@yopdev/dev-server 3.0.2 → 3.0.3-alpha.2

package/.github/workflows/npm-publish.yml

@@ -17,7 +17,9 @@ jobs:
         with:
           node-version: 20
       - run: npm ci
-      - run: npm test
+      - env:
+          NODE_OPTIONS: --experimental-vm-modules
+        run: npm test
 
   publish-npm:
     needs: build

package/__tests__/cloudformation-lambda-http-proxy.test.ts

@@ -0,0 +1,89 @@
+import { describe, it, expect } from "@jest/globals";
+import { newLambdaProxyFromCloudFormationTemplate } from "../src/cloudformation-lambda-http-proxy";
+import { v2 } from "../src/mappers";
+import { DevServer, promised } from "../src";
+import axios from "axios";
+import { STUB_HANDLER_CALLED_BODY } from "./stub-handlers";
+import { alwaysDeny } from "./test-model";
+
+describe("the cloudformation lambda http proxy", () => {
+    it("parses a lambda function", async () => {
+        let endpoint: string;
+        const devServer = await new DevServer('cfn-simple-lambda',
+            promised(
+                (c) => newLambdaProxyFromCloudFormationTemplate(
+                    'cfn-simple-lambda',
+                    { protocol: 'http:', host: '127.0.0.1', port: undefined },
+                    v2(),
+                    {
+                        extraRoutes: [],
+                        template: () => './__tests__/simple-lambda-function.template',
+                        handlers: () => '../dist/__tests__/stub-handlers.js',
+                        handlerNameResolver: (n) => n,
+                    },
+                    async (url) => { endpoint = url; }
+                ).start(c))
+        ).start()
+
+        return expect(axios.get(`${endpoint}a`)
+            .then((r) => r.data)
+            .finally(async () => devServer.stop())
+        )
+            .resolves
+            .toEqual(STUB_HANDLER_CALLED_BODY)
+    })
+
+    it("parses a lambda function with authorizer", async () => {
+        let endpoint: string;
+        const devServer = await new DevServer('cfn-authorized-lambda',
+            promised(
+                (c) => newLambdaProxyFromCloudFormationTemplate(
+                    'cfn-authorized-lambda',
+                    { protocol: 'http:', host: '127.0.0.1', port: undefined },
+                    v2(),
+                    {
+                        extraRoutes: [],
+                        authorizer: () => async () => alwaysDeny(),
+                        template: () => './__tests__/simple-lambda-function.template',
+                        handlers: () => '../dist/__tests__/stub-handlers.js',
+                        handlerNameResolver: (n) => n,
+                    },
+                    async (url) => { endpoint = url; }
+                ).start(c))
+        ).start()
+
+        return expect(axios.get(`${endpoint}a`, { validateStatus: () => true })
+            .then((r) => r.status)
+            .finally(async () => devServer.stop())
+        )
+            .resolves
+            .toEqual(401)
+    })
+
+    it("disables the authorizer when auth is set to NONE", async () => {
+        let endpoint: string;
+        const devServer = await new DevServer('cfn-none-auth-lambda',
+            promised(
+                (c) => newLambdaProxyFromCloudFormationTemplate(
+                    'cfn-none-auth-lambda',
+                    { protocol: 'http:', host: '127.0.0.1', port: undefined },
+                    v2(),
+                    {
+                        extraRoutes: [],
+                        authorizer: () => async () => alwaysDeny(),
+                        template: () => './__tests__/lambda-function-with-none-auth.template',
+                        handlers: () => '../dist/__tests__/stub-handlers.js',
+                        handlerNameResolver: (n) => n,
+                    },
+                    async (url) => { endpoint = url; }
+                ).start(c))
+        ).start()
+
+        return expect(axios.get(`${endpoint}a`)
+            .then((r) => r.data)
+            .finally(async () => devServer.stop())
+        )
+            .resolves
+            .toEqual(STUB_HANDLER_CALLED_BODY)
+    })
+})

package/__tests__/lambda-function-with-none-auth.template

@@ -0,0 +1,13 @@
+Resources:
+    test:
+        Type: AWS::Serverless::Function
+        Properties:
+            Handler: stubHandler
+            Events:
+                Test:
+                    Type: HttpApi
+                    Properties:
+                        Path: /{proxy+}
+                        Method: GET
+                        Auth:
+                            Authorizer: NONE

