serverless-offline 13.3.1 → 13.3.3

package/src/events/http/OfflineEndpoint.js

@@ -1,33 +1,33 @@
 export default class OfflineEndpoint {
   apiKeyRequired = false
 
-  authorizationType = 'none'
+  authorizationType = "none"
 
   authorizerFunction = false
 
-  path = ''
+  path = ""
 
   requestParameters = {}
 
   requestTemplates = {
-    'application/json': '',
+    "application/json": "",
   }
 
   responses = {
     default: {
       400: {
-        statusCode: '400',
+        statusCode: "400",
       },
       responseModels: {
-        'application/json;charset=UTF-8': 'Empty',
+        "application/json;charset=UTF-8": "Empty",
       },
       responseParameters: {},
       responseTemplates: {
-        'application/json;charset=UTF-8': '',
+        "application/json;charset=UTF-8": "",
       },
       statusCode: 200,
     },
   }
 
-  type = 'AWS'
+  type = "AWS"
 }

package/src/events/http/authJWTSettingsExtractor.js

@@ -1,4 +1,4 @@
-import { log } from '@serverless/utils/log.js'
+import { log } from "@serverless/utils/log.js"
 
 function buildFailureResult(warningMessage) {
   log.warning(warningMessage)
@@ -36,7 +36,7 @@ export default function authJWTSettingsExtractor(
 
   if (!authorizer.name) {
     return buildFailureResult(
-      'Serverless Offline supports only JWT authorizers referenced by name',
+      "Serverless Offline supports only JWT authorizers referenced by name",
     )
   }
 

package/src/events/http/createAuthScheme.js

@@ -1,7 +1,7 @@
-import Boom from '@hapi/boom'
-import { log } from '@serverless/utils/log.js'
-import authCanExecuteResource from '../authCanExecuteResource.js'
-import authValidateContext from '../authValidateContext.js'
+import Boom from "@hapi/boom"
+import { log } from "@serverless/utils/log.js"
+import authCanExecuteResource from "../authCanExecuteResource.js"
+import authValidateContext from "../authValidateContext.js"
 import {
   getRawQueryParams,
   nullIfEmpty,
@@ -9,15 +9,15 @@ import {
   parseMultiValueHeaders,
   parseMultiValueQueryStringParameters,
   parseQueryStringParameters,
-} from '../../utils/index.js'
+} from "../../utils/index.js"
 
-const IDENTITY_SOURCE_TYPE_HEADER = 'header'
-const IDENTITY_SOURCE_TYPE_QUERYSTRING = 'querystring'
-const IDENTITY_SOURCE_TYPE_NONE = 'none'
+const IDENTITY_SOURCE_TYPE_HEADER = "header"
+const IDENTITY_SOURCE_TYPE_QUERYSTRING = "querystring"
+const IDENTITY_SOURCE_TYPE_NONE = "none"
 
 export default function createAuthScheme(authorizerOptions, provider, lambda) {
   const authFunName = authorizerOptions.name
-  let identitySourceField = 'authorization'
+  let identitySourceField = "authorization"
   let identitySourceType = IDENTITY_SOURCE_TYPE_HEADER
 
   const finalizeAuthScheme = () => {
@@ -34,14 +34,14 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
         // aws doesn't auto decode path params - hapi does
         const pathParams = { ...request.params }
 
-        const accountId = 'random-account-id'
-        const apiId = 'random-api-id'
-        const requestId = 'random-request-id'
+        const accountId = "random-account-id"
+        const apiId = "random-api-id"
+        const requestId = "random-request-id"
 
         const httpMethod = request.method.toUpperCase()
         const resourcePath = request.route.path.replace(
           new RegExp(`^/${provider.stage}`),
-          '',
+          "",
         )
 
         let event = {
@@ -94,7 +94,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
               `Identity Source is null for ${identitySourceType} ${identitySourceField} (λ: ${authFunName})`,
             )
             return Boom.unauthorized(
-              'User is not authorized to access this resource',
+              "User is not authorized to access this resource",
             )
           }
 
