feat(apigatewayv2): http api - jwt and cognito user pool authorizers

[iRoachie]

Part 1 of the work needed to make #10534 happen.

• Also not sure if a partial L2 is possible as I didn't implement all the properties.
• Also not sure if I should rename it to just Authorizer (wasn't sure if it clashed with v1 authorizers)

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[gitpod-io]

[iRoachie]

@shivlaks Can you take a look at this?

[nija-at]

Thanks for submitting this PR! Please find my first round of comments below -

Also not sure if a partial L2 is possible as I didn't implement all the properties.

It's not necessary to implement all properties. We're ok with taking in PRs that don't implement all functionality.

However, it should be possible to set a very minimal authorizer up. It seems in your case, customers won't be able to set the authorizer up since they can't yet connect the authorizer to the route. This is necessary in this PR.

Also not sure if I should rename it to just Authorizer (wasn't sure if it clashed with v1 authorizers)

They're in separate modules. No collision.

Pull request has been modified.

[iRoachie]

@nija-at authorizerType is needed by CfnRouteProps. What's the best way to make this available?

I was thinking to expose authorizerType on IAuthorizer, but unsure how to change my Import class in fromAuthorizerId to accommodate this. Would I have to use fromAattributes here instead?

[ayush987goyal]

@iRoachie Thanks for this! Will it be possible for you to add an integration test for this?

[iRoachie]

Just for reference, this is PR has in more changes now

• Adds L2 support for CfnAuthorizer
• Allows adding authorizer, authorizationScopes to Route
• Allows adding authorizer, authorizationScopes to Route through HttpApi.addRoutes

[iRoachie]

@ayush987goyal Sureeeee as soon as I find out how to do so

[iRoachie]

How would I go about doing this? First time having to do an integration test

[ayush987goyal]

You can take a look to the v1 authorizer integration test here. Also read the contribution guide around integration tests.

[nija-at]

@nija-at authorizerType is needed by CfnRouteProps. What's the best way to make this available?

You can define this within each type of authorizer and access it within the HttpRoute class. The Authorizer will be passed a property to HttpRouteProps.

[iRoachie]

@ayush987goyal I made and ran the integration test. Let me know if I need to change anything

[iRoachie]

@nija-at Lemme know if everything is good after regarding your review

[iRoachie]

Okay outside of tests and docs, let me know if there's anything in the implementation that needs changing.

[nija-at]

Thanks for picking this back up. Took a quick scan through the code.

Pull request has been modified.

[iRoachie]

@nija-at changes made

[nija-at]

@iRoachie - the build is failing. can you take a look?

Besides that, just small updates to the README. Otherwise, looks good.

Pull request has been modified.

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
• Commit ID: 9a46843
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[iRoachie]

Finally green 😅 needed to add the Authorizer package to monocdk, decdk and aws-cdk-lib.

[mergify]

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).