Merge branch 'awslabs:develop' into fix-1025-v2

Michael Brewer · web-flow · commit 7303b2bff9ac · 2022-03-02T14:32:31.000-08:00
diff --git a/.github/workflows/label_pr_on_title.yml b/.github/workflows/label_pr_on_title.yml
@@ -16,7 +16,7 @@ jobs:
       github.event.workflow_run.conclusion == 'success' }}
     steps:
       - name: 'Download artifact'
-        uses: actions/github-script@v5
+        uses: actions/github-script@v6
         # For security, we only download artifacts tied to the successful PR recording workflow
         with:
           script: |
@@ -42,7 +42,7 @@ jobs:
       - run: unzip pr.zip
 
       - name: 'Label PR based on title'
-        uses: actions/github-script@v5
+        uses: actions/github-script@v6
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           # This safely runs in our base repo, not on fork
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -109,7 +109,7 @@ jobs:
         keep_files: true
         destination_dir: latest/api
     - name: Close issues related to this release
-      uses: actions/github-script@v5
+      uses: actions/github-script@v6
       with:
         script: |
           const post_release = require('.github/workflows/post_release.js')
diff --git a/aws_lambda_powertools/event_handler/__init__.py b/aws_lambda_powertools/event_handler/__init__.py
@@ -2,7 +2,14 @@
 Event handler decorators for common Lambda events
 """
 
-from .api_gateway import ALBResolver, APIGatewayHttpResolver, ApiGatewayResolver, APIGatewayRestResolver
+from .api_gateway import ALBResolver, APIGatewayHttpResolver, ApiGatewayResolver, APIGatewayRestResolver, CORSConfig
 from .appsync import AppSyncResolver
 
-__all__ = ["AppSyncResolver", "APIGatewayRestResolver", "APIGatewayHttpResolver", "ALBResolver", "ApiGatewayResolver"]
+__all__ = [
+    "AppSyncResolver",
+    "APIGatewayRestResolver",
+    "APIGatewayHttpResolver",
+    "ALBResolver",
+    "ApiGatewayResolver",
+    "CORSConfig",
+]
diff --git a/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py b/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py
@@ -60,7 +60,8 @@ def parse_api_gateway_arn(arn: str) -> APIGatewayRouteArn:
         api_id=api_gateway_arn_parts[0],
         stage=api_gateway_arn_parts[1],
         http_method=api_gateway_arn_parts[2],
-        resource=api_gateway_arn_parts[3] if len(api_gateway_arn_parts) == 4 else "",
+        # conditional allow us to handle /path/{proxy+} resources, as their length changes.
+        resource="/".join(api_gateway_arn_parts[3:]) if len(api_gateway_arn_parts) >= 4 else "",
     )
 
 
diff --git a/docs/core/event_handler/api_gateway.md b/docs/core/event_handler/api_gateway.md
@@ -537,7 +537,7 @@ You can use **`exception_handler`** decorator with any Python exception. This al
 from aws_lambda_powertools import Logger, Tracer
 from aws_lambda_powertools.logging import correlation_paths
 from aws_lambda_powertools.event_handler import content_types
-from aws_lambda_powertools.event_handler import APIGatewayRestResolver, Response
+from aws_lambda_powertools.event_handler.api_gateway import APIGatewayRestResolver, Response
 
 tracer = Tracer()
 logger = Logger()
@@ -685,7 +685,7 @@ This will ensure that CORS headers are always returned as part of the response w
     ```python hl_lines="9 11"
     from aws_lambda_powertools import Logger, Tracer
     from aws_lambda_powertools.logging import correlation_paths
-    from aws_lambda_powertools.event_handler import APIGatewayRestResolver, CORSConfig
+    from aws_lambda_powertools.event_handler.api_gateway import APIGatewayRestResolver, CORSConfig
 
     tracer = Tracer()
     logger = Logger()
diff --git a/poetry.lock b/poetry.lock
diff --git a/tests/functional/data_classes/test_api_gateway_authorizer.py b/tests/functional/data_classes/test_api_gateway_authorizer.py
@@ -3,6 +3,7 @@
 from aws_lambda_powertools.utilities.data_classes.api_gateway_authorizer_event import (
     DENY_ALL_RESPONSE,
     APIGatewayAuthorizerResponse,
+    APIGatewayAuthorizerTokenEvent,
     HttpVerb,
 )
 
@@ -195,3 +196,26 @@ def test_authorizer_response_allow_route_with_underscore(builder: APIGatewayAuth
             ],
         },
     }
+
+
+def test_parse_api_gateway_arn_with_resource():
+    mock_event = {
+        "type": "TOKEN",
+        "methodArn": "arn:aws:execute-api:us-east-2:1234567890:abcd1234/latest/GET/path/part/part/1",
+        "authorizationToken": "Bearer TOKEN",
+    }
+    event = APIGatewayAuthorizerTokenEvent(mock_event)
+    event_arn = event.parsed_arn
+    assert event_arn.resource == "path/part/part/1"
+
+    authorizer_policy = APIGatewayAuthorizerResponse(
+        principal_id="fooPrinciple",
+        region=event_arn.region,
+        aws_account_id=event_arn.aws_account_id,
+        api_id=event_arn.api_id,
+        stage=event_arn.stage,
+    )
+    authorizer_policy.allow_route(http_method=event_arn.http_method, resource=event_arn.resource)
+    response = authorizer_policy.asdict()
+
+    assert mock_event["methodArn"] == response["policyDocument"]["Statement"][0]["Resource"][0]

Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,8 @@ def parse_api_gateway_arn(arn: str) -> APIGatewayRouteArn:`
`60`	`60`	`api_id=api_gateway_arn_parts[0],`
`61`	`61`	`stage=api_gateway_arn_parts[1],`
`62`	`62`	`http_method=api_gateway_arn_parts[2],`
`63`		`- resource=api_gateway_arn_parts[3] if len(api_gateway_arn_parts) == 4 else "",`
	`63`	`+ # conditional allow us to handle /path/{proxy+} resources, as their length changes.`
	`64`	`+ resource="/".join(api_gateway_arn_parts[3:]) if len(api_gateway_arn_parts) >= 4 else "",`
`64`	`65`	`)`
`65`	`66`
`66`	`67`