@@ -103,14 +103,14 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
           )
           const matchedAuthorization =
             identityValidationExpression.test(authorization)
-          finalAuthorization = matchedAuthorization ? authorization : ''
+          finalAuthorization = matchedAuthorization ? authorization : ""
 
           log.debug(
             `Retrieved ${identitySourceField} ${identitySourceType} "${finalAuthorization}"`,
           )
         }
 
-        if (authorizerOptions.payloadVersion === '1.0') {
+        if (authorizerOptions.payloadVersion === "1.0") {
           event = {
             ...event,
             authorizationToken: finalAuthorization,
@@ -124,6 +124,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
             pathParameters: nullIfEmpty(pathParams),
             queryStringParameters: parseQueryStringParameters(url),
             requestContext: {
+              ...event.requestContext,
               extendedRequestId: requestId,
               httpMethod,
               path: request.path,
@@ -138,13 +139,14 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
           }
         }
 
-        if (authorizerOptions.payloadVersion === '2.0') {
+        if (authorizerOptions.payloadVersion === "2.0") {
           event = {
             ...event,
             identitySource: [finalAuthorization],
             rawPath: request.path,
             rawQueryString: getRawQueryParams(url),
             requestContext: {
+              ...event.requestContext,
               http: {
                 method: httpMethod,
                 path: resourcePath,
@@ -164,7 +166,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
         event = {
           ...event,
           // This is safe since type: 'TOKEN' cannot have payload format 2.0
-          type: authorizerOptions.type === 'request' ? 'REQUEST' : 'TOKEN',
+          type: authorizerOptions.type === "request" ? "REQUEST" : "TOKEN",
         }
 
         const lambdaFunction = lambda.get(authFunName)
@@ -176,7 +178,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
           if (authorizerOptions.enableSimpleResponses) {
             if (result.isAuthorized) {
               const authorizer = {
-                integrationLatency: '42',
+                integrationLatency: "42",
                 ...result.context,
               }
               return h.authenticated({
@@ -187,12 +189,12 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
               })
             }
             return Boom.forbidden(
-              'User is not authorized to access this resource',
+              "User is not authorized to access this resource",
             )
           }
 
-          if (result === 'Unauthorized')
-            return Boom.unauthorized('Unauthorized')
+          if (result === "Unauthorized")
+            return Boom.unauthorized("Unauthorized")
 
           // Validate that the policy document has the principalId set
           if (!result.principalId) {
@@ -200,7 +202,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
               `Authorization response did not include a principalId: (λ: ${authFunName})`,
             )
 
-            return Boom.forbidden('No principalId set on the Response')
+            return Boom.forbidden("No principalId set on the Response")
           }
 
           if (
@@ -214,7 +216,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
             )
 
             return Boom.forbidden(
-              'User is not authorized to access this resource',
+              "User is not authorized to access this resource",
             )
           }
 
@@ -238,7 +240,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
           )
 
           const authorizer = {
-            integrationLatency: '42',
+            integrationLatency: "42",
             principalId: result.principalId,
             ...result.context,
           }
@@ -257,7 +259,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
             `Authorization function returned an error response: (λ: ${authFunName})`,
           )
 
-          return Boom.unauthorized('Unauthorized')
+          return Boom.unauthorized("Unauthorized")
         }
       },
     })
@@ -273,7 +275,7 @@ export default function createAuthScheme(authorizerOptions, provider, lambda) {
   }
 
   if (
-    authorizerOptions.type !== 'request' ||
+    authorizerOptions.type !== "request" ||
     authorizerOptions.identitySource
   ) {
     // Only validate the first of N possible headers.

