daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

agent-claw: automated task changes

Browse Source
This commit is contained in:
daniel
2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/.jsiirc.json generated vendored Normal file
View File

@@ -0,0 +1,13 @@
{
"targets": {
"dotnet": {
"namespace": "Amazon.CDK.AwsApigatewayv2Authorizers"
},
"java": {
"package": "software.amazon.awscdk.aws_apigatewayv2_authorizers"
},
"python": {
"module": "aws_cdk.aws_apigatewayv2_authorizers"
}
}
}

360
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/README.md generated vendored Normal file
View File

@@ -0,0 +1,360 @@
# AWS APIGatewayv2 Authorizers
## Table of Contents
- [Introduction](#introduction)
- [HTTP APIs](#http-apis)
- [Default Authorization](#default-authorization)
- [Route Authorization](#route-authorization)
- [JWT Authorizers](#jwt-authorizers)
- [User Pool Authorizer](#user-pool-authorizer)
- [Lambda Authorizers](#lambda-authorizers)
- [IAM Authorizers](#iam-authorizers)
- [WebSocket APIs](#websocket-apis)
- [Lambda Authorizer](#lambda-authorizer)
- [IAM Authorizers](#iam-authorizer)
- [Import Issues](#import-issues)
- [DotNet Namespace](#dotnet-namespace)
- [Java Package](#java-package)
## Introduction
API Gateway supports multiple mechanisms for controlling and managing access to your HTTP API. They are mainly
classified into Lambda Authorizers, JWT authorizers, and standard AWS IAM roles and policies. More information is
available at [Controlling and managing access to an HTTP
API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-access-control.html).
## HTTP APIs
Access control for HTTP APIs is managed by restricting which routes can be invoked via.
Authorizers and scopes can either be applied to the API, or specifically for each route.
### Default Authorization
When using default authorization, all routes of the API will inherit the configuration.
In the example below, all routes will require the `manage:books` scope present in order to invoke the integration.
```ts
import { HttpJwtAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
const issuer = 'https://test.us.auth0.com';
const authorizer = new HttpJwtAuthorizer('DefaultAuthorizer', issuer, {
jwtAudience: ['3131231'],
});
const api = new apigwv2.HttpApi(this, 'HttpApi', {
defaultAuthorizer: authorizer,
defaultAuthorizationScopes: ['manage:books'],
});
```
### Route Authorization
Authorization can also be configured for each Route. When a route authorization is configured, it takes precedence over default authorization.
The example below showcases default authorization, along with route authorization. It also shows how to remove authorization entirely for a route.
- `GET /books` and `GET /books/{id}` use the default authorizer settings on the api
- `POST /books` will require the `['write:books']` scope
- `POST /login` removes the default authorizer (unauthenticated route)
```ts
import { HttpJwtAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
const issuer = 'https://test.us.auth0.com';
const authorizer = new HttpJwtAuthorizer('DefaultAuthorizer', issuer, {
jwtAudience: ['3131231'],
});
const api = new apigwv2.HttpApi(this, 'HttpApi', {
defaultAuthorizer: authorizer,
defaultAuthorizationScopes: ['read:books'],
});
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
methods: [apigwv2.HttpMethod.GET],
});
api.addRoutes({
integration: new HttpUrlIntegration('BooksIdIntegration', 'https://get-books-proxy.example.com'),
path: '/books/{id}',
methods: [apigwv2.HttpMethod.GET],
});
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
methods: [apigwv2.HttpMethod.POST],
authorizationScopes: ['write:books']
});
api.addRoutes({
integration: new HttpUrlIntegration('LoginIntegration', 'https://get-books-proxy.example.com'),
path: '/login',
methods: [apigwv2.HttpMethod.POST],
authorizer: new apigwv2.HttpNoneAuthorizer(),
});
```
### JWT Authorizers
JWT authorizers allow the use of JSON Web Tokens (JWTs) as part of [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) and [OAuth 2.0](https://oauth.net/2/) frameworks to allow and restrict clients from accessing HTTP APIs.
When configured, API Gateway validates the JWT submitted by the client, and allows or denies access based on its content.
The location of the token is defined by the `identitySource` which defaults to the HTTP `Authorization` header. However it also
[supports a number of other options](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.identity-sources).
It then decodes the JWT and validates the signature and claims, against the options defined in the authorizer and route (scopes).
For more information check the [JWT Authorizer documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html).
Clients that fail authorization are presented with either 2 responses:
- `401 - Unauthorized` - When the JWT validation fails
- `403 - Forbidden` - When the JWT validation is successful but the required scopes are not met
```ts
import { HttpJwtAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
const issuer = 'https://test.us.auth0.com';
const authorizer = new HttpJwtAuthorizer('BooksAuthorizer', issuer, {
jwtAudience: ['3131231'],
});
const api = new apigwv2.HttpApi(this, 'HttpApi');
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
authorizer,
});
```
#### User Pool Authorizer
User Pool Authorizer is a type of JWT Authorizer that uses a Cognito user pool and app client to control who can access your API. After a successful authorization from the app client, the generated access token will be used as the JWT.
Clients accessing an API that uses a user pool authorizer must first sign in to a user pool and obtain an identity or access token.
They must then use this token in the specified `identitySource` for the API call. More information is available at [using Amazon Cognito user
pools as authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html).
```ts
import * as cognito from 'aws-cdk-lib/aws-cognito';
import { HttpUserPoolAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
const userPool = new cognito.UserPool(this, 'UserPool');
const authorizer = new HttpUserPoolAuthorizer('BooksAuthorizer', userPool);
const api = new apigwv2.HttpApi(this, 'HttpApi');
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
