Initial commit

Author: thenikso

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+coverage

.npmignore

@@ -0,0 +1,3 @@
+tests
+examples
+coverage

index.js

@@ -0,0 +1,45 @@
+'use strict';
+
+const getObjectPath = require('./lib/utils').getObjectPath;
+const executeLambdaCallback = require('./lib/lambda-callback').executeLambdaCallback;
+const authorizerValidationCallback = require('./lib/authorizer-callback').authorizerValidationCallback;
+const authorizerCheckCallback = require('./lib/authorizer-callback').authorizerCheckCallback;
+const decorateLambdaReqCallback = require('./lib/decorators-callback').decorateLambdaReqCallback;
+const decorateAddCORSCallback = require('./lib/decorators-callback').decorateAddCORSCallback;
+
+module.exports = ({ html, authorizers }) => (slsConf, slsHandlers) => {
+  for (let funcId in slsConf.functions) {
+    const funcConf = slsConf.functions[funcId];
+    let func = getObjectPath(funcConf.handler, slsHandlers);
+    const events = (funcConf.events || []).map(e => e.http).filter(e => !!e);
+    for (let e of events) {
+      const authSource = getObjectPath(['authorizer', 'identitySource'], e);
+      const authValidatorExp = getObjectPath(['authorizer', 'identityValidationExpression'], e);
+      const authorizerFunction = (
+        getObjectPath(getObjectPath(['authorizer', 'arn'], e) || '', authorizers) ||
+        getObjectPath(getObjectPath(['authorizer', 'name'], e) || '', slsHandlers)
+      );
+      html(
+        e.method.toLowerCase(),
+        `/${e.path.replace(/\{(.+?)\}/g, ':$1')}`,
+        [
+          decorateLambdaReqCallback(),
+          ...(authorizerFunction ? [
+            authorizerValidationCallback(
+              authSource,
+              authValidatorExp ? new RegExp(authValidatorExp) : null,
+              {
+                regionId: 'express',
+                accountId: 'serverlessify',
+                apiId: `${slsConf.service}-${funcId}`,
+              }
+            ),
+            authorizerCheckCallback(authorizerFunction)
+          ] : []),
+          ...(e.cors ? [decorateAddCORSCallback()] : []),
+          executeLambdaCallback(func),
+        ]
+      )
+    }
+  }
+};

lib/authorizer-callbacks.js

@@ -0,0 +1,116 @@
+'use strict';
+
+const getObjectPath = require('./utils').getObjectPath;
+
+module.exports.authorizerValidationCallback = function(
+  identitySource,
+  identityValidationRegExp,
+  {
+    regionId,
+    accountId,
+    apiId,
+  }
+) {
+  return function(req, res, next) {
+    const sources = {
+      method: {
+        request: {
+          header: req.headers,
+        },
+      },
+    };
+    const source = getObjectPath(
+      (identitySource || 'method.request.header.Auth').toLowerCase(),
+      sources
+    );
+    if (identityValidationRegExp && identityValidationRegExp.exec(source) === null) {
+      res.sendStatus(403);
+      return;
+    }
+    const method = req.method.toUpperCase();
+    const resourcePath = req.path;
+    req.lambda = (req.lambda || {});
+    req.lambda.authorizer = {
+      event: {
+        type: 'TOKEN',
+        authorizationToken: source,
+        methodArn: `arn:serverlessify:execute-api:${regionId}:${accountId}:${apiId}/${method}${resourcePath}`,
+      },
+    };
+    next();
+  };
+};
+
+// event format
+// {
+//     "type":"TOKEN",
+//     "authorizationToken":"<caller-supplied-token>",
+//     "methodArn":"arn:aws:execute-api:<regionId>:<accountId>:<apiId>/<stage>/<method>/<resourcePath>"
+// }
+// awsAuthDocument format
+// {
+//   // The principal user identification associated with the token send by the client.
+//   "principalId": "xxxxxxxx",
+//   "policyDocument": {
+//     "Version": "2012-10-17",
+//     "Statement": [
+//       {
+//         "Action": "execute-api:Invoke",
+//         "Effect": "Allow|Deny",
+//         "Resource": "arn:aws:execute-api:<regionId>:<accountId>:<appId>/<stage>/<httpVerb>/[<resource>/<httpVerb>/[...]]"
+//       }
+//     ]
+//   }
+// }
+module.exports.authorizerCheckCallback = function(
+  authorizer,
+  setCacheEntry,
+  getCacheEntry
+) {
+  return function(req, res, next) {
+    if (!authorizer) {
+      return next();
+    }
+
+    function authorizerCallback(err, awsAuthDocument) {
+      // TODO addCacheEntry(req.lambda.authorizer.event.authorizationToken, awsAuthDocument).then
+      if (err) {
+        res.status(500).send(err);
+      } else {
+        // TODO consider other statement values
+        const effect = getObjectPath(
+          ['policyDocument', 'Statement', 0, 'Effect'],
+          awsAuthDocument
+        );
+        if (effect === 'Allow') {
+          next();
+        } else {
+          res.sendStatus(401);
+        }
+      }
+    }
+
+    const cacheKey = req.lambda.authorizer.event.authorizationToken;
+    getCacheEntry(
+      cacheKey,
+      function(err, cachedAuthorization) {
+        if (cachedAuthorization) {
+          authorizerCallback(err, cachedAuthorization);
+        } else {
+          authorizer(
+            req.lambda.authorizer.event,
+            req.lambda.context,
+            function(innerErr, awsAuthDocument) {
+              setCacheEntry({
+                key: cacheKey,
+                value: awsAuthDocument,
+              }, function() {
+                authorizerCallback(innerErr, awsAuthDocument);
+              });
+            }
+          );
+        }
+      }
+    );
+  };
+};

