From dd34d2e3286048eb5079d93b743c444c4ee1e9bf Mon Sep 17 00:00:00 2001 From: Hogan Bobertz Date: Fri, 24 Jan 2025 00:02:35 -0500 Subject: [PATCH] feat(apigatewayv2-authorizers): throw `ValidationError` instead of untyped errors (#33076) ### Issue `aws-apigatewayv2-authorizers` for #32569 ### Description of changes ValidationErrors everywhere ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Existing tests. Exemptions granted as this is basically a refactor of existing code. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/.eslintrc.js | 1 + .../aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts | 3 ++- .../aws-apigatewayv2-authorizers/lib/http/lambda.ts | 5 +++-- .../aws-apigatewayv2-authorizers/lib/http/user-pool.ts | 3 ++- .../aws-apigatewayv2-authorizers/lib/websocket/lambda.ts | 3 ++- 5 files changed, 10 insertions(+), 5 deletions(-) diff --git a/packages/aws-cdk-lib/.eslintrc.js b/packages/aws-cdk-lib/.eslintrc.js index ca7a7961c60ee..eebbf16821843 100644 --- a/packages/aws-cdk-lib/.eslintrc.js +++ b/packages/aws-cdk-lib/.eslintrc.js @@ -25,6 +25,7 @@ const enableNoThrowDefaultErrorIn = [ 'aws-ssmcontacts', 'aws-ssmincidents', 'aws-ssmquicksetup', + 'aws-apigatewayv2-authorizers', 'aws-synthetics', 'aws-s3-assets', 'aws-s3-deployment', diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts index 483c9705aaf21..e004a6e140834 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/jwt.ts @@ -5,6 +5,7 @@ import { HttpRouteAuthorizerConfig, IHttpRouteAuthorizer, } from '../../../aws-apigatewayv2'; +import { UnscopedValidationError } from '../../../core/lib/errors'; /** * Properties to initialize HttpJwtAuthorizer. @@ -59,7 +60,7 @@ export class HttpJwtAuthorizer implements IHttpRouteAuthorizer { */ public get authorizerId(): string { if (!this.authorizer) { - throw new Error( + throw new UnscopedValidationError( 'Cannot access authorizerId until authorizer is attached to a HttpRoute', ); } diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts index 68b8ba4cf938a..26a47ef321f09 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/lambda.ts @@ -10,6 +10,7 @@ import { import { ServicePrincipal } from '../../../aws-iam'; import { IFunction } from '../../../aws-lambda'; import { Stack, Duration, Names } from '../../../core'; +import { UnscopedValidationError, ValidationError } from '../../../core/lib/errors'; /** * Specifies the type responses the lambda returns @@ -90,7 +91,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { */ public get authorizerId(): string { if (!this.authorizer) { - throw new Error( + throw new UnscopedValidationError( 'Cannot access authorizerId until authorizer is attached to a HttpRoute', ); } @@ -99,7 +100,7 @@ export class HttpLambdaAuthorizer implements IHttpRouteAuthorizer { public bind(options: HttpRouteAuthorizerBindOptions): HttpRouteAuthorizerConfig { if (this.httpApi && (this.httpApi.apiId !== options.route.httpApi.apiId)) { - throw new Error('Cannot attach the same authorizer to multiple Apis'); + throw new ValidationError('Cannot attach the same authorizer to multiple Apis', options.scope); } if (!this.authorizer) { diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts index 123a3df1ad294..5cb0099080f6a 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/http/user-pool.ts @@ -1,6 +1,7 @@ import { HttpAuthorizer, HttpAuthorizerType, HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, IHttpRouteAuthorizer } from '../../../aws-apigatewayv2'; import { IUserPool, IUserPoolClient } from '../../../aws-cognito'; import { Stack } from '../../../core'; +import { UnscopedValidationError } from '../../../core/lib/errors'; /** * Properties to initialize HttpUserPoolAuthorizer. @@ -59,7 +60,7 @@ export class HttpUserPoolAuthorizer implements IHttpRouteAuthorizer { */ public get authorizerId(): string { if (!this.authorizer) { - throw new Error( + throw new UnscopedValidationError( 'Cannot access authorizerId until authorizer is attached to a HttpRoute', ); } diff --git a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts index 3a2d9bb611e82..073f69aafc56a 100644 --- a/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts +++ b/packages/aws-cdk-lib/aws-apigatewayv2-authorizers/lib/websocket/lambda.ts @@ -10,6 +10,7 @@ import { import { ServicePrincipal } from '../../../aws-iam'; import { IFunction } from '../../../aws-lambda'; import { Stack, Names } from '../../../core'; +import { ValidationError } from '../../../core/lib/errors'; /** * Properties to initialize WebSocketTokenAuthorizer. @@ -49,7 +50,7 @@ export class WebSocketLambdaAuthorizer implements IWebSocketRouteAuthorizer { public bind(options: WebSocketRouteAuthorizerBindOptions): WebSocketRouteAuthorizerConfig { if (this.webSocketApi && (this.webSocketApi.apiId !== options.route.webSocketApi.apiId)) { - throw new Error('Cannot attach the same authorizer to multiple Apis'); + throw new ValidationError('Cannot attach the same authorizer to multiple Apis', options.scope); } if (!this.authorizer) {