Open caevv opened 2 years ago
I confirm the issue is still present in v2.1.0
.
I just upgraded from cloudcomponents.cdk-cloudfront-authorization==1.50.0
to cloudcomponents.cdk-cloudfront-authorization==2.1.0
, and the python StaticSiteAuthorization
construct does not accept the http_headers
argument.
authorization = StaticSiteAuthorization(self, "Authorization",
user_pool=user_pool,
identity_providers=[_cognito.UserPoolClientIdentityProvider.custom("SSO")],
http_headers= cdn_http_headers if cdn_http_headers else None
)
and this is the error I get:
Many thanks for any help you may provide.
Hello! Is any news about this issue? Thanks!
Hi @caevv did you find a way to overtake this? Thanks!
cdk-cloudfront-authorization
is throwing the following error:Seems like due to
config.httpHeaders
being undefined.configuration.json
```js { "logLevel": "warn", "redirectPathSignIn": "/parseauth", "redirectPathAuthRefresh": "/refreshauth", "redirectPathSignOut": "/", "userPoolId": "###", "clientId": "###", "oauthScopes": [ "phone", "email", "profile", "openid", "aws.cognito.signin.user.admin" ], "cognitoAuthDomain": "###", "cookieSettings": { "idToken": "Path=/; Secure; SameSite=Lax", "accessToken": "Path=/; Secure; SameSite=Lax", "refreshToken": "Path=/; Secure; SameSite=Lax", "nonce": "Path=/; Secure; HttpOnly; SameSite=Lax" }, "nonceSigningSecret": "N" } ```CDK
```js // BUCKET const bucket = new s3.Bucket(this, "SiteBucket", { bucketName: siteDomain, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, encryption: s3.BucketEncryption.S3_MANAGED, enforceSSL: true, removalPolicy: RemovalPolicy.RETAIN, }); const userPool = aws_cognito.UserPool.fromUserPoolId( this, `${id}-userpool`, aws_ssm.StringParameter.valueForStringParameter(this, "###") ); const client = userPool.addClient(id + "-web-client", { preventUserExistenceErrors: true, enableTokenRevocation: true, }); const authorization = new SpaAuthorization(this, "Authorization", { userPool, }); const originAccessIdentity = new cloudfront.OriginAccessIdentity(this, "OAI", { comment: `OAI for ${siteDomain} website.`, }); bucket.grantRead(originAccessIdentity); const zone = aws_route53.HostedZone.fromHostedZoneAttributes(this, "Zone", { hostedZoneId: hostedZoneId, zoneName: route53ZoneName, }); const distribution = new cloudfront.Distribution(this, `${id}-distribution`, { domainNames: [siteDomain], certificate: new acm.DnsValidatedCertificate(this, "SiteCertificate", { domainName: siteDomain, hostedZone: zone, region: "us-east-1", // requirement for CloudFront }), defaultRootObject: "index.html", defaultBehavior: authorization.createDefaultBehavior( new aws_cloudfront_origins.S3Origin(bucket, { originAccessIdentity }) ), }); new aws_s3_deployment.BucketDeployment(this, `deploy-with-invalidation`, { sources: [aws_s3_deployment.Source.asset("../ui/build")], destinationBucket: bucket, distribution: distribution, distributionPaths: ["/*"], serverSideEncryption: ServerSideEncryption.AES_256, }); // Route53 alias record for the CloudFront distribution new aws_route53.ARecord(this, "SiteAliasRecord", { recordName: siteDomain, target: aws_route53.RecordTarget.fromAlias(new aws_route53_targets.CloudFrontTarget(distribution)), zone, }); ```