package/__tests__/lambda-http-proxy.test.ts

@@ -1,8 +1,9 @@
 import { describe, it, expect } from "@jest/globals";
 import { DevServer } from "../src";
-import { UNAUTHORIZED, newLambdaHttpProxy } from "../src/lambda-http-proxy";
+import { newLambdaHttpProxy } from "../src/lambda-http-proxy";
 import axios from 'axios';
 import { v2 } from "../src/mappers";
+import { alwaysDeny } from "./test-model";
 
 describe("the lambda http proxy", () => {
     const payloadVersionV2Mapper = v2().mapper;
@@ -58,7 +59,7 @@ describe("the lambda http proxy", () => {
             {
                 settings: { protocol: 'http:', host: '127.0.0.1', port: undefined },
                 routes: [
-                    { method: /.*/, path: /.*/, weight: 0, handler: () => Promise.resolve({ statusCode: 200, body: 'handled!' }), authorizer: () => Promise.reject(UNAUTHORIZED) },
+                    { method: /.*/, path: /.*/, weight: 0, handler: () => Promise.resolve({ statusCode: 200, body: 'handled!' }), authorizer: async () => alwaysDeny() },
                 ],
                 mapper: payloadVersionV2Mapper,
             },

package/__tests__/simple-lambda-function.template

@@ -0,0 +1,11 @@
+Resources:
+    test:
+        Type: AWS::Serverless::Function
+        Properties:
+            Handler: stubHandler
+            Events:
+                Test:
+                    Type: HttpApi
+                    Properties:
+                        Path: /{proxy+}
+                        Method: GET

package/__tests__/stub-handlers.ts

@@ -0,0 +1,9 @@
+export const STUB_HANDLER_CALLED_BODY = 'stub handler called';
+
+export const stubHandler = () => new StubHandler().handle();
+class StubHandler {
+    handle = () => ({
+        statusCode: 200,
+        body: STUB_HANDLER_CALLED_BODY,
+    })
+}

package/__tests__/test-model.ts

@@ -0,0 +1,11 @@
+export const alwaysDeny = () => ({
+    principalId: '',
+    policyDocument: {
+        Version: '',
+        Statement: [{
+            Effect: 'Deny',
+            NotAction: [],
+            NotPrincipal: [],
+        }]
+    }
+})

package/dist/__tests__/cloudformation-lambda-http-proxy.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/cloudformation-lambda-http-proxy.test.js

@@ -0,0 +1,58 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const globals_1 = require("@jest/globals");
+const cloudformation_lambda_http_proxy_1 = require("../src/cloudformation-lambda-http-proxy");
+const mappers_1 = require("../src/mappers");
+const src_1 = require("../src");
+const axios_1 = __importDefault(require("axios"));
+const stub_handlers_1 = require("./stub-handlers");
+const test_model_1 = require("./test-model");
+(0, globals_1.describe)("the cloudformation lambda http proxy", () => {
+    (0, globals_1.it)("parses a lambda function", async () => {
+        let endpoint;
+        const devServer = await new src_1.DevServer('cfn-simple-lambda', (0, src_1.promised)((c) => (0, cloudformation_lambda_http_proxy_1.newLambdaProxyFromCloudFormationTemplate)('cfn-simple-lambda', { protocol: 'http:', host: '127.0.0.1', port: undefined }, (0, mappers_1.v2)(), {
+            extraRoutes: [],
+            template: () => './__tests__/simple-lambda-function.template',
+            handlers: () => '../dist/__tests__/stub-handlers.js',
+            handlerNameResolver: (n) => n,
+        }, async (url) => { endpoint = url; }).start(c))).start();
+        return (0, globals_1.expect)(axios_1.default.get(`${endpoint}a`)
+            .then((r) => r.data)
+            .finally(async () => devServer.stop()))
+            .resolves
+            .toEqual(stub_handlers_1.STUB_HANDLER_CALLED_BODY);
+    });
+    (0, globals_1.it)("parses a lambda function with authorizer", async () => {
+        let endpoint;
+        const devServer = await new src_1.DevServer('cfn-authorized-lambda', (0, src_1.promised)((c) => (0, cloudformation_lambda_http_proxy_1.newLambdaProxyFromCloudFormationTemplate)('cfn-authorized-lambda', { protocol: 'http:', host: '127.0.0.1', port: undefined }, (0, mappers_1.v2)(), {
+            extraRoutes: [],
+            authorizer: () => async () => (0, test_model_1.alwaysDeny)(),
+            template: () => './__tests__/simple-lambda-function.template',
+            handlers: () => '../dist/__tests__/stub-handlers.js',
+            handlerNameResolver: (n) => n,
+        }, async (url) => { endpoint = url; }).start(c))).start();
+        return (0, globals_1.expect)(axios_1.default.get(`${endpoint}a`, { validateStatus: () => true })
+            .then((r) => r.status)
+            .finally(async () => devServer.stop()))
+            .resolves
+            .toEqual(401);
+    });
+    (0, globals_1.it)("disables the authorizer when auth is set to NONE", async () => {
+        let endpoint;
+        const devServer = await new src_1.DevServer('cfn-none-auth-lambda', (0, src_1.promised)((c) => (0, cloudformation_lambda_http_proxy_1.newLambdaProxyFromCloudFormationTemplate)('cfn-none-auth-lambda', { protocol: 'http:', host: '127.0.0.1', port: undefined }, (0, mappers_1.v2)(), {
+            extraRoutes: [],
+            authorizer: () => async () => (0, test_model_1.alwaysDeny)(),
+            template: () => './__tests__/lambda-function-with-none-auth.template',
+            handlers: () => '../dist/__tests__/stub-handlers.js',
+            handlerNameResolver: (n) => n,
+        }, async (url) => { endpoint = url; }).start(c))).start();
+        return (0, globals_1.expect)(axios_1.default.get(`${endpoint}a`)
+            .then((r) => r.data)
+            .finally(async () => devServer.stop()))
+            .resolves
+            .toEqual(stub_handlers_1.STUB_HANDLER_CALLED_BODY);
+    });
+});