authorizer,
});
```
### Lambda Authorizers
Lambda authorizers use a Lambda function to control access to your HTTP API. When a client calls your API, API Gateway invokes your Lambda function and uses the response to determine whether the client can access your API.
Lambda authorizers depending on their response, fall into either two types - Simple or IAM. You can learn about differences [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response).
If the Lambda function is in another account, you need to provide an IAM role to the authorizer that has permission to invoke the Lambda function.
```ts
import { HttpLambdaAuthorizer, HttpLambdaResponseType } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
// This function handles your auth logic
declare const authHandler: lambda.Function;
// This role will be used to invoke the Lambda function
declare const role: iam.Role;
const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', authHandler, {
responseTypes: [HttpLambdaResponseType.SIMPLE], // Define if returns simple and/or iam response
role, // Set role if the Lambda function is in another account
});
const api = new apigwv2.HttpApi(this, 'HttpApi');
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
authorizer,
});
```
### IAM Authorizers
API Gateway supports IAM via the included `HttpIamAuthorizer` and grant syntax:
```ts
import { HttpIamAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
declare const principal: iam.AnyPrincipal;
const authorizer = new HttpIamAuthorizer();
const httpApi = new apigwv2.HttpApi(this, 'HttpApi', {
defaultAuthorizer: authorizer,
});
const routes = httpApi.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books/{book}',
});
routes[0].grantInvoke(principal);
```
## WebSocket APIs
You can set an authorizer to your WebSocket API's `$connect` route to control access to your API.
### Lambda Authorizer
Lambda authorizers use a Lambda function to control access to your WebSocket API. When a client connects to your API, API Gateway invokes your Lambda function and uses the response to determine whether the client can access your API.
```ts
import { WebSocketLambdaAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { WebSocketLambdaIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
// This function handles your auth logic
declare const authHandler: lambda.Function;
// This function handles your WebSocket requests
declare const handler: lambda.Function;
const authorizer = new WebSocketLambdaAuthorizer('Authorizer', authHandler);
const integration = new WebSocketLambdaIntegration(
'Integration',
handler,
);
new apigwv2.WebSocketApi(this, 'WebSocketApi', {
connectRouteOptions: {
integration,
authorizer,
},
});
```
### IAM Authorizer
IAM authorizers can be used to allow identity-based access to your WebSocket API.
```ts
import { WebSocketIamAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { WebSocketLambdaIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
// This function handles your connect route
declare const connectHandler: lambda.Function;
const webSocketApi = new apigwv2.WebSocketApi(this, 'WebSocketApi');
webSocketApi.addRoute('$connect', {
integration: new WebSocketLambdaIntegration('Integration', connectHandler),
authorizer: new WebSocketIamAuthorizer()
});
// Create an IAM user (identity)
const user = new iam.User(this, 'User');
const webSocketArn = Stack.of(this).formatArn({
service: 'execute-api',
resource: webSocketApi.apiId,
});
// Grant access to the IAM user
user.attachInlinePolicy(new iam.Policy(this, 'AllowInvoke', {
statements: [
new iam.PolicyStatement({
actions: ['execute-api:Invoke'],
effect: iam.Effect.ALLOW,
resources: [webSocketArn],
}),
],
}));
```
## Import Issues
`jsiirc.json` file is missing during the stablization process of this module, which caused import issues for DotNet and Java users who attempt to use this module. Unfortunately, to guarantee backward compatibility, we cannot simply correct the namespace for DotNet or package for Java. The following outlines the workaround.
### DotNet Namespace
Instead of the conventional namespace `Amazon.CDK.AWS.Apigatewayv2.Authorizers`, you would need to use the following namespace:
```cs
using Amazon.CDK.AwsApigatewayv2Authorizers;;
```
### Java Package
Instead of conventional package `import software.amazon.awscdk.services.apigatewayv2_authorizers.*`, you would need to use the following package:
```java
import software.amazon.awscdk.aws_apigatewayv2_authorizers.*;
// If you want to import a specific construct
import software.amazon.awscdk.aws_apigatewayv2_authorizers.WebSocketIamAuthorizer;
```
## Export HTTP Authorizer Id
You can retrieve the authorizer's id once it has been bound to a route to export the value.
`HttpAuthorizer.fromHttpAuthorizerAttributes`
```ts
import { HttpLambdaAuthorizer, HttpLambdaResponseType } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
import { HttpUrlIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
import { CfnOutput } from 'aws-cdk-lib';
// This function handles your auth logic
declare const authHandler: lambda.Function;
const authorizer = new HttpLambdaAuthorizer('BooksAuthorizer', authHandler, {
responseTypes: [HttpLambdaResponseType.SIMPLE], // Define if returns simple and/or iam response
});
const api = new apigwv2.HttpApi(this, 'HttpApi');
api.addRoutes({
integration: new HttpUrlIntegration('BooksIntegration', 'https://get-books-proxy.example.com'),
path: '/books',
authorizer,
});
// You can only access authorizerId after it's been bound to a route
// In this example we expect use CfnOutput
new CfnOutput(this, 'authorizerId', { value: authorizer.authorizerId });
new CfnOutput(this, 'authorizerType', { value: authorizer.authorizationType });
```
## Import an existing HTTP Authorizer
If you want to import av existing HTTP Authorizer you simply provide the authorizer id and authorizer type used when the authorizer was created.
```ts
import { HttpAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2';
import { Fn } from 'aws-cdk-lib'
const authorizerId = Fn.importValue('authorizerId');
const authorizerType = Fn.importValue('authorizerType');
const authorizer = HttpAuthorizer.fromHttpAuthorizerAttributes(this, 'HttpAuthorizer', {
authorizerId,
authorizerType
});
```

