serverless-apigw-binary icon indicating copy to clipboard operation
serverless-apigw-binary copied to clipboard

Published 20 hours ago verified publisher icon maciejtreder

Plugin resetting API Key Source to HEADER

Open QuingKhaos opened this issue 6 years ago • 3 comments

I'm using this plugin with an shared API Gateway and it resets the config of API Key Source back to HEADER

Main serverless.yml which defines and exports the root API:

provider:
  name: aws
  runtime: nodejs8.10
  stage: ${self:custom.config.env}
  region: ${opt:region, '${self:custom.config.region}'}
  stackName: ${self:service.name}-${self:custom.config.env}
  apiName: piximizer-${self:custom.config.env}
  endpointType: regional
  timeout: 30
  memorySize: 256
  versionFunctions: false
  logRetentionInDays: ${self:custom.logRetention.${self:custom.config.env}}
  role: { Fn::GetAtt: [ RoleDefault, Arn ] }
  apiGateway:
    apiKeySourceType: AUTHORIZER

resources:
  Outputs:
    apiGatewayRestApiId:
      Value: { Ref: ApiGatewayRestApi }

    apiGatewayRestApiRootResourceId:
      Value: { Fn::GetAtt: [ ApiGatewayRestApi, RootResourceId ] }

Deploying this one sets the API Key Source correctly to AUTHORIZER

The next service which uses serverless-apigw-binary:

plugins:
- serverless-apigw-binary

custom:
  apigwBinary:
    types:
    - 'image/jpeg'
    - 'image/png'
    - 'image/webp'

provider:
  name: aws
  runtime: nodejs8.10
  stage: ${self:custom.config.env}
  region: ${opt:region, '${self:custom.config.region}'}
  stackName: ${self:service.name}-${self:custom.config.env}
  apiName: piximizer-${self:custom.config.env}
  endpointType: regional
  timeout: 30
  memorySize: 256
  versionFunctions: false
  logRetentionInDays: ${self:custom.logRetention.${self:custom.config.env}}
  role: ${cf:piximizer-tenants-${self:custom.config.env}.roleDefaultArn}

  apiGateway:
    restApiId: ${cf:piximizer-tenants-${self:custom.config.env}.apiGatewayRestApiId}
    restApiRootResourceId: ${cf:piximizer-tenants-${self:custom.config.env}.apiGatewayRestApiRootResourceId}

When I deploy this one, the API Key Source is back to HEADER. Other services which share the same API Gateway don't have this behavior. Only with this plugin.

QuingKhaos avatar May 06 '19 12:05 QuingKhaos

So I played a bit, and before issuing the putRestApi i validated it with a getRestApi call:

Response { id: 'xxxx',
  name: 'piximizer-dev',
  createdDate: 2018-07-04T07:42:50.000Z,
  binaryMediaTypes: [ 'image/jpeg', 'image/png', 'image/webp' ],
  apiKeySource: 'AUTHORIZER',
  endpointConfiguration: { types: [ 'REGIONAL' ] } }

The plugin sends the following config to AWS:

Swagger {"swagger":"2.0","info":{"title":"piximizer-dev"},"x-amazon-apigateway-binary-media-types":["image/jpeg","image/png","image/webp"]}

And AWS definitely sets the API Key Source back to HEADER when it is missing in the Swagger input...

Result { id: 'xxxx',
  name: 'piximizer-dev',
  createdDate: 2018-07-04T07:42:50.000Z,
  warnings: [ 'No paths defined for this API.' ],
  binaryMediaTypes: [ 'image/jpeg', 'image/png', 'image/webp' ],
  apiKeySource: 'HEADER',
  endpointConfiguration: { types: [ 'REGIONAL' ] } }

QuingKhaos avatar May 06 '19 12:05 QuingKhaos

To clarify this issue, this may happen independently if used in a shared gateway scenario or not.

QuingKhaos avatar May 06 '19 14:05 QuingKhaos