From 4e2541e7fb88971b28739184208f2265d7551372 Mon Sep 17 00:00:00 2001 From: Mikael Vesavuori Date: Thu, 19 Jan 2023 12:58:08 +0100 Subject: [PATCH] fix(cors): ensure there are proper working CORS; add multiple authorizers so GET and POST methods are covered by individual ones with header/query param input --- diagrams/cfn-diagram.drawio | 2 +- package-lock.json | 6 ++--- package.json | 2 +- serverless.yml | 33 ++++++++++++++++++++++++---- src/infrastructure/frameworks/end.ts | 6 ++++- 5 files changed, 39 insertions(+), 10 deletions(-) diff --git a/diagrams/cfn-diagram.drawio b/diagrams/cfn-diagram.drawio index e287688..77092e8 100644 --- a/diagrams/cfn-diagram.drawio +++ b/diagrams/cfn-diagram.drawio @@ -1,5 +1,5 @@ - + \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 5c3d9b8..8017023 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,16 +1,16 @@ { "name": "gitmetrix", - "version": "2.0.0", + "version": "2.0.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "gitmetrix", - "version": "2.0.0", + "version": "2.0.1", "license": "MIT", "dependencies": { "@aws-sdk/client-dynamodb": "3", - "chrono-utils": "^1.0.1", + "chrono-utils": "1", "mikrolog": "2", "mikrometric": "1" }, diff --git a/package.json b/package.json index 9d7fcc7..d48e186 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "gitmetrix", "description": "Helps you find your team-level engineering metrics", - "version": "2.0.0", + "version": "2.0.1", "author": "Mikael Vesavuori", "license": "MIT", "keywords": [ diff --git a/serverless.yml b/serverless.yml index 359b507..ba5ac58 100644 --- a/serverless.yml +++ b/serverless.yml @@ -42,9 +42,14 @@ custom: apiGatewayCachingTtlValue: ${self:custom.aws.apiGatewayCachingTtl.${self:provider.stage}, self:custom.aws.apiGatewayCachingTtl.test} # See: https://forum.serverless.com/t/api-gateway-custom-authorizer-caching-problems/4695 functions: - Authorizer: + AuthorizerGet: handler: src/infrastructure/authorizers/Authorizer.handler - description: ${self:service} authorizer + description: ${self:service} authorizer for getting metrics + environment: + AUTH_TOKEN: ${self:custom.config.authToken} + AuthorizerAdd: + handler: src/infrastructure/authorizers/Authorizer.handler + description: ${self:service} authorizer for adding metrics environment: AUTH_TOKEN: ${self:custom.config.authToken} GetMetrics: @@ -55,10 +60,20 @@ functions: method: GET path: /metrics authorizer: - name: Authorizer + name: AuthorizerGet resultTtlInSeconds: ${self:custom.aws.apiGatewayCachingTtlValue} identitySource: method.request.header.Authorization type: request + cors: + origin: '*' + methods: + - GET + headers: + - Content-Type + - Authorization + - Access-Control-Allow-Origin + - Access-Control-Allow-Credentials + - Vary iamRoleStatements: - Effect: 'Allow' Action: @@ -76,10 +91,20 @@ functions: method: POST path: /metrics authorizer: - name: Authorizer + name: AuthorizerAdd resultTtlInSeconds: ${self:custom.aws.apiGatewayCachingTtlValue} identitySource: method.request.querystring.authorization type: request + cors: + origin: '*' + methods: + - POST + headers: + - Content-Type + - Authorization + - Access-Control-Allow-Origin + - Access-Control-Allow-Credentials + - Vary iamRoleStatements: - Effect: 'Allow' Action: diff --git a/src/infrastructure/frameworks/end.ts b/src/infrastructure/frameworks/end.ts index 842a152..83219dd 100644 --- a/src/infrastructure/frameworks/end.ts +++ b/src/infrastructure/frameworks/end.ts @@ -6,6 +6,10 @@ export function end(statusCode = 201, message?: Record | number | s return { statusCode, - body: JSON.stringify(message) + body: JSON.stringify(message), + headers: { + 'Access-Control-Allow-Origin': '*', + 'Access-Control-Allow-Credentials': true + } }; }