in samtranslator/model/api/api_generator.py [0:0]
def _add_auth(self) -> None:
"""
Add Auth configuration to the Swagger file, if necessary
"""
if not self.auth:
return
if self.auth and not self.definition_body:
raise InvalidResourceException(
self.logical_id, "Auth works only with inline Swagger specified in 'DefinitionBody' property."
)
# Make sure keys in the dict are recognized
if not all(key in AuthProperties._fields for key in self.auth):
raise InvalidResourceException(self.logical_id, "Invalid value for 'Auth' property")
if not SwaggerEditor.is_valid(self.definition_body):
raise InvalidResourceException(
self.logical_id,
"Unable to add Auth configuration because "
"'DefinitionBody' does not contain a valid Swagger definition.",
)
swagger_editor = SwaggerEditor(self.definition_body)
auth_properties = AuthProperties(**self.auth)
authorizers = self._get_authorizers(auth_properties.Authorizers, auth_properties.DefaultAuthorizer) # type: ignore[no-untyped-call]
if authorizers:
swagger_editor.add_authorizers_security_definitions(authorizers) # type: ignore[no-untyped-call]
self._set_default_authorizer(
swagger_editor,
authorizers,
auth_properties.DefaultAuthorizer,
auth_properties.AddDefaultAuthorizerToCorsPreflight,
)
if auth_properties.ApiKeyRequired:
swagger_editor.add_apikey_security_definition()
self._set_default_apikey_required(swagger_editor, auth_properties.AddApiKeyRequiredToCorsPreflight)
if auth_properties.ResourcePolicy:
SwaggerEditor.validate_is_dict(
auth_properties.ResourcePolicy, "ResourcePolicy must be a map (ResourcePolicyStatement)."
)
for path in swagger_editor.iter_on_path():
swagger_editor.add_resource_policy(auth_properties.ResourcePolicy, path, self.stage_name)
if auth_properties.ResourcePolicy.get("CustomStatements"):
swagger_editor.add_custom_statements(auth_properties.ResourcePolicy.get("CustomStatements")) # type: ignore[no-untyped-call]
self.definition_body = self._openapi_postprocess(swagger_editor.swagger)