in samtranslator/swagger/swagger.py [0:0]
def _set_method_authorizer(self, path, method_name, authorizer_name, authorizers=None, method_scopes=None): # type: ignore[no-untyped-def]
"""
Adds the authorizer_name to the security block for each method on this path.
This is used to configure the authorizer for individual functions.
:param string path: Path name
:param string method_name: Method name
:param string authorizer_name: Name of the authorizer to use. Must be a key in the
authorizers param.
"""
if authorizers is None:
authorizers = Py27Dict()
for method_definition in self.iter_on_method_definitions_for_path_at_method(path, method_name):
security_dict = Py27Dict()
security_dict[authorizer_name] = []
authorizer_security = [security_dict]
existing_security = method_definition.get("security", [])
if not isinstance(existing_security, list):
raise InvalidDocumentException(
[InvalidTemplateException(f"Type of security for path {path} method {method_name} must be a list")]
)
# This assumes there are no autorizers already configured in the existing security block
security = existing_security + authorizer_security
if authorizer_name != "NONE" and authorizers:
authorizer = authorizers.get(authorizer_name, Py27Dict())
if not isinstance(authorizer, dict):
raise InvalidDocumentException(
[InvalidTemplateException(f"Type of authorizer '{authorizer_name}' must be a dictionary")]
)
method_auth_scopes = authorizer.get("AuthorizationScopes")
if method_scopes is not None:
method_auth_scopes = method_scopes
if authorizers.get(authorizer_name) is not None and method_auth_scopes is not None:
security_dict[authorizer_name] = method_auth_scopes
if security:
method_definition["security"] = security
# The first element of the method_definition['security'] should be AWS_IAM
# because authorizer_list = ['AWS_IAM'] is hardcoded above
if "AWS_IAM" in method_definition["security"][0]:
self.add_awsiam_security_definition()