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1 @@
export * from './lib';

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.HttpUserPoolAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").HttpUserPoolAuthorizer;return Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpJwtAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").HttpJwtAuthorizer;return Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaResponseType=void 0,Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").HttpLambdaResponseType;return Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").HttpLambdaAuthorizer;return Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").HttpIamAuthorizer;return Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.WebSocketLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").WebSocketLambdaAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.WebSocketIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").WebSocketIamAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}});

12
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.d.ts generated vendored Normal file
View File

@@ -0,0 +1,12 @@
import type { HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2';
import { HttpAuthorizerType } from '../../../aws-apigatewayv2';
/**
* Authorize HTTP API Routes with IAM
*/
export declare class HttpIamAuthorizer implements IHttpRouteAuthorizer {
/**
* The authorizationType used for IAM Authorizer
*/
readonly authorizationType = HttpAuthorizerType.IAM;
bind(_options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/iam.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.HttpIamAuthorizer=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp};class HttpIamAuthorizer{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.HttpIamAuthorizer",version:"2.252.0"};authorizationType=aws_apigatewayv2_1().HttpAuthorizerType.IAM;bind(_options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_HttpRouteAuthorizerBindOptions(_options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}return{authorizationType:this.authorizationType}}}exports.HttpIamAuthorizer=HttpIamAuthorizer;

4
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,4 @@
export * from './user-pool';
export * from './jwt';
export * from './lambda';
export * from './iam';

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.HttpUserPoolAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./user-pool").HttpUserPoolAuthorizer;return Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpJwtAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./jwt").HttpJwtAuthorizer;return Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaResponseType=void 0,Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lambda").HttpLambdaResponseType;return Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lambda").HttpLambdaAuthorizer;return Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./iam").HttpIamAuthorizer;return Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}});

48
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.d.ts generated vendored Normal file
View File

