Merge pull request #19 from wesreid/feature/add-proxy-handling

Fix prefilight

Author: gilons

src/lib/lambda-route-proxy-entry-handler.ts

@@ -1,24 +1,49 @@
-
-import { APIGatewayEvent, APIGatewayProxyEvent, APIGatewayProxyEventV2 } from 'aws-lambda';
-import { CustomError } from './custom-error';
-import { RouteConfig, ConfigRouteEntry, RouteArguments, RouteModule } from './types-and-interfaces';
-import { authorizeRoute } from './authorization-helper';
-
-const getRouteConfigEntry = (config: RouteConfig, method: string, path: string) =>
-  config.routes.find(r => r.path.toLowerCase() === path.toLowerCase() && r.method.toLowerCase() === method.toLowerCase()) as ConfigRouteEntry;
-
-const shouldAuthorizeRoute = (routesConfig: RouteConfig, routeConfigEntry: ConfigRouteEntry) =>
-  (routesConfig.authorizeAllRoutes && routeConfigEntry.authorizeRoute !== false)
-  ||
+import {
+  APIGatewayEvent,
+  APIGatewayProxyEvent,
+  APIGatewayProxyEventV2,
+} from "aws-lambda";
+import { CustomError } from "./custom-error";
+import {
+  RouteConfig,
+  ConfigRouteEntry,
+  RouteArguments,
+  RouteModule,
+} from "./types-and-interfaces";
+import { authorizeRoute } from "./authorization-helper";
+
+const getRouteConfigEntry = (
+  config: RouteConfig,
+  method: string,
+  path: string
+) =>
+  config.routes.find(
+    (r) =>
+      r.path.toLowerCase() === path.toLowerCase() &&
+      r.method.toLowerCase() === method.toLowerCase()
+  ) as ConfigRouteEntry;
+
+const shouldAuthorizeRoute = (
+  routesConfig: RouteConfig,
+  routeConfigEntry: ConfigRouteEntry
+) =>
+  (routesConfig.authorizeAllRoutes &&
+    routeConfigEntry.authorizeRoute !== false) ||
   routeConfigEntry.authorizeRoute === true;
 
-
-export const getRouteModule = (config: RouteConfig, method: string, path: string, availableRouteModules: { [key: string]: any }): RouteModule => {
+export const getRouteModule = (
+  config: RouteConfig,
+  method: string,
+  path: string,
+  availableRouteModules: { [key: string]: any }
+): RouteModule => {
   const routeEntry = getRouteConfigEntry(config, method, path);
   let routeModule = null;
   console.log(`route entry: ${JSON.stringify(routeEntry)}`);
   if (routeEntry) {
-    const matchingRouteModuleMapKey = Object.keys(availableRouteModules).find((k: string) => routeEntry.handlerPath.endsWith(k));
+    const matchingRouteModuleMapKey = Object.keys(availableRouteModules).find(
+      (k: string) => routeEntry.handlerPath.endsWith(k)
+    );
     // routeModule = availableRouteModules[routeEntry.handlerPath.split('/').reverse()[0]];
     routeModule = availableRouteModules[matchingRouteModuleMapKey!];
   }
@@ -33,7 +58,10 @@ interface RouteEvent {
   isBase64Encoded: boolean;
 }
 
-export const getRouteModuleResult = async ({ routeChain }: RouteModule, incoming: RouteArguments): Promise<any> => {
+export const getRouteModuleResult = async (
+  { routeChain }: RouteModule,
+  incoming: RouteArguments
+): Promise<any> => {
   let returnValue = incoming;
   for (const chainFn of routeChain) {
     returnValue = await chainFn(returnValue);
@@ -44,38 +72,47 @@ export const getRouteModuleResult = async ({ routeChain }: RouteModule, incoming
 function pathToRegex(path: string): string {
   // Convert route path to regex pattern
   return path
-    .replace(/\//g, '\\/') // Escape forward slashes
-    .replace(/{([^}]+)}/g, '(?<$1>[^/]+)'); // Convert {param} to named capture groups
+    .replace(/\//g, "\\/") // Escape forward slashes
+    .replace(/{([^}]+)}/g, "(?<$1>[^/]+)"); // Convert {param} to named capture groups
 }
 
