Skip to content

Commit

Permalink
fix(apigatewayv2): error while configuring ANY as an allowed method i…
Browse files Browse the repository at this point in the history
…n CORS (#13313)

API gateway expects `*` to represent `ANY` HTTP method. `HttpMethod` enum doesn't 
have a value for that, thus causing errors when passing  `HttpMethod` 's `ANY` option.

This commit introduces `CorsHttpMethod` enum which has a proper `ANY` mapping to `*`.

Closes #13280.
Closes #13643.

BREAKING CHANGE: The type of `allowMethods` property under `corsPreflight`
section is changed from `HttpMethod` to `CorsHttpMethod`.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
robertd authored Mar 22, 2021
1 parent ffb0cc7 commit 34bb338
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 5 deletions.
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ The `corsPreflight` option lets you specify a CORS configuration for an API.
new HttpApi(stack, 'HttpProxyApi', {
corsPreflight: {
allowHeaders: ['Authorization'],
allowMethods: [HttpMethod.GET, HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.POST],
allowMethods: [CorsHttpMethod.GET, CorsHttpMethod.HEAD, CorsHttpMethod.OPTIONS, CorsHttpMethod.POST],
allowOrigins: ['*'],
maxAge: Duration.days(10),
},
Expand Down
24 changes: 23 additions & 1 deletion packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,28 @@ export interface HttpApiProps {
readonly defaultAuthorizationScopes?: string[];
}

/**
* Supported CORS HTTP methods
*/
export enum CorsHttpMethod{
/** HTTP ANY */
ANY = '*',
/** HTTP DELETE */
DELETE = 'DELETE',
/** HTTP GET */
GET = 'GET',
/** HTTP HEAD */
HEAD = 'HEAD',
/** HTTP OPTIONS */
OPTIONS = 'OPTIONS',
/** HTTP PATCH */
PATCH = 'PATCH',
/** HTTP POST */
POST = 'POST',
/** HTTP PUT */
PUT = 'PUT',
}

/**
* Options for the CORS Configuration
*/
Expand All @@ -119,7 +141,7 @@ export interface CorsPreflightOptions {
* Represents a collection of allowed HTTP methods.
* @default - No Methods are allowed.
*/
readonly allowMethods?: HttpMethod[];
readonly allowMethods?: CorsHttpMethod[];

/**
* Represents a collection of allowed origins.
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigatewayv2/lib/http/route.ts
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ export class HttpRouteKey {
if (path !== '/' && (!path.startsWith('/') || path.endsWith('/'))) {
throw new Error('path must always start with a "/" and not end with a "/"');
}
return new HttpRouteKey(`${method ?? 'ANY'} ${path}`, path);
return new HttpRouteKey(`${method ?? HttpMethod.ANY} ${path}`, path);
}

/**
Expand Down
5 changes: 3 additions & 2 deletions packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { Metric } from '@aws-cdk/aws-cloudwatch';
import * as ec2 from '@aws-cdk/aws-ec2';
import { Duration, Stack } from '@aws-cdk/core';
import {
CorsHttpMethod,
HttpApi, HttpAuthorizer, HttpAuthorizerType, HttpIntegrationType, HttpMethod, HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig,
HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig, IHttpRouteAuthorizer, IHttpRouteIntegration, HttpNoneAuthorizer, PayloadFormatVersion,
} from '../../lib';
Expand Down Expand Up @@ -106,7 +107,7 @@ describe('HttpApi', () => {
new HttpApi(stack, 'HttpApi', {
corsPreflight: {
allowHeaders: ['Authorization'],
allowMethods: [HttpMethod.GET, HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.POST],
allowMethods: [CorsHttpMethod.GET, CorsHttpMethod.HEAD, CorsHttpMethod.OPTIONS, CorsHttpMethod.POST, CorsHttpMethod.ANY],
allowOrigins: ['*'],
maxAge: Duration.seconds(36400),
},
Expand All @@ -115,7 +116,7 @@ describe('HttpApi', () => {
expect(stack).toHaveResource('AWS::ApiGatewayV2::Api', {
CorsConfiguration: {
AllowHeaders: ['Authorization'],
AllowMethods: ['GET', 'HEAD', 'OPTIONS', 'POST'],
AllowMethods: ['GET', 'HEAD', 'OPTIONS', 'POST', '*'],
AllowOrigins: ['*'],
MaxAge: 36400,
},
Expand Down

0 comments on commit 34bb338

Please sign in to comment.