@@ -0,0 +1,48 @@
import type { HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2';
/**
* Properties to initialize HttpJwtAuthorizer.
*/
export interface HttpJwtAuthorizerProps {
/**
* The name of the authorizer
* @default - same value as `id` passed in the constructor
*/
readonly authorizerName?: string;
/**
* The identity source for which authorization is requested.
*
* @default ['$request.header.Authorization']
*/
readonly identitySource?: string[];
/**
* A list of the intended recipients of the JWT.
* A valid JWT must provide an aud that matches at least one entry in this list.
*/
readonly jwtAudience: string[];
}
/**
* Authorize Http Api routes on whether the requester is registered as part of
* an AWS Cognito user pool.
*/
export declare class HttpJwtAuthorizer implements IHttpRouteAuthorizer {
private readonly id;
private readonly jwtIssuer;
private readonly props;
private authorizer?;
/**
* The authorizationType used for JWT Authorizer
*/
readonly authorizationType = "JWT";
/**
* Initialize a JWT authorizer to be bound with HTTP route.
* @param id The id of the underlying construct
* @param jwtIssuer The base domain of the identity provider that issues JWT
* @param props Properties to configure the authorizer
*/
constructor(id: string, jwtIssuer: string, props: HttpJwtAuthorizerProps);
/**
* Return the id of the authorizer if it's been constructed
*/
get authorizerId(): string;
bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.HttpJwtAuthorizer=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};class HttpJwtAuthorizer{id;jwtIssuer;props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.HttpJwtAuthorizer",version:"2.252.0"};authorizer;authorizationType="JWT";constructor(id,jwtIssuer,props){this.id=id,this.jwtIssuer=jwtIssuer,this.props=props;try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_authorizers_HttpJwtAuthorizerProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,HttpJwtAuthorizer),error}}get authorizerId(){if(!this.authorizer)throw new(errors_1()).UnscopedValidationError((0,literal_string_1().lit)`AuthorizerNotAttached`,"Cannot access authorizerId until authorizer is attached to a HttpRoute");return this.authorizer.authorizerId}bind(options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_HttpRouteAuthorizerBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}return this.authorizer||(this.authorizer=new(aws_apigatewayv2_1()).HttpAuthorizer(options.scope,this.id,{httpApi:options.route.httpApi,identitySource:this.props.identitySource??["$request.header.Authorization"],type:aws_apigatewayv2_1().HttpAuthorizerType.JWT,authorizerName:this.props.authorizerName??this.id,jwtAudience:this.props.jwtAudience,jwtIssuer:this.jwtIssuer})),{authorizerId:this.authorizer.authorizerId,authorizationType:this.authorizationType}}}exports.HttpJwtAuthorizer=HttpJwtAuthorizer;

81
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.d.ts generated vendored Normal file
View File

