Merge pull request #213 from aws-amplify/main

release: v3.0.5
aws-amplify · Mar 9, 2023 · 0db2902 · 0db2902
2 parents 24b3eda + 04ef946
commit 0db2902
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 10 deletions.
diff --git a/__tests__/AmplifyMapLibreRequest.test.ts b/__tests__/AmplifyMapLibreRequest.test.ts
@@ -43,6 +43,19 @@ describe("AmplifyMapLibreRequest", () => {
     );
   });
 
+  test("transformRequest throws an error when url is invalid", () => {
+    const mockCreds = {
+      accessKeyId: "accessKeyId",
+      sessionToken: "sessionTokenId",
+      secretAccessKey: "secretAccessKey",
+      identityId: "identityId",
+      authenticated: true,
+      expiration: new Date(),
+    };
+    const amplifyRequest = new AmplifyMapLibreRequest(mockCreds, "us-west-2");
+    expect(() => amplifyRequest.transformRequest("example", "any")).toThrow();
+  });
+
   test("transformRequest returns undefined for non amazon and malicious urls", () => {
     const mockCreds = {
       accessKeyId: "accessKeyId",
@@ -63,6 +76,46 @@ describe("AmplifyMapLibreRequest", () => {
     expect(request.url).toContain("x-amz-user-agent");
   });
 
+  test("transformRequest appends query params to existing query params if any", () => {
+    const mockCreds = {
+      accessKeyId: "accessKeyId",
+      sessionToken: "sessionTokenId",
+      secretAccessKey: "secretAccessKey",
+      identityId: "identityId",
+      authenticated: true,
+      expiration: new Date(),
+    };
+    const amplifyRequest = new AmplifyMapLibreRequest(mockCreds, "us-west-2");
+
+    let request = amplifyRequest.transformRequest("http://maps.geo.us-east-1.amazonaws.com?tsi=0", "any");
+    const queryStringStartIndex = request.url.indexOf('?');
+    const anotherQueryStringStartIndexExists = request.url.indexOf('?', queryStringStartIndex + 1) !== -1;
+    expect(anotherQueryStringStartIndexExists).toEqual(false);
+
+    let searchParams = new URL(request.url).searchParams;
+    expect(searchParams.has('tsi')).toBe(true);
+    expect(searchParams.has('x-amz-user-agent')).toBe(true);
+
+    request = amplifyRequest.transformRequest("http://maps.geo.us-east-1.amazonaws.com", "any");
+    searchParams = new URL(request.url).searchParams;
+    expect(searchParams.has('x-amz-user-agent')).toBe(true);
+
+    request = amplifyRequest.transformRequest("http://maps.geo.us-east-1.amazonaws.com?", "any");
+    searchParams = new URL(request.url).searchParams;
+    expect(searchParams.has('x-amz-user-agent')).toBe(true);
+
+    request = amplifyRequest.transformRequest("http://maps.geo.us-east-1.amazonaws.com?param1=1&", "any");
+    searchParams = new URL(request.url).searchParams;
+    expect(searchParams.has('param1')).toBe(true);
+    expect(searchParams.has('x-amz-user-agent')).toBe(true);
+
+    request = amplifyRequest.transformRequest("http://maps.geo.us-east-1.amazonaws.com?param1=1&param2=2", "any");
+    searchParams = new URL(request.url).searchParams;
+    expect(searchParams.has('param1')).toBe(true);
+    expect(searchParams.has('param2')).toBe(true);
+    expect(searchParams.has('x-amz-user-agent')).toBe(true);
+  });
+
   test("transformRequest queries Amazon Location Service for Style requests and adds sigv4 auth", () => {
     const mockCreds = {
       accessKeyId: "accessKeyId",

diff --git a/src/AmplifyMapLibreRequest.ts b/src/AmplifyMapLibreRequest.ts
@@ -103,29 +103,29 @@ export default class AmplifyMapLibreRequest {
 
   /**
    * A callback function that can be passed to a maplibre map object that is run before the map makes a request for an external URL. This transform request is used to sign the request with AWS Sigv4 Auth. [https://maplibre.org/maplibre-gl-js-docs/api/map/](https://maplibre.org/maplibre-gl-js-docs/api/map/)
-   * @param {string} url The function to use as a render function. This function accepts a single [Carmen GeoJSON](https://github.com/mapbox/carmen/blob/master/carmen-geojson.md) object as input and returns a string.
-   * @param {string} resourceType The function to use as a render function. This function accepts a single [Carmen GeoJSON](https://github.com/mapbox/carmen/blob/master/carmen-geojson.md) object as input and returns a string.
+   * @param {string} url
+   * @param {string} resourceType
    * @returns {RequestParameters} [https://maplibre.org/maplibre-gl-js-docs/api/properties/#requestparameters](https://maplibre.org/maplibre-gl-js-docs/api/properties/#requestparameters)
    */
   transformRequest = (url: string, resourceType: string): RequestParameters => {
+    let styleUrl = url;
     if (resourceType === "Style" && !url.includes("://")) {
       if (this.region == undefined) {
         throw new Error(
           "AWS region for map is undefined. Please verify that the region is set in aws-exports.js or that you are providing an AWS region parameter to createMap"
         );
       }
-      url = `https://maps.geo.${this.region}.amazonaws.com/maps/v0/maps/${url}/style-descriptor`;
+      styleUrl = `https://maps.geo.${this.region}.amazonaws.com/maps/v0/maps/${url}/style-descriptor`;
     }
 
-    if (new URL(url).hostname.endsWith(".amazonaws.com")) {
+    const urlObject = new URL(styleUrl);
+    if (urlObject.hostname.endsWith(".amazonaws.com")) {
       // only sign AWS requests (with the signature as part of the query string)
-      const urlWithUserAgent =
-        url +
-        `?x-amz-user-agent=${encodeURIComponent(
-          urlEncodePeriods(getAmplifyUserAgent())
-        )}`;
+      urlObject.searchParams.append('x-amz-user-agent', encodeURIComponent(
+        urlEncodePeriods(getAmplifyUserAgent())
+      ));
       return {
-        url: Signer.signUrl(urlWithUserAgent, {
+        url: Signer.signUrl(urlObject.href, {
           access_key: this.credentials.accessKeyId,
           secret_key: this.credentials.secretAccessKey,
           session_token: this.credentials.sessionToken,