lib/decorators-callbacks.js

@@ -0,0 +1,28 @@
+'use strict';
+
+module.exports.decorateLambdaReqCallback = function(getPrincipalId) {
+  return function(req, res, next) {
+    req.lambda = {
+      event: {
+        method: req.method,
+        headers: req.headers,
+        body: req.body,
+        path: req.params,
+        query: req.query,
+        principalId: getPrincipalId && getPrincipalId(req),
+        // stageVariables, // TODO define stageVariables
+      },
+      context: {},
+    };
+    next();
+  };
+};
+
+module.exports.decorateAddCORSCallback = function() {
+  return function(req, res, next) {
+    res.header('Access-Control-Allow-Origin', '*');
+    res.header('Access-Control-Allow-Methods', 'GET,PUT,HEAD,PATCH,POST,DELETE,OPTIONS');
+    res.header('Access-Control-Allow-Headers', 'Authorization,Content-Type,x-amz-date,x-amz-security-token');
+    next();
+  };
+};

lib/lambda-callbacks.js

@@ -0,0 +1,17 @@
+'use strict';
+
+module.exports.executeLambdaCallback = function(handlerFunction) {
+  return function(req, res) {
+    handlerFunction(
+      req.lambda.event,
+      req.lambda.context,
+      function(err, resp) {
+        if (err) {
+          res.status(500).send(err);
+        } else {
+          res.status(200).send(resp);
+        }
+      }
+    );
+  };
+};

lib/utils.js

@@ -0,0 +1,13 @@
+'use strict';
+
+module.exports.getObjectPath = function(path, obj) {
+  let res = obj;
+  const ps = Array.isArray(path) ? path : path.split('.');
+  for (let p of ps) {
+    if (!res) {
+      break;
+    }
+    res = res[p];
+  }
+  return res;
+};

package.json

@@ -0,0 +1,25 @@
+{
+  "name": "serverlessify",
+  "version": "1.0.0",
+  "description": "Utility to simulate AWS Lambda event sources and wirte a server for Serverless functions",
+  "main": "index.js",
+  "scripts": {
+    "test": "istanbul cover _mocha tests/all.test.js -- -R spec --recursive"
+  },
+  "keywords": [
+    "seerverless",
+    "aws",
+    "lambda",
+    "backend",
+    "express"
+  ],
+  "author": "Nicola Peduzzi <[email protected]> (http://nikso.net)",
+  "license": "MIT",
+  "devDependencies": {
+    "chai": "3.5.0",
+    "istanbul": "0.4.5",
+    "mocha": "3.0.2",
+    "sinon": "1.17.5",
+    "sinon-chai": "2.8.0"
+  }
+}

tests/all.test.js

@@ -0,0 +1,7 @@
+describe('serverlessify', () => {
+  require('./utils.test');
+  require('./decorators-callbacks.test');
+  require('./authorizer-callbacks.test');
+  require('./lambda-callbacks.test');
+  require('./index.test');
+});

tests/authorizer-callbacks.test.js

@@ -0,0 +1,12 @@
+const expect = require('chai').expect;
+const sinon = require('sinon');
+const subject = require('../lib/authorizer-callbacks');
+require('chai').use(require('sinon-chai'));
+
+describe('utils', () => {
+  it('should define callbacks', () => {
+    expect(subject.authorizerValidationCallback).to.be.a('function');
+    expect(subject.authorizerCheckCallback).to.be.a('function');
+  });
+});
+