fix: Crash when using an invalid method in open api

samtranslator/swagger/swagger.py

@@ -531,6 +531,17 @@ def set_path_default_authorizer(
             if add_default_auth_to_preflight or normalized_method_name != "options":
                 normalized_method_name = self._normalize_method_name(method_name)
                 # It is possible that the method could have two definitions in a Fn::If block.
+
+                # check for valid methods
+                if normalized_method_name.upper() not in self._ALL_HTTP_METHODS:
+                    raise InvalidDocumentException(
+                        [
+                            InvalidTemplateException(
+                                "Path '{}' contains method '{}' which is not a supported method {}".format(path, method_name, self._ALL_HTTP_METHODS)
+                            )
+                        ]
+                    )
+
                 for method_definition in self.get_method_contents(self.get_path(path)[normalized_method_name]):
 
                     # If no integration given, then we don't need to process this definition (could be AWS::NoValue)

tests/translator/input/error_api_with_invalid_path_object.yaml

@@ -0,0 +1,47 @@
+Globals:
+  Api:
+    Name: "some api"
+    Variables:
+      SomeVar: Value
+    Auth:
+      DefaultAuthorizer: MyCognitoAuth
+      Authorizers:
+        MyCognitoAuth:
+          UserPoolArn: !GetAtt MyUserPool.Arn
+
+Resources:
+  ImplicitApiFunction:
+    Type: AWS::Serverless::Function
+    Properties:
+      CodeUri: s3://sam-demo-bucket/member_portal.zip
+      Handler: index.gethtml
+      Runtime: nodejs12.x
+
+  ExplicitApi:
+    Type: AWS::Serverless::Api
+    Properties:
+      StageName: SomeStage
+      DefinitionBody:
+        swagger: 2.0
+        paths:
+          "/a":
+            SomeInvalidKey:
+              x-amazon-apigateway-integration:
+                httpMethod: POST
+                type: aws_proxy
+                uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${ImplicitApiFunction.Arn}/invocations
+              responses: {}
+
+  MyUserPool:
+    Type: AWS::Cognito::UserPool
+    Properties:
+      UserPoolName: UserPoolName
+      Policies:
+        PasswordPolicy:
+          MinimumLength: 8
+      UsernameAttributes:
+        - email
+      Schema:
+        - AttributeDataType: String
+          Name: email
+          Required: false

tests/translator/input/error_invalid_method_definition.yaml

@@ -42,7 +42,7 @@ Resources:
                 description: Application domain
                 type: string
                 required: true
-            tags:
+            options:
               - InvalidMethodDefinition
             get:
               x-amazon-apigateway-integration:

tests/translator/output/error_api_with_invalid_path_object.json

@@ -0,0 +1,3 @@
+{
+  "errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. Path '/command' contains method 'Auth' which is not a supported method ['OPTIONS', 'GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'PATCH']"
+}