@@ -0,0 +1,81 @@
import type { HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2';
import type { IRoleRef } from '../../../aws-iam';
import type { IFunction } from '../../../aws-lambda';
import { Duration } from '../../../core';
/**
* Specifies the type responses the lambda returns
*/
export declare enum HttpLambdaResponseType {
/** Returns simple boolean response */
SIMPLE = 0,
/** Returns an IAM Policy */
IAM = 1
}
/**
* Properties to initialize HttpTokenAuthorizer.
*/
export interface HttpLambdaAuthorizerProps {
/**
* Friendly authorizer name
* @default - same value as `id` passed in the constructor.
*/
readonly authorizerName?: string;
/**
* The identity source for which authorization is requested.
*
* @default ['$request.header.Authorization']
*/
readonly identitySource?: string[];
/**
* How long APIGateway should cache the results. Max 1 hour.
* Disable caching by setting this to `Duration.seconds(0)`.
*
* @default Duration.minutes(5)
*/
readonly resultsCacheTtl?: Duration;
/**
* The types of responses the lambda can return
*
* If HttpLambdaResponseType.SIMPLE is included then
* response format 2.0 will be used.
*
* @see https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response
*
* @default [HttpLambdaResponseType.IAM]
*/
readonly responseTypes?: HttpLambdaResponseType[];
/**
* The IAM role that the API Gateway service assumes while invoking the authorizer.
*
* Supported only for REQUEST authorizers.
*
* @default - No role
*/
readonly role?: IRoleRef;
}
/**
* Authorize Http Api routes via a lambda function
*/
export declare class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {
private readonly id;
private readonly handler;
private readonly props;
private authorizer?;
private httpApi?;
/**
* The authorizationType used for Lambda Authorizer
*/
readonly authorizationType = "CUSTOM";
/**
* Initialize a lambda authorizer to be bound with HTTP route.
* @param id The id of the underlying construct
* @param pool The lambda function handler to use for authorization
* @param props Properties to configure the authorizer
*/
constructor(id: string, handler: IFunction, props?: HttpLambdaAuthorizerProps);
/**
* Return the id of the authorizer if it's been constructed
*/
get authorizerId(): string;
bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.HttpLambdaAuthorizer=exports.HttpLambdaResponseType=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp},aws_iam_1=()=>{var tmp=require("../../../aws-iam");return aws_iam_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},HttpLambdaResponseType;(function(HttpLambdaResponseType2){HttpLambdaResponseType2[HttpLambdaResponseType2.SIMPLE=0]="SIMPLE",HttpLambdaResponseType2[HttpLambdaResponseType2.IAM=1]="IAM"})(HttpLambdaResponseType||(exports.HttpLambdaResponseType=HttpLambdaResponseType={}));class HttpLambdaAuthorizer{id;handler;props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.HttpLambdaAuthorizer",version:"2.252.0"};authorizer;httpApi;authorizationType="CUSTOM";constructor(id,handler,props={}){this.id=id,this.handler=handler,this.props=props;try{jsiiDeprecationWarnings().aws_cdk_lib_aws_lambda_IFunction(handler),jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_authorizers_HttpLambdaAuthorizerProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,HttpLambdaAuthorizer),error}}get authorizerId(){if(!this.authorizer)throw new(errors_1()).UnscopedValidationError((0,literal_string_1().lit)`AuthorizerNotAttached`,"Cannot access authorizerId until authorizer is attached to a HttpRoute");return this.authorizer.authorizerId}bind(options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_HttpRouteAuthorizerBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}if(this.httpApi&&this.httpApi.apiId!==options.route.httpApi.apiId)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`CannotAttachSameAuthorizerToMultipleApis`,"Cannot attach the same authorizer to multiple Apis",options.scope);if(!this.authorizer){const enableSimpleResponses=(this.props.responseTypes??[HttpLambdaResponseType.IAM]).includes(HttpLambdaResponseType.SIMPLE)||void 0;this.httpApi=options.route.httpApi,this.authorizer=new(aws_apigatewayv2_1()).HttpAuthorizer(options.scope,this.id,{httpApi:options.route.httpApi,identitySource:this.props.identitySource??["$request.header.Authorization"],type:aws_apigatewayv2_1().HttpAuthorizerType.LAMBDA,authorizerName:this.props.authorizerName??this.id,enableSimpleResponses,payloadFormatVersion:enableSimpleResponses?aws_apigatewayv2_1().AuthorizerPayloadVersion.VERSION_2_0:aws_apigatewayv2_1().AuthorizerPayloadVersion.VERSION_1_0,authorizerUri:lambdaAuthorizerArn(this.handler),resultsCacheTtl:this.props.resultsCacheTtl??core_1().Duration.minutes(5),role:this.props.role}),this.props.role||this.handler.addPermission(`${core_1().Names.nodeUniqueId(this.authorizer.node)}-Permission`,{scope:options.scope,principal:new(aws_iam_1()).ServicePrincipal("apigateway.amazonaws.com"),sourceArn:core_1().Stack.of(options.route).formatArn({service:"execute-api",resource:options.route.httpApi.apiId,resourceName:`authorizers/${this.authorizer.authorizerId}`})})}return{authorizerId:this.authorizer.authorizerId,authorizationType:this.authorizationType}}}exports.HttpLambdaAuthorizer=HttpLambdaAuthorizer;function lambdaAuthorizerArn(handler){return`arn:${core_1().Stack.of(handler).partition}:apigateway:${core_1().Stack.of(handler).region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`}

54
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.d.ts generated vendored Normal file
View File

