cdk v2 cdk-cloudfront-authorization missing httpHeaders

[caevv]

cdk-cloudfront-authorization is throwing the following error:

{
    "errorType": "TypeError",
    "errorMessage": "Cannot convert undefined or null to object",
    "stack": [
        "TypeError: Cannot convert undefined or null to object",
        "    at Function.entries (<anonymous>)",
        "    at asCloudFrontHeaders (/var/task/index.js:8518:19)",
        "    at getConfig (/var/task/index.js:8512:28)",
        "    at Runtime.handler (/var/task/index.js:14932:41)",
        "    at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)"
    ]
}

Seems like due to config.httpHeaders being undefined.

configuration.json

```js { "logLevel": "warn", "redirectPathSignIn": "/parseauth", "redirectPathAuthRefresh": "/refreshauth", "redirectPathSignOut": "/", "userPoolId": "###", "clientId": "###", "oauthScopes": [ "phone", "email", "profile", "openid", "aws.cognito.signin.user.admin" ], "cognitoAuthDomain": "###", "cookieSettings": { "idToken": "Path=/; Secure; SameSite=Lax", "accessToken": "Path=/; Secure; SameSite=Lax", "refreshToken": "Path=/; Secure; SameSite=Lax", "nonce": "Path=/; Secure; HttpOnly; SameSite=Lax" }, "nonceSigningSecret": "N" } ```

CDK

```js // BUCKET const bucket = new s3.Bucket(this, "SiteBucket", { bucketName: siteDomain, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, encryption: s3.BucketEncryption.S3_MANAGED, enforceSSL: true, removalPolicy: RemovalPolicy.RETAIN, }); const userPool = aws_cognito.UserPool.fromUserPoolId( this, `${id}-userpool`, aws_ssm.StringParameter.valueForStringParameter(this, "###") ); const client = userPool.addClient(id + "-web-client", { preventUserExistenceErrors: true, enableTokenRevocation: true, }); const authorization = new SpaAuthorization(this, "Authorization", { userPool, }); const originAccessIdentity = new cloudfront.OriginAccessIdentity(this, "OAI", { comment: `OAI for ${siteDomain} website.`, }); bucket.grantRead(originAccessIdentity); const zone = aws_route53.HostedZone.fromHostedZoneAttributes(this, "Zone", { hostedZoneId: hostedZoneId, zoneName: route53ZoneName, }); const distribution = new cloudfront.Distribution(this, `${id}-distribution`, { domainNames: [siteDomain], certificate: new acm.DnsValidatedCertificate(this, "SiteCertificate", { domainName: siteDomain, hostedZone: zone, region: "us-east-1", // requirement for CloudFront }), defaultRootObject: "index.html", defaultBehavior: authorization.createDefaultBehavior( new aws_cloudfront_origins.S3Origin(bucket, { originAccessIdentity }) ), }); new aws_s3_deployment.BucketDeployment(this, `deploy-with-invalidation`, { sources: [aws_s3_deployment.Source.asset("../ui/build")], destinationBucket: bucket, distribution: distribution, distributionPaths: ["/*"], serverSideEncryption: ServerSideEncryption.AES_256, }); // Route53 alias record for the CloudFront distribution new aws_route53.ARecord(this, "SiteAliasRecord", { recordName: siteDomain, target: aws_route53.RecordTarget.fromAlias(new aws_route53_targets.CloudFrontTarget(distribution)), zone, }); ```

[danielesalvatore]

I confirm the issue is still present in v2.1.0. I just upgraded from cloudcomponents.cdk-cloudfront-authorization==1.50.0 to cloudcomponents.cdk-cloudfront-authorization==2.1.0, and the python StaticSiteAuthorization construct does not accept the http_headers argument.

  authorization = StaticSiteAuthorization(self, "Authorization",
      user_pool=user_pool,
      identity_providers=[_cognito.UserPoolClientIdentityProvider.custom("SSO")],
      http_headers= cdn_http_headers if cdn_http_headers else None
  )

and this is the error I get:

Many thanks for any help you may provide.

[danielesalvatore]

Hello! Is any news about this issue? Thanks!

[danielesalvatore]

Hi @caevv did you find a way to overtake this? Thanks!