fix(apigateway): authorization scope is not added when not explicitly defining authorization type in method or root api #30822
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
bug
moelasmar
approved these changes
Jul 10, 2024
GavinZZ
force-pushed
the
yuanhaoz/revert_api_scope
branch
from
71952fb
to
8260844
Compare
…g auth type in default method options
GavinZZ
force-pushed
the
yuanhaoz/revert_api_scope
branch
from
643efd0
to
348e815
Compare
moelasmar
approved these changes
Jul 10, 2024
GavinZZ
changed the title
|
@mergify update |
✅ Branch has been successfully updated |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
moelasmar
pushed a commit
that referenced
this pull request
Jul 11, 2024
… defining authorization type in method or root api (#30822) ### Issue # (if applicable) Closes #30444 ### Reason for this change The original PR caused a breaking change, we can't rollback because it was released in v2.142.0 and it fixes customers issues (partially). Simply doing a revert will be breaking for those customers again. ### Description of changes Identified the root cause and we should use `AuthorizationType` instead of `AuthorizationTypeOption`. `AuthorizationType` defaults to find the authorization type from the authorizer, falling back to use the auth type defined in the `Method` construct's options property and falling back to `None`. `AuthorizationTypeOptions` on the other hand tries to find the auth type from `Method` construct's options property which can be None because it's optional. ### Description of how you validated changes New unit tests covering the changes and new integration tests covering it. ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
|
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue # (if applicable)
Closes #30444
Reason for this change
The original PR caused a breaking change, we can't rollback because it was released in v2.142.0 and it fixes customers issues (partially). Simply doing a revert will be breaking for those customers again.
Description of changes
Identified the root cause and we should use
AuthorizationTypeinstead ofAuthorizationTypeOption.AuthorizationTypedefaults to find the authorization type from the authorizer, falling back to use the auth type defined in theMethodconstruct's options property and falling back toNone.AuthorizationTypeOptionson the other hand tries to find the auth type fromMethodconstruct's options property which can be None because it's optional.Description of how you validated changes
New unit tests covering the changes and new integration tests covering it.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license