package/src/events/http/createJWTAuthScheme.js

@@ -1,6 +1,6 @@
-import Boom from '@hapi/boom'
-import { log } from '@serverless/utils/log.js'
-import { decodeJwt } from 'jose'
+import Boom from "@hapi/boom"
+import { log } from "@serverless/utils/log.js"
+import { decodeJwt } from "jose"
 
 const { isArray } = Array
 const { now } = Date
@@ -31,8 +31,8 @@ export default function createAuthScheme(jwtOptions) {
       // Get Authorization header
       const { req } = request.raw
       let jwtToken = req.headers[identityHeader]
-      if (jwtToken && jwtToken.split(' ')[0] === 'Bearer') {
-        ;[, jwtToken] = jwtToken.split(' ')
+      if (jwtToken && jwtToken.split(" ")[0] === "Bearer") {
+        ;[, jwtToken] = jwtToken.split(" ")
       }
 
       try {
@@ -40,14 +40,14 @@ export default function createAuthScheme(jwtOptions) {
 
         const expirationDate = new Date(claims.exp * 1000)
         if (expirationDate.getTime() < now()) {
-          return Boom.unauthorized('JWT Token expired')
+          return Boom.unauthorized("JWT Token expired")
         }
 
         const { aud, iss, scope, client_id: clientId } = claims
         if (iss !== jwtOptions.issuerUrl) {
           log.notice(`JWT Token not from correct issuer url`)
 
-          return Boom.unauthorized('JWT Token not from correct issuer url')
+          return Boom.unauthorized("JWT Token not from correct issuer url")
         }
 
         const validAudiences = isArray(jwtOptions.audience)
@@ -62,7 +62,7 @@ export default function createAuthScheme(jwtOptions) {
           log.notice(`JWT Token does not contain correct audience`)
 
           return Boom.unauthorized(
-            'JWT Token does not contain correct audience',
+            "JWT Token does not contain correct audience",
           )
         }
 
@@ -71,14 +71,14 @@ export default function createAuthScheme(jwtOptions) {
           if (!scope) {
             log.notice(`JWT Token missing valid scope`)
 
-            return Boom.forbidden('JWT Token missing valid scope')
+            return Boom.forbidden("JWT Token missing valid scope")
           }
 
-          scopes = scope.split(' ')
+          scopes = scope.split(" ")
           if (scopes.every((s) => !jwtOptions.scopes.includes(s))) {
             log.notice(`JWT Token missing valid scope`)
 
-            return Boom.forbidden('JWT Token missing valid scope')
+            return Boom.forbidden("JWT Token missing valid scope")
           }
         }
 
@@ -96,7 +96,7 @@ export default function createAuthScheme(jwtOptions) {
         log.notice(`JWT could not be decoded`)
         log.error(err)
 
-        return Boom.unauthorized('Unauthorized')
+        return Boom.unauthorized("Unauthorized")
       }
     },
   })

package/src/events/http/index.js

@@ -1 +1 @@
-export { default } from './Http.js'
+export { default } from "./Http.js"

package/src/events/http/javaHelpers.js

@@ -17,11 +17,11 @@ function javaEqualsIgnoreCase(anotherString) {
 }
 
 function javaMatches(value) {
-  return this.match(new RegExp(value, 'm'))
+  return this.match(new RegExp(value, "m"))
 }
 
 function javaReplaceFirst(oldValue, newValue) {
-  return this.replace(new RegExp(oldValue, 'm'), newValue)
+  return this.replace(new RegExp(oldValue, "m"), newValue)
 }
 
 // method has 2 function signatures:

package/src/events/http/lambda-events/LambdaIntegrationEvent.js

@@ -1,7 +1,7 @@
-import { env } from 'node:process'
-import { log } from '@serverless/utils/log.js'
-import renderVelocityTemplateObject from './renderVelocityTemplateObject.js'
-import VelocityContext from './VelocityContext.js'
+import { env } from "node:process"
+import { log } from "@serverless/utils/log.js"
+import renderVelocityTemplateObject from "./renderVelocityTemplateObject.js"
+import VelocityContext from "./VelocityContext.js"
 
 const { parse } = JSON
 
@@ -35,7 +35,7 @@ export default class LambdaIntegrationEvent {
         }
       } catch {
         log.error(
-          'Could not parse process.env.AUTHORIZER, make sure it is correct JSON',
+          "Could not parse process.env.AUTHORIZER, make sure it is correct JSON",
         )
       }
     }