package/dist/__tests__/lambda-http-proxy.test.js

@@ -8,6 +8,7 @@ const src_1 = require("../src");
 const lambda_http_proxy_1 = require("../src/lambda-http-proxy");
 const axios_1 = __importDefault(require("axios"));
 const mappers_1 = require("../src/mappers");
+const test_model_1 = require("./test-model");
 (0, globals_1.describe)("the lambda http proxy", () => {
     const payloadVersionV2Mapper = (0, mappers_1.v2)().mapper;
     (0, globals_1.it)("invokes the handler with the heaviest route", async () => {
@@ -47,7 +48,7 @@ const mappers_1 = require("../src/mappers");
         const tested = await new src_1.DevServer('lambda-http-proxy', (0, lambda_http_proxy_1.newLambdaHttpProxy)('service', {
             settings: { protocol: 'http:', host: '127.0.0.1', port: undefined },
             routes: [
-                { method: /.*/, path: /.*/, weight: 0, handler: () => Promise.resolve({ statusCode: 200, body: 'handled!' }), authorizer: () => Promise.reject(lambda_http_proxy_1.UNAUTHORIZED) },
+                { method: /.*/, path: /.*/, weight: 0, handler: () => Promise.resolve({ statusCode: 200, body: 'handled!' }), authorizer: async () => (0, test_model_1.alwaysDeny)() },
             ],
             mapper: payloadVersionV2Mapper,
         }, async (url) => { endpoint = url; })).start();

package/dist/__tests__/stub-handlers.d.ts

@@ -0,0 +1,5 @@
+export declare const STUB_HANDLER_CALLED_BODY = "stub handler called";
+export declare const stubHandler: () => {
+    statusCode: number;
+    body: string;
+};

package/dist/__tests__/stub-handlers.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.stubHandler = exports.STUB_HANDLER_CALLED_BODY = void 0;
+exports.STUB_HANDLER_CALLED_BODY = 'stub handler called';
+const stubHandler = () => new StubHandler().handle();
+exports.stubHandler = stubHandler;
+class StubHandler {
+    constructor() {
+        this.handle = () => ({
+            statusCode: 200,
+            body: exports.STUB_HANDLER_CALLED_BODY,
+        });
+    }
+}

package/dist/__tests__/test-model.d.ts

@@ -0,0 +1,11 @@
+export declare const alwaysDeny: () => {
+    principalId: string;
+    policyDocument: {
+        Version: string;
+        Statement: {
+            Effect: string;
+            NotAction: any[];
+            NotPrincipal: any[];
+        }[];
+    };
+};

package/dist/__tests__/test-model.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.alwaysDeny = void 0;
+const alwaysDeny = () => ({
+    principalId: '',
+    policyDocument: {
+        Version: '',
+        Statement: [{
+                Effect: 'Deny',
+                NotAction: [],
+                NotPrincipal: [],
+            }]
+    }
+});
+exports.alwaysDeny = alwaysDeny;

