feat(@aws-amplify/datastore): support lambda authorizers

aws-amplify · Jul 23, 2021 · 7aeacde · 7aeacde
1 parent 00f0135
commit 7aeacde
Show file tree

Hide file tree

Showing 12 changed files with 447 additions and 915 deletions.
diff --git a/packages/api-graphql/src/GraphQLAPI.ts b/packages/api-graphql/src/GraphQLAPI.ts
@@ -186,6 +186,7 @@ export class GraphQLAPIClass {
 				headers = {
 					Authorization: additionalHeaders.Authorization,
 				};
+				break;
 			default:
 				headers = {
 					Authorization: null,

diff --git a/packages/datastore/__tests__/authStrategies.test.ts b/packages/datastore/__tests__/authStrategies.test.ts
@@ -10,6 +10,11 @@ import { NAMESPACES } from '../src/util';
 describe('Auth Strategies', () => {
 	describe('multiAuthStrategy', () => {
 		const rules = {
+			function: {
+				provider: ModelAttributeAuthProvider.FUNCTION,
+				allow: ModelAttributeAuthAllow.CUSTOM,
+				operations: ['create', 'update', 'delete', 'read'],
+			},
 			owner: {
 				provider: ModelAttributeAuthProvider.USER_POOLS,
 				ownerField: 'owner',
@@ -68,6 +73,21 @@ describe('Auth Strategies', () => {
 			},
 		};
 
+		test('function', async () => {
+			const authRules = [rules.function];
+			await testMultiAuthStrategy({
+				authRules,
+				hasAuthenticatedUser: true,
+				result: ['AWS_LAMBDA'],
+			});
+
+			await testMultiAuthStrategy({
+				authRules,
+				hasAuthenticatedUser: false,
+				result: ['AWS_LAMBDA'],
+			});
+		});
+
 		test('owner', async () => {
 			const authRules = [rules.owner];
 			await testMultiAuthStrategy({
@@ -353,6 +373,31 @@ describe('Auth Strategies', () => {
 			});
 		});
 
+		test('function/owner/public IAM/API key', async () => {
+			const authRules = [
+				rules.function,
+				rules.owner,
+				rules.publicIAM,
+				rules.publicAPIKeyExplicit,
+			];
+			await testMultiAuthStrategy({
+				authRules,
+				hasAuthenticatedUser: true,
+				result: [
+					'AWS_LAMBDA',
+					'AMAZON_COGNITO_USER_POOLS',
+					'AWS_IAM',
+					'API_KEY',
+				],
+			});
+
+			await testMultiAuthStrategy({
+				authRules,
+				hasAuthenticatedUser: false,
+				result: ['AWS_LAMBDA', 'AWS_IAM', 'API_KEY'],
+			});
+		});
+
 		test('duplicates', async () => {
 			const authRules = [
 				rules.owner,

diff --git a/packages/datastore/__tests__/helpers.ts b/packages/datastore/__tests__/helpers.ts
@@ -1,4 +1,10 @@
-import { ModelInit, MutableModel, Schema, InternalSchema } from '../src/types';
+import {
+	ModelInit,
+	MutableModel,
+	Schema,
+	InternalSchema,
+	SchemaModel,
+} from '../src/types';
 
 export declare class Model {
 	public readonly id: string;