incorporate review comments, fix typo in the README, add condition fo…

…r printWarning call and update the log message inthe printWarning call
awslabs · Jul 18, 2024 · b9512e4 · b9512e4
1 parent f5d5f85
commit b9512e4
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 6 deletions.
diff --git a/source/patterns/@aws-solutions-constructs/aws-apigatewayv2websocket-sqs/README.md b/source/patterns/@aws-solutions-constructs/aws-apigatewayv2websocket-sqs/README.md
@@ -104,7 +104,7 @@ new ApiGatewayV2WebSocketToSqs(this, "ApiGatewayV2WebSocketToSqsPattern", new Ap
 |maxReceiveCount|`number`|The number of times a message can be unsuccessfully dequeued before being moved to the dead-letter queue.|
 |createDefaultRoute?|`boolean`|Whether to create the default route (`$default`) on the WebSocket.|
 |defaultRouteRequestTemplate?|`{ [contentType: string]: string }`|Optional API Gateway Request Template for the default route. This property will only be used if createDefaultRoute is `true`. If createDefaultRoute is `true` and this property is not provided, the construct will create the default route with the following VTL configuration `"Action=SendMessage&MessageGroupId=$input.path('$.MessageGroupId')&MessageDeduplicationId=$context.requestId&MessageAttribute.1.Name=connectionId&MessageAttribute.1.Value.StringValue=$context.connectionId&MessageAttribute.1.Value.DataType=String&MessageAttribute.2.Name=requestId&MessageAttribute.2.Value.StringValue=$context.requestId&MessageAttribute.2.Value.DataType=String&MessageBody=$util.urlEncode($input.json($util.escapeJavaScript('$').replaceAll(\"\\\\'\",\"'\")))"`.|
-|createDefaultRoute?|`boolean`|Add IAM authorization to the $connect path by default. Only set to false if: 1) If plan to provide an authorizer with the `$connect` route; or 2) The API should be open (no authorization) (AWS recommends against deploying unprotected APIs). If an authorizer is specified in connectRouteOptions, this parameter is ignored and no default IAM authorizer will be created. |
+|createDefaultRoute?|`boolean`|Add IAM authorization to the $connect path by default. Only set this to false if: 1) If plan to provide an authorizer with the `$connect` route; or 2) The API should be open (no authorization) (AWS recommends against deploying unprotected APIs). If an authorizer is specified in connectRouteOptions, this parameter is ignored and no default IAM authorizer will be created. |
 
 
 ## Pattern Properties

diff --git a/source/patterns/@aws-solutions-constructs/aws-apigatewayv2websocket-sqs/lib/index.ts b/source/patterns/@aws-solutions-constructs/aws-apigatewayv2websocket-sqs/lib/index.ts
@@ -106,7 +106,7 @@ export interface ApiGatewayV2WebSocketToSqsProps {
    */
   readonly createDefaultRoute?: boolean;
   /**
-   * Add IAM authorization to the $connect path by default. Only set to false if: 1) If plan to provide an authorizer with
+   * Add IAM authorization to the $connect path by default. Only set this to false if: 1) If plan to provide an authorizer with
    * the `$connect` route; or 2) The API should be open (no authorization) (AWS recommends against deploying unprotected APIs).
    *
    * If an authorizer is specified in connectRouteOptions, this parameter is ignored and no default IAM authorizer will be created

diff --git a/source/patterns/@aws-solutions-constructs/core/lib/websocket-api-helper.ts b/source/patterns/@aws-solutions-constructs/core/lib/websocket-api-helper.ts
@@ -176,7 +176,9 @@ export function buildWebSocketApiProps(
     defaultRouteOptions: createDefaultRoute ? buildWebSocketQueueRouteOptions(role!, sqsQueue!, requestTemplate) : undefined,
     connectRouteOptions: (defaultIamAuthorization === undefined || defaultIamAuthorization === true) ? connectRouteOptions : undefined
   };
-  printWarning("defaultIamAuthorization is set to false. This construct will not add any authorizers. If this is not the case, please pass the `connectRouteOptions` with an authorizer or call `addRoute` on the websocket endpoint and provide the `$connect` configuration with an authorizer");
+  if (defaultIamAuthorization === false) {
+    printWarning("defaultIamAuthorization is set to false. This construct will not add any authorizers. If this is not the case, please pass the `connectRouteOptions` with an authorizer or call `addRoute` on the websocket endpoint and provide the `$connect` configuration with an authorizer.");
+  }
   return websocketApiProps;
 }
 

diff --git a/source/patterns/@aws-solutions-constructs/core/test/websocket-api-helper.test.ts b/source/patterns/@aws-solutions-constructs/core/test/websocket-api-helper.test.ts
@@ -25,6 +25,7 @@ import {
   connectRouteOptions,
   DEFAULT_ROUTE_QUEUE_VTL_CONFIG,
 } from "..";
+import * as utils from '../lib/utils';
 
 test("creates API Gateway role and grants permissions and apigateway stage setup", () => {
   const app = new cdk.App();
@@ -265,10 +266,10 @@ test("buildWebSocketApiProps creates correct WebSocket API props", () => {
   const propsWithoutDefaultRoute = buildWebSocketApiProps(role, queue, false);
   expect(propsWithoutDefaultRoute.defaultRouteOptions).toBeUndefined();
 
-  expect(() => buildWebSocketApiProps(role, undefined as any, true)).toThrowError(
+  expect(() => buildWebSocketApiProps(role, undefined, true)).toThrowError(
     "role and sqs must be provided to create a default route"
   );
-  expect(() => buildWebSocketApiProps(undefined as any, queue, true)).toThrowError(
+  expect(() => buildWebSocketApiProps(undefined, queue, true)).toThrowError(
     "role and sqs must be provided to create a default route"
   );
 });
@@ -324,12 +325,13 @@ test("buildWebSocketQueueApi with defaultIamAuthorization is set to false", () =
   const app = new cdk.App();
   const stack = new cdk.Stack(app, "TestStack");
   const queue = new sqs.Queue(stack, "TestQueue");
+  const printWarningSpy = jest.spyOn(utils, 'printWarning');
 
   // not supplying authorizer with $connect with the expectation that the synthesized stack with add
   // an authorizer because defaultIamAuthorization is not set to false.
   buildWebSocketQueueApi(stack, "TestApi", {
     queue,
-    createDefaultRoute: true,
+    createDefaultRoute: false,
     webSocketApiProps: {
       connectRouteOptions: {
         integration: new WebSocketMockIntegration("user-created-mock")
@@ -347,4 +349,8 @@ test("buildWebSocketQueueApi with defaultIamAuthorization is set to false", () =
       "Fn::Join": ["", ["integrations/", { Ref: Match.stringLikeRegexp("WebSocketApiTestApiconnectRouteusercreatedmock") }]],
     },
   });
+
+  expect(printWarningSpy).toBeCalledWith(
+    "defaultIamAuthorization is set to false. This construct will create a WebSocket with NO Authorizer.");
+  printWarningSpy.mockRestore();
 });