package/dist/src/cloudformation-lambda-http-proxy.d.ts

@@ -4,8 +4,9 @@ import { HttpSettings } from './http-server';
 import { Authorizer, Route } from './lambda-http-proxy';
 import { Callback, Service, Startable } from './services';
 import { LambdaPayloadVersion } from './mappers';
-export declare const newLambdaProxyFromCloudFormationTemplate: <Context, AuthorizerContext, Event_1, HandlerResponse>(name: string, settings: HttpSettings, payloadVersion: LambdaPayloadVersion<AuthorizerContext, Event_1, HandlerResponse>, config: CloudFormationLambdaProxyConfig<Context, AuthorizerContext, Event_1, HandlerResponse>, callback: Callback<string>) => Startable<Service<string>>;
-type CloudFormationLambdaProxyConfig<Context, AuthorizerContext, Event, HandlerResponse> = {
+import { APIGatewayAuthorizerResult } from 'aws-lambda';
+export declare const newLambdaProxyFromCloudFormationTemplate: <Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event_1, HandlerResponse>(name: string, settings: HttpSettings, payloadVersion: LambdaPayloadVersion<AuthorizerContext, Event_1, HandlerResponse>, config: CloudFormationLambdaProxyConfig<Context, AuthorizerContext, Event_1, HandlerResponse>, callback: Callback<string>) => Startable<Service<string>>;
+type CloudFormationLambdaProxyConfig<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> = {
     authorizer?: (config: DevServerConfig) => Authorizer<AuthorizerContext> | undefined;
     extraRoutes: Route<Context, AuthorizerContext, Event, HandlerResponse>[];
     prepare?: (config: DevServerConfig) => Promise<void>;

package/dist/src/cloudformation-lambda-http-proxy.js

@@ -6,6 +6,7 @@ const lambda_http_proxy_1 = require("./lambda-http-proxy");
 const PATH_VARIABLE_CAPTURE = /{(.*?)}/g;
 const QUERY_STRING_OR_LOCATION_REG_EXP = '(?:([?#].*))?';
 const PROXY_PATH_PARAM = 'proxy';
+const NOOP_AUTHORIZER = async () => undefined;
 const newLambdaProxyFromCloudFormationTemplate = (name, settings, payloadVersion, config, callback) => new CloudFormationLambdaProxy(name, settings, config.extraRoutes, payloadVersion, config, callback);
 exports.newLambdaProxyFromCloudFormationTemplate = newLambdaProxyFromCloudFormationTemplate;
 class CloudFormationLambdaProxy extends cloudformation_1.CloudFormationSetup {
@@ -15,6 +16,7 @@ class CloudFormationLambdaProxy extends cloudformation_1.CloudFormationSetup {
             path: new RegExp(`^${pathWithCapturingGroups}${QUERY_STRING_OR_LOCATION_REG_EXP}?$`),
             weight: this.computeWeight(pathWithCapturingGroups),
             handler: this.pathParameterCapture(new RegExp(pathWithCapturingGroups), handler, config.context),
+            authorizer: event.Properties?.Auth?.Authorizer === 'NONE' ? NOOP_AUTHORIZER : undefined,
         })), config.prepare, config);
         this.settings = settings;
         this.extraRoutes = extraRoutes;
@@ -22,7 +24,7 @@ class CloudFormationLambdaProxy extends cloudformation_1.CloudFormationSetup {
         this.afterStart = (name, cfg, routes) => (0, lambda_http_proxy_1.newLambdaHttpProxy)(`${name}:apigw`, {
             settings: this.settings,
             routes: this.extraRoutes.concat(routes),
-            authorizer: (this.authorizer || (() => undefined))(cfg),
+            authorizer: (this.authorizer || (() => NOOP_AUTHORIZER))(cfg),
             mapper: this.mapper,
         }, this.callback);
         this.computeWeight = (path) => this.segments(path) - this.variables(path);

package/dist/src/cloudformation.js

@@ -12,7 +12,7 @@ class CloudFormationSetup {
         this.eventFilter = eventFilter;
         this.handlerResolver = handlerResolver;
         this.beforeStart = beforeStart;
-        this.start = async (config) => (this.beforeStart || Promise.resolve)(config)
+        this.start = async (config) => (this.beforeStart || (async () => undefined))(config)
             .then(this.resolvedHandlers)
             .then(async (routes) => this.afterStart(this.name, config, routes));
         this.resolvedHandlers = async () => {

