feat(apigatewayv2-authorizers): throw ValidationError instead of untyped errors (#33076)

HBobertz · web-flow · commit dd34d2e32860 · 2025-01-24T05:02:35.000Z
### Issue `aws-apigatewayv2-authorizers` for #32569 ### Description of changes ValidationErrors everywhere ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Existing tests. Exemptions granted as this is basically a refactor of existing code. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/aws-cdk-lib/.eslintrc.js b/packages/aws-cdk-lib/.eslintrc.js
@@ -25,6 +25,7 @@ const enableNoThrowDefaultErrorIn = [
   'aws-ssmcontacts',
   'aws-ssmincidents',
   'aws-ssmquicksetup',
+  'aws-apigatewayv2-authorizers',
   'aws-synthetics',
   'aws-s3-assets',
   'aws-s3-deployment',
diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts
@@ -5,6 +5,7 @@ import {
   HttpRouteAuthorizerConfig,
   IHttpRouteAuthorizer,
 } from '../../../aws-apigatewayv2';
+import { UnscopedValidationError } from '../../../core/lib/errors';
 
 /**
  * Properties to initialize HttpJwtAuthorizer.
@@ -59,7 +60,7 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer {
    */
   public get authorizerId(): string {
     if (!this.authorizer) {
-      throw new Error(
+      throw new UnscopedValidationError(
         'Cannot access authorizerId until authorizer is attached to a HttpRoute',
       );
     }
diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts
@@ -10,6 +10,7 @@ import {
 import { ServicePrincipal } from '../../../aws-iam';
 import { IFunction } from '../../../aws-lambda';
 import { Stack, Duration, Names } from '../../../core';
+import { UnscopedValidationError, ValidationError } from '../../../core/lib/errors';
 
 /**
  * Specifies the type responses the lambda returns
@@ -90,7 +91,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {
    */
   public get authorizerId(): string {
     if (!this.authorizer) {
-      throw new Error(
+      throw new UnscopedValidationError(
         'Cannot access authorizerId until authorizer is attached to a HttpRoute',
       );
     }
@@ -99,7 +100,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer {
 
   public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig {
     if (this.httpApi && (this.httpApi.apiId !== options.route.httpApi.apiId)) {
-      throw new Error('Cannot attach the same authorizer to multiple Apis');
+      throw new ValidationError('Cannot attach the same authorizer to multiple Apis', options.scope);
     }
 
     if (!this.authorizer) {
diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts
@@ -1,6 +1,7 @@
 import { HttpAuthorizer, HttpAuthorizerType, HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2';
 import { IUserPool, IUserPoolClient } from '../../../aws-cognito';
 import { Stack } from '../../../core';
+import { UnscopedValidationError } from '../../../core/lib/errors';
 
 /**
  * Properties to initialize HttpUserPoolAuthorizer.
@@ -59,7 +60,7 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer {
    */
   public get authorizerId(): string {
     if (!this.authorizer) {
-      throw new Error(
+      throw new UnscopedValidationError(
         'Cannot access authorizerId until authorizer is attached to a HttpRoute',
       );
     }
diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts
@@ -10,6 +10,7 @@ import {
 import { ServicePrincipal } from '../../../aws-iam';
 import { IFunction } from '../../../aws-lambda';
 import { Stack, Names } from '../../../core';
+import { ValidationError } from '../../../core/lib/errors';
 
 /**
  * Properties to initialize WebSocketTokenAuthorizer.
@@ -49,7 +50,7 @@ export class WebSocketLambdaAuthorizer implements IWebSocketRouteAuthorizer {
 
   public bind(options: WebSocketRouteAuthorizerBindOptions): WebSocketRouteAuthorizerConfig {
     if (this.webSocketApi && (this.webSocketApi.apiId !== options.route.webSocketApi.apiId)) {
-      throw new Error('Cannot attach the same authorizer to multiple Apis');
+      throw new ValidationError('Cannot attach the same authorizer to multiple Apis', options.scope);
     }
 
     if (!this.authorizer) {