@@ -0,0 +1,54 @@
import type { HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2';
import type { IUserPool, IUserPoolClient } from '../../../aws-cognito';
/**
* Properties to initialize HttpUserPoolAuthorizer.
*/
export interface HttpUserPoolAuthorizerProps {
/**
* The user pool clients that should be used to authorize requests with the user pool.
* @default - a new client will be created for the given user pool
*/
readonly userPoolClients?: IUserPoolClient[];
/**
* The AWS region in which the user pool is present
* @default - same region as the Route the authorizer is attached to.
*/
readonly userPoolRegion?: string;
/**
* Friendly name of the authorizer
* @default - same value as `id` passed in the constructor
*/
readonly authorizerName?: string;
/**
* The identity source for which authorization is requested.
*
* @default ['$request.header.Authorization']
*/
readonly identitySource?: string[];
}
/**
* Authorize Http Api routes on whether the requester is registered as part of
* an AWS Cognito user pool.
*/
export declare class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer {
private readonly id;
private readonly pool;
private readonly props;
private authorizer?;
/**
* The authorizationType used for UserPool Authorizer
*/
readonly authorizationType = "JWT";
/**
* Initialize a Cognito user pool authorizer to be bound with HTTP route.
* @param id The id of the underlying construct
* @param pool The user pool to use for authorization
* @param props Properties to configure the authorizer
*/
constructor(id: string, pool: IUserPool, props?: HttpUserPoolAuthorizerProps);
/**
* Return the id of the authorizer if it's been constructed
*/
get authorizerId(): string;
bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.HttpUserPoolAuthorizer=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};class HttpUserPoolAuthorizer{id;pool;props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.HttpUserPoolAuthorizer",version:"2.252.0"};authorizer;authorizationType="JWT";constructor(id,pool,props={}){this.id=id,this.pool=pool,this.props=props;try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_IUserPool(pool),jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_authorizers_HttpUserPoolAuthorizerProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,HttpUserPoolAuthorizer),error}}get authorizerId(){if(!this.authorizer)throw new(errors_1()).UnscopedValidationError((0,literal_string_1().lit)`AuthorizerNotAttached`,"Cannot access authorizerId until authorizer is attached to a HttpRoute");return this.authorizer.authorizerId}bind(options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_HttpRouteAuthorizerBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}if(!this.authorizer){const region=this.props.userPoolRegion??core_1().Stack.of(options.scope).region,clients=this.props.userPoolClients??[this.pool.addClient("UserPoolAuthorizerClient")];this.authorizer=new(aws_apigatewayv2_1()).HttpAuthorizer(options.scope,this.id,{httpApi:options.route.httpApi,identitySource:this.props.identitySource??["$request.header.Authorization"],type:aws_apigatewayv2_1().HttpAuthorizerType.JWT,authorizerName:this.props.authorizerName??this.id,jwtAudience:clients.map(c=>c.userPoolClientId),jwtIssuer:`https://cognito-idp.${region}.amazonaws.com/${this.pool.userPoolId}`})}return{authorizerId:this.authorizer.authorizerId,authorizationType:this.authorizationType}}}exports.HttpUserPoolAuthorizer=HttpUserPoolAuthorizer;

2
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,2 @@
export * from './http';
export * from './websocket';

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.HttpUserPoolAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./http").HttpUserPoolAuthorizer;return Object.defineProperty(exports,_noFold="HttpUserPoolAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpJwtAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./http").HttpJwtAuthorizer;return Object.defineProperty(exports,_noFold="HttpJwtAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaResponseType=void 0,Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./http").HttpLambdaResponseType;return Object.defineProperty(exports,_noFold="HttpLambdaResponseType",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./http").HttpLambdaAuthorizer;return Object.defineProperty(exports,_noFold="HttpLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.HttpIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./http").HttpIamAuthorizer;return Object.defineProperty(exports,_noFold="HttpIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.WebSocketLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./websocket").WebSocketLambdaAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.WebSocketIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./websocket").WebSocketIamAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}});

7
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/iam.d.ts generated vendored Normal file
View File

@@ -0,0 +1,7 @@
import type { WebSocketRouteAuthorizerBindOptions, WebSocketRouteAuthorizerConfig, IWebSocketRouteAuthorizer } from '../../../aws-apigatewayv2';
/**
* Authorize WebSocket API Routes with IAM
*/
export declare class WebSocketIamAuthorizer implements IWebSocketRouteAuthorizer {
bind(_options: WebSocketRouteAuthorizerBindOptions): WebSocketRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/iam.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.WebSocketIamAuthorizer=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp};class WebSocketIamAuthorizer{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.WebSocketIamAuthorizer",version:"2.252.0"};bind(_options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_WebSocketRouteAuthorizerBindOptions(_options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}return{authorizationType:aws_apigatewayv2_1().WebSocketAuthorizerType.IAM}}}exports.WebSocketIamAuthorizer=WebSocketIamAuthorizer;

