search

maciejtreder / serverless-apigw-binary

Serverless plugin for binary files support in AWS Gateway
MIT License
160 stars 33 forks source link

Plugin resetting API Key Source to HEADER #53

Open QuingKhaos opened 5 years ago

QuingKhaos commented 5 years ago

I'm using this plugin with an shared API Gateway and it resets the config of API Key Source back to HEADER

Main serverless.yml which defines and exports the root API:

provider:
  name: aws
  runtime: nodejs8.10
  stage: ${self:custom.config.env}
  region: ${opt:region, '${self:custom.config.region}'}
  stackName: ${self:service.name}-${self:custom.config.env}
  apiName: piximizer-${self:custom.config.env}
  endpointType: regional
  timeout: 30
  memorySize: 256
  versionFunctions: false
  logRetentionInDays: ${self:custom.logRetention.${self:custom.config.env}}
  role: { Fn::GetAtt: [ RoleDefault, Arn ] }
  apiGateway:
    apiKeySourceType: AUTHORIZER

resources:
  Outputs:
    apiGatewayRestApiId:
      Value: { Ref: ApiGatewayRestApi }

    apiGatewayRestApiRootResourceId:
      Value: { Fn::GetAtt: [ ApiGatewayRestApi, RootResourceId ] }

Deploying this one sets the API Key Source correctly to AUTHORIZER

The next service which uses serverless-apigw-binary:

plugins:
- serverless-apigw-binary

custom:
  apigwBinary:
    types:
    - 'image/jpeg'
    - 'image/png'
    - 'image/webp'

provider:
  name: aws
  runtime: nodejs8.10
  stage: ${self:custom.config.env}
  region: ${opt:region, '${self:custom.config.region}'}
  stackName: ${self:service.name}-${self:custom.config.env}
  apiName: piximizer-${self:custom.config.env}
  endpointType: regional
  timeout: 30
  memorySize: 256
  versionFunctions: false
  logRetentionInDays: ${self:custom.logRetention.${self:custom.config.env}}
  role: ${cf:piximizer-tenants-${self:custom.config.env}.roleDefaultArn}

  apiGateway:
    restApiId: ${cf:piximizer-tenants-${self:custom.config.env}.apiGatewayRestApiId}
    restApiRootResourceId: ${cf:piximizer-tenants-${self:custom.config.env}.apiGatewayRestApiRootResourceId}

When I deploy this one, the API Key Source is back to HEADER. Other services which share the same API Gateway don't have this behavior. Only with this plugin.

QuingKhaos commented 5 years ago

So I played a bit, and before issuing the putRestApi i validated it with a getRestApi call:

Response { id: 'xxxx',
  name: 'piximizer-dev',
  createdDate: 2018-07-04T07:42:50.000Z,
  binaryMediaTypes: [ 'image/jpeg', 'image/png', 'image/webp' ],
  apiKeySource: 'AUTHORIZER',
  endpointConfiguration: { types: [ 'REGIONAL' ] } }

The plugin sends the following config to AWS:

Swagger {"swagger":"2.0","info":{"title":"piximizer-dev"},"x-amazon-apigateway-binary-media-types":["image/jpeg","image/png","image/webp"]}

And AWS definitely sets the API Key Source back to HEADER when it is missing in the Swagger input...

Result { id: 'xxxx',
  name: 'piximizer-dev',
  createdDate: 2018-07-04T07:42:50.000Z,
  warnings: [ 'No paths defined for this API.' ],
  binaryMediaTypes: [ 'image/jpeg', 'image/png', 'image/webp' ],
  apiKeySource: 'HEADER',
  endpointConfiguration: { types: [ 'REGIONAL' ] } }
QuingKhaos commented 5 years ago

To clarify this issue, this may happen independently if used in a shared gateway scenario or not.