary identifier of the authorizer.
+     *
+     * @default - the unique construct ID
+     */
+    readonly authorizerName?: string;
+    /**
+     * The handler for the authorizer lambda function.
+     *
+     * The handler must follow a very specific protocol on the input it receives
+     * and the output it needs to produce.  API Gateway has documented the
+     * handler's [input specification](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-input.html)
+     * and [output specification](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html).
+     */
+    readonly handler: lambda.IFunction;
+    /**
+     * How long APIGateway should cache the results. Max 1 hour.
+     * Disable caching by setting this to 0.
+     *
+     * @default - Duration.minutes(5)
+     */
+    readonly resultsCacheTtl?: Duration;
+    /**
+     * An optional IAM role for APIGateway to assume before calling the Lambda-based authorizer. The IAM role must be
+     * assumable by 'apigateway.amazonaws.com'.
+     *
+     * @default - A resource policy is added to the Lambda function allowing apigateway.amazonaws.com to invoke the function.
+     */
+    readonly assumeRole?: iam.IRole;
+}
+declare abstract class LambdaAuthorizer extends Authorizer implements IAuthorizer {
+    /**
+     * The id of the authorizer.
+     * @attribute
+     */
+    abstract readonly authorizerId: string;
+    /**
+     * The ARN of the authorizer to be used in permission policies, such as IAM and resource-based grants.
+     */
+    abstract readonly authorizerArn: string;
+    /**
+     * The Lambda function handler that this authorizer uses.
+     */
+    protected readonly handler: lambda.IFunction;
+    /**
+     * The IAM role that the API Gateway service assumes while invoking the Lambda function.
+     */
+    protected readonly role?: iam.IRole;
+    protected restApiId?: string;
+    protected abstract readonly authorizerProps: CfnAuthorizerProps;
+    protected constructor(scope: Construct, id: string, props: LambdaAuthorizerProps);
+    /**
+     * Attaches this authorizer to a specific REST API.
+     * @internal
+     */
+    _attachToApi(restApi: IRestApi): void;
+    /**
+     * Sets up the permissions necessary for the API Gateway service to invoke the Lambda function.
+     */
+    protected setupPermissions(): void;
+    /**
+     * Add Default Permission Role for handler
+     */
+    private addDefaultPermissionRole;
+    /**
+     * Add Lambda Invoke Permission for Lambda Authorizer's role
+     */
+    private addLambdaInvokePermission;
+    /**
+     * Returns a token that resolves to the Rest Api Id at the time of synthesis.
+     * Throws an error, during token resolution, if no RestApi is attached to this authorizer.
+     */
+    protected lazyRestApiId(): string;
+}
+/**
+ * Properties for TokenAuthorizer
+ */
+export interface TokenAuthorizerProps extends LambdaAuthorizerProps {
+    /**
+     * An optional regex to be matched against the authorization token. When matched the authorizer lambda is invoked,
+     * otherwise a 401 Unauthorized is returned to the client.
+     *
+     * @default - no regex filter will be applied.
+     */
+    readonly validationRegex?: string;
+    /**
+     * The request header mapping expression for the bearer token. This is typically passed as part of the header, in which case
+     * this should be `method.request.header.Authorizer` where `Authorizer` is the header containing the bearer token.
+     *
+     * @see https://docs.aws.amazon.com/apigateway/latest/api/API_CreateAuthorizer.html#apigw-CreateAuthorizer-request-identitySource
+     * @default `IdentitySource.header('Authorization')`
+     */
+    readonly identitySource?: string;
+}
+/**
+ * Token based lambda authorizer that recognizes the caller's identity as a bearer token,
+ * such as a JSON Web Token (JWT) or an OAuth token.
+ * Based on the token, authorization is performed by a lambda function.
+ *
+ * @resource AWS::ApiGateway::Authorizer
+ */
+export declare class TokenAuthorizer extends LambdaAuthorizer {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly authorizerId: string;
+    readonly authorizerArn: string;
+    protected readonly authorizerProps: CfnAuthorizerProps;
+    constructor(scope: Construct, id: string, props: TokenAuthorizerProps);
+}
+/**
+ * Properties for RequestAuthorizer
+ */
+export interface RequestAuthorizerProps extends LambdaAuthorizerProps {
+    /**
+     * An array of request header mapping expressions for identities. Supported parameter types are
+     * Header, Query String, Stage Variable, and Context. For instance, extracting an authorization
+     * token from a header would use the identity source `IdentitySource.header('Authorization')`.
+     *
+     * Note: API Gateway uses the specified identity sources as the request authorizer caching key. When caching is
+     * enabled, API Gateway calls the authorizer's Lambda function only after successfully verifying that all the
+     * specified identity sources are present at runtime. If a specified identify source is missing, null, or empty,
+     * API Gateway returns a 401 Unauthorized response without calling the authorizer Lambda function.
+     *
+     * @see https://docs.aws.amazon.com/apigateway/latest/api/API_CreateAuthorizer.html#apigw-CreateAuthorizer-request-identitySource
+     */
+    readonly identitySources: string[];
+}
+/**
+ * Request-based lambda authorizer that recognizes the caller's identity via request parameters,
+ * such as headers, paths, query strings, stage variables, or context variables.
+ * Based on the request, authorization is performed by a lambda function.
+ *
+ * @resource AWS::ApiGateway::Authorizer
+ */
+export declare class RequestAuthorizer extends LambdaAuthorizer {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly authorizerId: string;
+    readonly authorizerArn: string;
+    protected readonly authorizerProps: CfnAuthorizerProps;
+    constructor(scope: Construct, id: string, props: RequestAuthorizerProps);
+}
+export {};