2
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,2 @@
export * from './lambda';
export * from './iam';

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.WebSocketLambdaAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lambda").WebSocketLambdaAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketLambdaAuthorizer",{enumerable:!0,configurable:!0,value}),value}}),exports.WebSocketIamAuthorizer=void 0,Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,get:()=>{var value=require("./iam").WebSocketIamAuthorizer;return Object.defineProperty(exports,_noFold="WebSocketIamAuthorizer",{enumerable:!0,configurable:!0,value}),value}});

34
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.d.ts generated vendored Normal file
View File

@@ -0,0 +1,34 @@
import type { WebSocketRouteAuthorizerBindOptions, WebSocketRouteAuthorizerConfig, IWebSocketRouteAuthorizer } from '../../../aws-apigatewayv2';
import type { IFunction } from '../../../aws-lambda';
/**
* Properties to initialize WebSocketTokenAuthorizer.
*/
export interface WebSocketLambdaAuthorizerProps {
/**
* The name of the authorizer
* @default - same value as `id` passed in the constructor.
*/
readonly authorizerName?: string;
/**
* The identity source for which authorization is requested.
*
* Request parameter match `'route.request.querystring|header.[a-zA-z0-9._-]+'`.
* Staged variable match `'stageVariables.[a-zA-Z0-9._-]+'`.
* Context parameter match `'context.[a-zA-Z0-9._-]+'`.
*
* @default ['route.request.header.Authorization']
*/
readonly identitySource?: string[];
}
/**
* Authorize WebSocket Api routes via a lambda function
*/
export declare class WebSocketLambdaAuthorizer implements IWebSocketRouteAuthorizer {
private readonly id;
private readonly handler;
private readonly props;
private authorizer?;
private webSocketApi?;
constructor(id: string, handler: IFunction, props?: WebSocketLambdaAuthorizerProps);
bind(options: WebSocketRouteAuthorizerBindOptions): WebSocketRouteAuthorizerConfig;
}

1
cdk/node_modules/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.WebSocketLambdaAuthorizer=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var aws_apigatewayv2_1=()=>{var tmp=require("../../../aws-apigatewayv2");return aws_apigatewayv2_1=()=>tmp,tmp},aws_iam_1=()=>{var tmp=require("../../../aws-iam");return aws_iam_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};class WebSocketLambdaAuthorizer{id;handler;props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_apigatewayv2_authorizers.WebSocketLambdaAuthorizer",version:"2.252.0"};authorizer;webSocketApi;constructor(id,handler,props={}){this.id=id,this.handler=handler,this.props=props;try{jsiiDeprecationWarnings().aws_cdk_lib_aws_lambda_IFunction(handler),jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_authorizers_WebSocketLambdaAuthorizerProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,WebSocketLambdaAuthorizer),error}}bind(options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_apigatewayv2_WebSocketRouteAuthorizerBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}if(this.webSocketApi&&this.webSocketApi.apiId!==options.route.webSocketApi.apiId)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`CannotAttachSameAuthorizerToMultipleApis`,"Cannot attach the same authorizer to multiple Apis",options.scope);return this.authorizer||(this.webSocketApi=options.route.webSocketApi,this.authorizer=new(aws_apigatewayv2_1()).WebSocketAuthorizer(options.scope,this.id,{webSocketApi:options.route.webSocketApi,identitySource:this.props.identitySource??["route.request.header.Authorization"],type:aws_apigatewayv2_1().WebSocketAuthorizerType.LAMBDA,authorizerName:this.props.authorizerName??this.id,authorizerUri:lambdaAuthorizerArn(this.handler)}),this.handler.addPermission(`${core_1().Names.nodeUniqueId(this.authorizer.node)}-Permission`,{scope:options.scope,principal:new(aws_iam_1()).ServicePrincipal("apigateway.amazonaws.com"),sourceArn:core_1().Stack.of(options.route).formatArn({service:"execute-api",resource:options.route.webSocketApi.apiId,resourceName:`authorizers/${this.authorizer.authorizerId}`})})),{authorizerId:this.authorizer.authorizerId,authorizationType:"CUSTOM"}}}exports.WebSocketLambdaAuthorizer=WebSocketLambdaAuthorizer;function lambdaAuthorizerArn(handler){return`arn:${core_1().Stack.of(handler).partition}:apigateway:${core_1().Stack.of(handler).region}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`}