package/src/events/http/lambda-events/LambdaProxyIntegrationEvent.js

@@ -1,16 +1,16 @@
-import { Buffer } from 'node:buffer'
-import { env } from 'node:process'
-import { log } from '@serverless/utils/log.js'
-import { decodeJwt } from 'jose'
+import { Buffer } from "node:buffer"
+import crypto from "node:crypto"
+import { env } from "node:process"
+import { log } from "@serverless/utils/log.js"
+import { decodeJwt } from "jose"
 import {
-  createUniqueId,
   formatToClfTime,
   nullIfEmpty,
   parseHeaders,
   parseMultiValueHeaders,
   parseMultiValueQueryStringParameters,
   parseQueryStringParameters,
-} from '../../../utils/index.js'
+} from "../../../utils/index.js"
 
 const { byteLength } = Buffer
 const { parse } = JSON
@@ -57,7 +57,7 @@ export default class LambdaProxyIntegrationEvent {
         authAuthorizer = parse(env.AUTHORIZER)
       } catch {
         log.error(
-          'Could not parse env.AUTHORIZER, make sure it is correct JSON',
+          "Could not parse env.AUTHORIZER, make sure it is correct JSON",
         )
       }
     }
@@ -69,42 +69,42 @@ export default class LambdaProxyIntegrationEvent {
     // NOTE FIXME request.raw.req.rawHeaders can only be null for testing (hapi shot inject())
     const headers = parseHeaders(rawHeaders || []) || {}
 
-    if (headers['sls-offline-authorizer-override']) {
+    if (headers["sls-offline-authorizer-override"]) {
       try {
-        authAuthorizer = parse(headers['sls-offline-authorizer-override'])
+        authAuthorizer = parse(headers["sls-offline-authorizer-override"])
       } catch {
         log.error(
-          'Could not parse header sls-offline-authorizer-override, make sure it is correct JSON',
+          "Could not parse header sls-offline-authorizer-override, make sure it is correct JSON",
         )
       }
     }
 
     if (body) {
-      if (typeof body !== 'string') {
+      if (typeof body !== "string") {
         // this.#request.payload is NOT the same as the rawPayload
         body = this.#request.rawPayload
       }
 
       if (
-        !headers['Content-Length'] &&
-        !headers['content-length'] &&
-        !headers['Content-length'] &&
-        (typeof body === 'string' ||
+        !headers["Content-Length"] &&
+        !headers["content-length"] &&
+        !headers["Content-length"] &&
+        (typeof body === "string" ||
           body instanceof Buffer ||
           body instanceof ArrayBuffer)
       ) {
-        headers['Content-Length'] = String(byteLength(body))
+        headers["Content-Length"] = String(byteLength(body))
       }
 
       // Set a default Content-Type if not provided.
       if (
-        !headers['Content-Type'] &&
-        !headers['content-type'] &&
-        !headers['Content-type']
+        !headers["Content-Type"] &&
+        !headers["content-type"] &&
+        !headers["Content-type"]
       ) {
-        headers['Content-Type'] = 'application/json'
+        headers["Content-Type"] = "application/json"
       }
-    } else if (body === undefined || body === '') {
+    } else if (body === undefined || body === "") {
       body = null
     }
 
@@ -113,8 +113,8 @@ export default class LambdaProxyIntegrationEvent {
 
     let token = headers.Authorization || headers.authorization
 
-    if (token && token.split(' ')[0] === 'Bearer') {
-      ;[, token] = token.split(' ')
+    if (token && token.split(" ")[0] === "Bearer") {
+      ;[, token] = token.split(" ")
     }
 
     let claims
@@ -124,7 +124,7 @@ export default class LambdaProxyIntegrationEvent {
       try {
         claims = decodeJwt(token)
         if (claims.scope) {
-          scopes = claims.scope.split(' ')
+          scopes = claims.scope.split(" ")
           // In AWS HTTP Api the scope property is removed from the decoded JWT
           // I'm leaving this property because I'm not sure how all of the authorizers
           // for AWS REST Api handle JWT.
@@ -149,7 +149,7 @@ export default class LambdaProxyIntegrationEvent {
     // NOTE replace * added by generateHapiPath util so api gateway event is accurate
     const resource =
       this.#routeKey ||
-      route.path.replace(`/${this.#stage}`, '').replace('*', '+')
+      route.path.replace(`/${this.#stage}`, "").replace("*", "+")
 