package/dist/src/index.d.ts

@@ -1,6 +1,6 @@
 export { DevServer } from './dev-server';
 export { newHttpServer as httpServer, HttpSettings } from './http-server';
-export { newLambdaHttpProxy as lambdaHttpProxy, UNAUTHORIZED } from './lambda-http-proxy';
+export { newLambdaHttpProxy as lambdaHttpProxy } from './lambda-http-proxy';
 export { v1 as v1LambdaProxyPayload, v2 as v2LambdaProxyPayload } from './mappers';
 export { newLambdaProxyFromCloudFormationTemplate as cloudFormationLambdaProxy } from './cloudformation-lambda-http-proxy';
 export { newDynamoDbTableFromCloudFormationTemplate as cloudFormationDynamoDbTable } from './cloudformation-dynamodb-table';

package/dist/src/index.js

@@ -1,13 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Service = exports.promised = exports.lazy = exports.oneThenOther = exports.allOf = exports.tunnel = exports.container = exports.dynamoDbTable = exports.preTrafficHooks = exports.scheduledTasks = exports.cloudFormationSnsEventHandlers = exports.eventsProxy = exports.internalQueue = exports.snsHttpProxy = exports.cloudFormationDynamoDbTable = exports.cloudFormationLambdaProxy = exports.v2LambdaProxyPayload = exports.v1LambdaProxyPayload = exports.UNAUTHORIZED = exports.lambdaHttpProxy = exports.httpServer = exports.DevServer = void 0;
+exports.Service = exports.promised = exports.lazy = exports.oneThenOther = exports.allOf = exports.tunnel = exports.container = exports.dynamoDbTable = exports.preTrafficHooks = exports.scheduledTasks = exports.cloudFormationSnsEventHandlers = exports.eventsProxy = exports.internalQueue = exports.snsHttpProxy = exports.cloudFormationDynamoDbTable = exports.cloudFormationLambdaProxy = exports.v2LambdaProxyPayload = exports.v1LambdaProxyPayload = exports.lambdaHttpProxy = exports.httpServer = exports.DevServer = void 0;
 var dev_server_1 = require("./dev-server");
 Object.defineProperty(exports, "DevServer", { enumerable: true, get: function () { return dev_server_1.DevServer; } });
 var http_server_1 = require("./http-server");
 Object.defineProperty(exports, "httpServer", { enumerable: true, get: function () { return http_server_1.newHttpServer; } });
 var lambda_http_proxy_1 = require("./lambda-http-proxy");
 Object.defineProperty(exports, "lambdaHttpProxy", { enumerable: true, get: function () { return lambda_http_proxy_1.newLambdaHttpProxy; } });
-Object.defineProperty(exports, "UNAUTHORIZED", { enumerable: true, get: function () { return lambda_http_proxy_1.UNAUTHORIZED; } });
 var mappers_1 = require("./mappers");
 Object.defineProperty(exports, "v1LambdaProxyPayload", { enumerable: true, get: function () { return mappers_1.v1; } });
 Object.defineProperty(exports, "v2LambdaProxyPayload", { enumerable: true, get: function () { return mappers_1.v2; } });

package/dist/src/lambda-http-proxy.d.ts

@@ -2,8 +2,8 @@
 import { HttpSettings } from "./http-server";
 import { LambdaMapperFactory } from "./mappers";
 import { Service, Callback } from "./services";
-export declare const UNAUTHORIZED: Error;
-export declare const newLambdaHttpProxy: <Context, AuthorizerContext, Event_1, HandlerResponse>(name: string, config: {
+import { APIGatewayAuthorizerResult } from "aws-lambda";
+export declare const newLambdaHttpProxy: <Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event_1, HandlerResponse>(name: string, config: {
     settings: HttpSettings;
     routes: Route<Context, AuthorizerContext, Event_1, HandlerResponse>[];
     mapper: LambdaMapperFactory<AuthorizerContext, Event_1, HandlerResponse>;
@@ -18,11 +18,11 @@ export declare abstract class Response {
     constructor(statusCode: number, contentType: string | undefined, location: string | undefined, cookies: string[] | undefined);
     body: () => string | Buffer | undefined;
 }
-export type Route<Context, AuthorizerContext, Event, HandlerResponse> = {
+export type Route<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> = {
     method: RegExp;
     path: RegExp;
     weight: number;
     authorizer?: Authorizer<AuthorizerContext>;
     handler: (event: Event, context: Context) => Promise<HandlerResponse>;
 };
-export type Authorizer<Context> = (authorization: string) => Promise<Context | undefined>;
+export type Authorizer<Context extends APIGatewayAuthorizerResult> = (authorization: string) => Promise<Context | undefined>;