 const v2ApiGatewayEvent = (event: APIGatewayProxyEventV2): RouteEvent => {
   return {
     routeKey: event.routeKey,
-    queryStringParameters: event.queryStringParameters?? ({} as RouteEvent['queryStringParameters']),
+    queryStringParameters:
+      event.queryStringParameters ??
+      ({} as RouteEvent["queryStringParameters"]),
     pathParameters: event.pathParameters ?? {},
     body: event.body,
     isBase64Encoded: event.isBase64Encoded,
   };
-}
+};
 
-const v1ApiGatewayEvent = (event: APIGatewayProxyEvent, config: RouteConfig): RouteEvent => {
-  const routeConfig = getRouteConfigByPath(event.path, event.httpMethod, config.routes);
+const v1ApiGatewayEvent = (
+  event: APIGatewayProxyEvent,
+  config: RouteConfig
+): RouteEvent => {
+  const routeConfig = getRouteConfigByPath(
+    event.path,
+    event.httpMethod,
+    config.routes
+  );
   return {
     routeKey: `${event.httpMethod} ${routeConfig.path}`,
     queryStringParameters: event.queryStringParameters ?? {},
     pathParameters: routeConfig.params ?? {},
     body: event.body,
     isBase64Encoded: event.isBase64Encoded,
   };
-}
+};
 
 export function getRouteConfigByPath(
   eventPath: string,
   method: string,
-  configs: ConfigRouteEntry[],
+  configs: ConfigRouteEntry[]
 ): ConfigRouteEntry & { params?: { [key: string]: string } } {
-  eventPath = eventPath.replace(/\?.*$/, ''); // Remove query string
-  const normalizedPath = eventPath.replace(/^\//, ''); // Remove leading slash
+  eventPath = eventPath.replace(/\?.*$/, ""); // Remove query string
+  const normalizedPath = eventPath.replace(/^\//, ""); // Remove leading slash
   for (const config of configs) {
     const pattern = pathToRegex(config.path);
     const regex = new RegExp(`^${pattern}$`);
@@ -91,17 +128,22 @@ export function getRouteConfigByPath(
     }
   }
 
-  throw new CustomError(JSON.stringify({ message: 'path no found' }), 400);
+  throw new CustomError(JSON.stringify({ message: "path no found" }), 400);
 }
 
-export const lambdaRouteProxyEntryHandler = (config: RouteConfig, availableRouteModules: { [key: string]: any }) =>
-  async (event: APIGatewayProxyEventV2 | APIGatewayProxyEvent | APIGatewayEvent) => {
+export const lambdaRouteProxyEntryHandler =
+  (config: RouteConfig, availableRouteModules: { [key: string]: any }) =>
+  async (
+    event: APIGatewayProxyEventV2 | APIGatewayProxyEvent | APIGatewayEvent
+  ) => {
     console.log(`Event Data: ${JSON.stringify(event)}`);
-    const isV2 = (event as APIGatewayProxyEventV2).version === '2.0';
+    const isV2 = (event as APIGatewayProxyEventV2).version === "2.0";
 
-    const isProxied = !isV2 && event.hasOwnProperty('requestContext');
+    const isProxied = !isV2 && event.hasOwnProperty("requestContext");
 