     return {
       body,
@@ -166,8 +166,8 @@ export default class LambdaProxyIntegrationEvent {
       pathParameters: nullIfEmpty(pathParams),
       queryStringParameters: parseQueryStringParameters(url),
       requestContext: {
-        accountId: 'offlineContext_accountId',
-        apiId: 'offlineContext_apiId',
+        accountId: "offlineContext_accountId",
+        apiId: "offlineContext_apiId",
         authorizer:
           authAuthorizer ||
           assign(authContext, {
@@ -176,46 +176,46 @@ export default class LambdaProxyIntegrationEvent {
             principalId:
               authPrincipalId ||
               env.PRINCIPAL_ID ||
-              'offlineContext_authorizer_principalId', // See #24
+              "offlineContext_authorizer_principalId", // See #24
             scopes,
           }),
-        domainName: 'offlineContext_domainName',
-        domainPrefix: 'offlineContext_domainPrefix',
-        extendedRequestId: createUniqueId(),
+        domainName: "offlineContext_domainName",
+        domainPrefix: "offlineContext_domainPrefix",
+        extendedRequestId: crypto.randomUUID(),
         httpMethod,
         identity: {
           accessKey: null,
-          accountId: env.SLS_ACCOUNT_ID || 'offlineContext_accountId',
-          apiKey: env.SLS_API_KEY || 'offlineContext_apiKey',
-          apiKeyId: env.SLS_API_KEY_ID || 'offlineContext_apiKeyId',
-          caller: env.SLS_CALLER || 'offlineContext_caller',
+          accountId: env.SLS_ACCOUNT_ID || "offlineContext_accountId",
+          apiKey: env.SLS_API_KEY || "offlineContext_apiKey",
+          apiKeyId: env.SLS_API_KEY_ID || "offlineContext_apiKeyId",
+          caller: env.SLS_CALLER || "offlineContext_caller",
           cognitoAuthenticationProvider:
-            _headers['cognito-authentication-provider'] ||
+            _headers["cognito-authentication-provider"] ||
             env.SLS_COGNITO_AUTHENTICATION_PROVIDER ||
-            'offlineContext_cognitoAuthenticationProvider',
+            "offlineContext_cognitoAuthenticationProvider",
           cognitoAuthenticationType:
             env.SLS_COGNITO_AUTHENTICATION_TYPE ||
-            'offlineContext_cognitoAuthenticationType',
+            "offlineContext_cognitoAuthenticationType",
           cognitoIdentityId:
-            _headers['cognito-identity-id'] ||
+            _headers["cognito-identity-id"] ||
             env.SLS_COGNITO_IDENTITY_ID ||
-            'offlineContext_cognitoIdentityId',
+            "offlineContext_cognitoIdentityId",
           cognitoIdentityPoolId:
             env.SLS_COGNITO_IDENTITY_POOL_ID ||
-            'offlineContext_cognitoIdentityPoolId',
+            "offlineContext_cognitoIdentityPoolId",
           principalOrgId: null,
           sourceIp: remoteAddress,
-          user: 'offlineContext_user',
-          userAgent: _headers['user-agent'] || '',
-          userArn: 'offlineContext_userArn',
+          user: "offlineContext_user",
+          userAgent: _headers["user-agent"] || "",
+          userArn: "offlineContext_userArn",
         },
         operationName: this.#additionalRequestContext.operationName,
         path: this.#path,
-        protocol: 'HTTP/1.1',
-        requestId: createUniqueId(),
+        protocol: "HTTP/1.1",
+        requestId: crypto.randomUUID(),
         requestTime,
         requestTimeEpoch,
-        resourceId: 'offlineContext_resourceId',
+        resourceId: "offlineContext_resourceId",
         resourcePath: route.path,
         stage: this.#stage,
       },