package/dist/src/lambda-http-proxy.js

@@ -1,11 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Response = exports.newLambdaHttpProxy = exports.UNAUTHORIZED = void 0;
+exports.Response = exports.newLambdaHttpProxy = void 0;
 const logging_1 = require("@yopdev/logging");
 const http_server_1 = require("./http-server");
 const responses_1 = require("./responses");
 const services_1 = require("./services");
-exports.UNAUTHORIZED = new Error('UNAUTHORIZED');
+const UNAUTHORIZED = new Error('UNAUTHORIZED');
 const newLambdaHttpProxy = (name, config, callback) => new services_1.Service(new LambdaHttpProxy(name, config.settings, config.routes, config.mapper, config.authorizer ?? (() => Promise.resolve(undefined)), config.context), callback);
 exports.newLambdaHttpProxy = newLambdaHttpProxy;
 class LambdaHttpProxy {
@@ -19,7 +19,10 @@ class LambdaHttpProxy {
         this.stop = () => this.server.stop();
         this.handler = (authorizer, lambdaHandler) => (request, body, response) => this.mapper.newInstance(request, body)
             .then(async (mapper) => authorizer(mapper.authorization())
-            .then(async (context) => lambdaHandler(mapper.event(context), this.context())
+            .then(async (context) => context?.policyDocument?.Statement?.find((s) => s.Effect === 'Deny') === undefined
+            ? { ...context, lambda: context?.context }
+            : Promise.reject(UNAUTHORIZED))
+            .then((context) => lambdaHandler(mapper.event(context), this.context())
             .then((lambda) => {
             const result = mapper.toResponse(lambda);
             return (0, responses_1.writeResponse)(response, result.statusCode, result.body(), result.contentType, result.location, result.cookies);
@@ -27,7 +30,7 @@ class LambdaHttpProxy {
             .catch((e) => {
             this.LOGGER.error(e, 'request failed to execute');
             (0, responses_1.internalServerError)(response, e.body);
-        }), (e) => e === exports.UNAUTHORIZED ? (0, responses_1.writeResponse)(response, 401, '') : (0, responses_1.internalServerError)(response, e)));
+        }), (e) => e === UNAUTHORIZED ? (0, responses_1.writeResponse)(response, 401, '') : (0, responses_1.internalServerError)(response, e)));
         this.fallback = async (request, _, response) => Promise.resolve(this.LOGGER.warn(`FALLBACK: ${request.method} to ${request.url}`)).then(() => (0, responses_1.writeResponse)(response, 404, `no route found to handle ${request.method} to ${request.url}`));
         this.resolveRoute = (request, body, response) => (this.routes.filter((r) => r.method.test(request.method))
             .filter((r) => r.path.test(request.url))

package/dist/src/mappers.d.ts

@@ -11,7 +11,9 @@ export type LambdaPayloadVersion<AuthorizerContext, Event, HandlerResponse> = {
 export declare const v1: <AuthorizerContext>() => LambdaPayloadVersion<AuthorizerContext, APIGatewayProxyEvent, APIGatewayProxyResult>;
 export declare const v2: <AuthorizerContext>() => LambdaPayloadVersion<AuthorizerContext, APIGatewayProxyEventV2, APIGatewayProxyStructuredResultV2>;
 interface LambdaMapper<AuthorizerContext, Event, HandlerResponse> {
-    event(context: AuthorizerContext): Event;
+    event(context: {
+        [name: string]: any;
+    } & AuthorizerContext): Event;
     authorization(): string;
     toResponse: (response: HandlerResponse) => Response;
 }

package/jest.config.js

@@ -2,6 +2,6 @@
 module.exports = {
   preset: "ts-jest",
   testPathIgnorePatterns: ["/dist/"],
-  testRegex: "/__tests__/.*$",
+  testRegex: "/__tests__/.*\.test\..*$",
   testTimeout: 60000,
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yopdev/dev-server",
-  "version": "3.0.2",
+  "version": "3.0.3-alpha.2",
   "scripts": {
     "compile": "tsc",
     "pretest": "npm run compile",