-    const newEvent = isV2? v2ApiGatewayEvent(event as APIGatewayProxyEventV2): v1ApiGatewayEvent(event as APIGatewayProxyEvent, config);
+    const newEvent = isV2
+      ? v2ApiGatewayEvent(event as APIGatewayProxyEventV2)
+      : v1ApiGatewayEvent(event as APIGatewayProxyEvent, config);
 
     const {
       routeKey,
@@ -110,64 +152,98 @@ export const lambdaRouteProxyEntryHandler = (config: RouteConfig, availableRoute
       body,
       isBase64Encoded,
     } = newEvent;
-    
+
     let retVal: any = {};
     try {
-      const [method = '', path = ''] = routeKey.split(' ');
-      if (shouldAuthorizeRoute(config, getRouteConfigEntry(config, method, path))) {
+      const [method = "", path = ""] = routeKey.split(" ");
+      if (
+        shouldAuthorizeRoute(config, getRouteConfigEntry(config, method, path))
+      ) {
         await authorizeRoute(event);
       }
 
-      const routeModule = getRouteModule(config, method, path, availableRouteModules);
+      const routeModule = getRouteModule(
+        config,
+        method,
+        path,
+        availableRouteModules
+      );
 
       console.log(`isBase64Encoded: ${isBase64Encoded}`);
       console.log(`body: ${body}`);
-      const decodedBody = isBase64Encoded ? Buffer.from(body!, 'base64').toString('utf-8') : undefined;
+      const decodedBody = isBase64Encoded
+        ? Buffer.from(body!, "base64").toString("utf-8")
+        : undefined;
       console.log(`decodedBody:
       ${decodedBody}`);
 
-
       retVal = await getRouteModuleResult(routeModule, {
         query: queryStringParameters,
         params: pathParameters,
         body: body ? decodedBody || JSON.parse(body) : undefined,
         rawEvent: event,
       });
 
-      if(isProxied) {
-        if(retVal.statusCode && !retVal.body) {
-          console.log('body must be included when status code is set', retVal);
-          throw new CustomError('No body found', 500);
-        } else if(retVal.statusCode && retVal.body) {
+      if (isProxied) {
+        if (retVal.statusCode && !retVal.body) {
+          console.log("body must be included when status code is set", retVal);
+          throw new CustomError("No body found", 500);
+        } else if (retVal.statusCode && retVal.body) {
           retVal = {
             ...retVal,
             isBase64Encoded: false,
             headers: {
-              'Content-Type': 'application/json',
-              ...retVal.headers??{}
+              "Content-Type": "application/json",
+              ...(retVal.headers ?? {}),
             },
-            body: typeof retVal.body === 'object' ? JSON.stringify(retVal.body): retVal.body
+            body:
+              typeof retVal.body === "object"
+                ? JSON.stringify(retVal.body)
+                : retVal.body,
           };
         } else {
           retVal = {
             statusCode: 200,
             body: JSON.stringify(retVal),
-            'Content-Type': 'application/json',
-          }
+            "Content-Type": "application/json",
+          };
         }
       }
     } catch (error: any) {
       console.error(JSON.stringify({ error, stack: error.stack }));
+      let headers = {
+        "Content-Type": "application/json",
+      } as Record<string, string>;
+
+      let statusCode = 500;
+
+      if (isProxied) {
+        const isOptions = (event.requestContext as any).httpMethod === "OPTIONS";
+        if (isOptions) {
+          statusCode = 200;
+        } else {
+          statusCode = error.httpStatusCode || 500;
+        }
+        headers = {
+          ...headers,
+          "Access-Control-Allow-Origin": "*",
+          "Access-Control-Allow-Methods":
+            "GET, POST, PUT, DELETE, PATCH, OPTIONS",
+          "Access-Control-Allow-Headers":
+            "Content-Type, Authorization, X-Amz-Date, X-Api-Key, X-Amz-Security-Token",
+          "Access-Control-Allow-Credentials": "true",
+        };
+      }
       if (error instanceof CustomError) {
         retVal = {
-          statusCode: error.httpStatusCode,
-          headers: { 'Content-Type': 'application/json' },
+          statusCode,
+          headers,
           body: error.message,
         };
       } else {
         retVal = {
-          statusCode: 500,
-          headers: { 'Content-Type': 'application/json' },
+          statusCode,
+          headers,
           body: error.message || JSON.stringify(error),
         };
       }