package/src/cloudformation-lambda-http-proxy.ts

@@ -4,11 +4,13 @@ import { HttpSettings } from './http-server';
 import { Authorizer, Route, newLambdaHttpProxy } from './lambda-http-proxy';
 import { Callback, Service, Startable } from './services';
 import { LambdaMapperFactory, LambdaPayloadVersion, PathParameterResolver } from './mappers';
+import { APIGatewayAuthorizerResult } from 'aws-lambda';
 
 const PATH_VARIABLE_CAPTURE = /{(.*?)}/g;
 const QUERY_STRING_OR_LOCATION_REG_EXP = '(?:([?#].*))?';
 const PROXY_PATH_PARAM = 'proxy';
-export const newLambdaProxyFromCloudFormationTemplate = <Context, AuthorizerContext, Event, HandlerResponse>(
+const NOOP_AUTHORIZER = async () => undefined
+export const newLambdaProxyFromCloudFormationTemplate = <Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse>(
     name: string,
     settings: HttpSettings,
     payloadVersion: LambdaPayloadVersion<AuthorizerContext, Event, HandlerResponse>,
@@ -16,10 +18,13 @@ export const newLambdaProxyFromCloudFormationTemplate = <Context, AuthorizerCont
     callback: Callback<string>,
 ): Startable<Service<string>> => new CloudFormationLambdaProxy(name, settings, config.extraRoutes, payloadVersion, config, callback);
 
-class CloudFormationLambdaProxy<Context, AuthorizerContext, Event, HandlerResponse> extends CloudFormationSetup<
+class CloudFormationLambdaProxy<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> extends CloudFormationSetup<
     {
         Path: string;
         Method: string;
+        Auth: {
+            Authorizer: string;
+        }
     },
     (event: Event) => Promise<HandlerResponse>,
     Route<Context, AuthorizerContext, Event, HandlerResponse>,
@@ -47,7 +52,8 @@ class CloudFormationLambdaProxy<Context, AuthorizerContext, Event, HandlerRespon
                         path: new RegExp(`^${pathWithCapturingGroups}${QUERY_STRING_OR_LOCATION_REG_EXP}?$`),
                         weight: this.computeWeight(pathWithCapturingGroups),
                         handler: this.pathParameterCapture(new RegExp(pathWithCapturingGroups), handler, config.context),
-                    }),
+                        authorizer: event.Properties?.Auth?.Authorizer === 'NONE' ? NOOP_AUTHORIZER : undefined,
+                    } satisfies Route<Context, AuthorizerContext, Event, HandlerResponse>),
                 ),
             config.prepare,
             config,
@@ -63,7 +69,7 @@ class CloudFormationLambdaProxy<Context, AuthorizerContext, Event, HandlerRespon
             {
                 settings: this.settings,
                 routes: this.extraRoutes.concat(routes),
-                authorizer: (this.authorizer || (() => undefined))(cfg),
+                authorizer: (this.authorizer || (() => NOOP_AUTHORIZER))(cfg),
                 mapper: this.mapper,
             },
             this.callback,
@@ -117,7 +123,7 @@ class CloudFormationLambdaProxy<Context, AuthorizerContext, Event, HandlerRespon
     }
 }
 
-type CloudFormationLambdaProxyConfig<Context, AuthorizerContext, Event, HandlerResponse> = {
+type CloudFormationLambdaProxyConfig<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> = {
     authorizer?: (config: DevServerConfig) => Authorizer<AuthorizerContext> | undefined,
     extraRoutes: Route<Context, AuthorizerContext, Event, HandlerResponse>[],
     prepare?: (config: DevServerConfig) => Promise<void>,

package/src/cloudformation.ts

@@ -24,7 +24,7 @@ export abstract class CloudFormationSetup<P, H, R, F> implements Startable<F> {
         this.handlerNameResolver = config.handlerNameResolver;
     }
     start = async (config: DevServerConfig) =>
-        (this.beforeStart || Promise.resolve)(config)
+        (this.beforeStart || (async () => undefined))(config)
             .then(this.resolvedHandlers)
             .then(async (routes) => this.afterStart(this.name, config, routes));
 

package/src/index.ts

@@ -1,6 +1,6 @@
 export { DevServer } from './dev-server' 
 export { newHttpServer as httpServer, HttpSettings } from './http-server' 
-export { newLambdaHttpProxy as lambdaHttpProxy, UNAUTHORIZED } from './lambda-http-proxy'
+export { newLambdaHttpProxy as lambdaHttpProxy } from './lambda-http-proxy'
 export { v1 as v1LambdaProxyPayload, v2 as v2LambdaProxyPayload } from './mappers'
 export { newLambdaProxyFromCloudFormationTemplate as cloudFormationLambdaProxy } from './cloudformation-lambda-http-proxy'
 export { newDynamoDbTableFromCloudFormationTemplate as cloudFormationDynamoDbTable } from './cloudformation-dynamodb-table'

package/src/lambda-http-proxy.ts

@@ -4,9 +4,10 @@ import { IncomingMessage, ServerResponse } from "http";
 import { LambdaMapperFactory } from "./mappers";
 import { internalServerError, writeResponse } from "./responses";
 import { Lifecycle, Service, Callback } from "./services";
+import { APIGatewayAuthorizerResult } from "aws-lambda";
 
-export const UNAUTHORIZED = new Error('UNAUTHORIZED');
-export const newLambdaHttpProxy = <Context, AuthorizerContext, Event, HandlerResponse>(
+const UNAUTHORIZED = new Error('UNAUTHORIZED');
+export const newLambdaHttpProxy = <Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse>(
     name: string,
     config: {
         settings: HttpSettings,
@@ -25,7 +26,7 @@ export const newLambdaHttpProxy = <Context, AuthorizerContext, Event, HandlerRes
     config.context,
 ), callback)
 
-class LambdaHttpProxy<Context, AuthorizerContext, Event, HandlerResponse> implements Lifecycle<string> {
+class LambdaHttpProxy<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> implements Lifecycle<string> {
     private LOGGER: Logger
     private readonly server: HttpServer
 
@@ -55,6 +56,11 @@ class LambdaHttpProxy<Context, AuthorizerContext, Event, HandlerResponse> implem
                 .then(async (mapper) =>
                     authorizer(mapper.authorization())
                         .then(async (context) =>
+                            context?.policyDocument?.Statement?.find((s) => s.Effect === 'Deny') === undefined
+                                ? { ...context, lambda: context?.context }
+                                : Promise.reject(UNAUTHORIZED),
+                        )
+                        .then((context) =>
                             lambdaHandler(mapper.event(context), this.context())
                                 .then((lambda) => {
                                     const result = mapper.toResponse(lambda)
@@ -100,7 +106,7 @@ export abstract class Response {
     body: () => string | Buffer | undefined
 }
 
-export type Route<Context, AuthorizerContext, Event, HandlerResponse> = {
+export type Route<Context, AuthorizerContext extends APIGatewayAuthorizerResult, Event, HandlerResponse> = {
     method: RegExp;
     path: RegExp;
     weight: number;
@@ -108,4 +114,4 @@ export type Route<Context, AuthorizerContext, Event, HandlerResponse> = {
     handler: (event: Event, context: Context) => Promise<HandlerResponse>;
 };
 
-export type Authorizer<Context> = (authorization: string) => Promise<Context | undefined>;
+export type Authorizer<Context extends APIGatewayAuthorizerResult> = (authorization: string) => Promise<Context | undefined>;

package/src/mappers.ts

@@ -120,7 +120,7 @@ class DefaultLambdaMapper<AuthorizerContext> implements LambdaMapper<AuthorizerC
         return [];
     };
 
-    event = (context: AuthorizerContext): APIGatewayProxyEvent & APIGatewayEventRequestContextV2WithGenericAuthorizer<AuthorizerContext> => ({
+    event = (context: { [name: string]: any; } & AuthorizerContext): APIGatewayProxyEvent & APIGatewayEventRequestContextV2WithGenericAuthorizer<AuthorizerContext> => ({
         version: '2.0',
         rawPath: this.url.pathname,
         rawQueryString: this.url.search,
@@ -190,7 +190,7 @@ class DefaultLambdaMapper<AuthorizerContext> implements LambdaMapper<AuthorizerC
     authorization = () => this.authorizationHeaderValue
 }
 interface LambdaMapper<AuthorizerContext, Event, HandlerResponse> {
-    event(context: AuthorizerContext): Event
+    event(context: { [name: string]: any; } & AuthorizerContext): Event
     authorization(): string
     toResponse: (response: HandlerResponse) => Response
 }

package/tsconfig.json

@@ -1,5 +1,6 @@
 {
   "compilerOptions": {
+    "esModuleInterop": true,
     "module": "NodeNext",
     "target": "ES2021",
     "moduleResolution": "NodeNext",