fix(elbv2): can not set sessionTimeout

aws · Mar 8, 2023 · 5bfbf78 · 5bfbf78
1 parent da595a4
commit 5bfbf78
Show file tree

Hide file tree

Showing 17 changed files with 326 additions and 180 deletions.
diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/.eslintrc.js b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/.eslintrc.js
@@ -1,2 +1,3 @@
 const baseConfig = require('@aws-cdk/cdk-build-tools/config/eslintrc');
+baseConfig.parserOptions.project = __dirname + '/tsconfig.json';
 module.exports = baseConfig;
diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/lib/cognito-action.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/lib/cognito-action.ts
@@ -72,7 +72,7 @@ export interface AuthenticateCognitoActionProps {
  */
 export class AuthenticateCognitoAction extends elbv2.ListenerAction {
 
-  private static config(options: AuthenticateCognitoActionProps): elbv2.CfnListenerRule.AuthenticateCognitoConfigProperty {
+  private static config(options: AuthenticateCognitoActionProps): elbv2.CfnListener.AuthenticateCognitoConfigProperty {
     return {
       userPoolArn: options.userPool.userPoolArn,
       userPoolClientId: options.userPoolClient.userPoolClientId,
@@ -81,7 +81,7 @@ export class AuthenticateCognitoAction extends elbv2.ListenerAction {
       onUnauthenticatedRequest: options.onUnauthenticatedRequest,
       scope: options.scope,
       sessionCookieName: options.sessionCookieName,
-      sessionTimeout: options.sessionTimeout?.toSeconds(),
+      sessionTimeout: options.sessionTimeout?.toSeconds().toString(),
     };
   }
 
@@ -90,17 +90,15 @@ export class AuthenticateCognitoAction extends elbv2.ListenerAction {
    */
   constructor(options: AuthenticateCognitoActionProps) {
     super({
-      action: {
-        type: 'authenticate-cognito',
-        authenticateCognitoConfig: AuthenticateCognitoAction.config(options),
-      },
-      defaultAction: {
-        type: 'authenticate-cognito',
-        authenticateCognitoConfig: {
-          ...AuthenticateCognitoAction.config(options),
-          sessionTimeout: options.sessionTimeout?.toSeconds().toString(),
-        },
-      },
+      type: 'authenticate-cognito',
+      authenticateCognitoConfig: AuthenticateCognitoAction.config(options),
     }, options.next);
+    this.addRuleAction({
+      type: 'authenticate-cognito',
+      authenticateCognitoConfig: {
+        ...AuthenticateCognitoAction.config(options),
+        sessionTimeout: options.sessionTimeout?.toSeconds(),
+      },
+    });
   }
 }
diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/test/cognito.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/test/cognito.test.ts
@@ -2,7 +2,6 @@ import { Template } from '@aws-cdk/assertions';
 import * as cognito from '@aws-cdk/aws-cognito';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2';
-import { ApplicationProtocol, ListenerCondition } from '@aws-cdk/aws-elasticloadbalancingv2';
 import { Duration, Stack } from '@aws-cdk/core';
 import * as actions from '../lib';
 
@@ -88,12 +87,12 @@ test('Can set sessionTimeout for actions and defaultActions', () => {
 
   // WHEN
   const listener = lb.addListener('Listener', {
-    protocol: ApplicationProtocol.HTTP,
+    protocol: elbv2.ApplicationProtocol.HTTP,
     defaultAction: action,
   });
   listener.addAction('Action2', {
     priority: 1,
-    conditions: [ListenerCondition.pathPatterns(['/action2*'])],
+    conditions: [elbv2.ListenerCondition.pathPatterns(['/action2*'])],
     action: action,
   });
 
@@ -129,7 +128,7 @@ test('Can set sessionTimeout for actions and defaultActions', () => {
           UserPoolArn: { 'Fn::GetAtt': ['UserPool6BA7E5F2', 'Arn'] },
           UserPoolClientId: { Ref: 'Client4A7F64DF' },
           UserPoolDomain: { Ref: 'Domain66AC69E0' },
-          // SessionTimeout in DefaultActions is number
+          // SessionTimeout in Actions is number
           SessionTimeout: 86400,
         },
         Order: 1,

diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/cdk.out b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/cdk.out
@@ -1 +1 @@
-{"version":"20.0.0"}
+{"version":"30.1.0"}
diff --git a/...s-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ-cognito.assets.json b/...s-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ-cognito.assets.json
@@ -1,15 +1,15 @@
 {
-  "version": "20.0.0",
+  "version": "30.1.0",
   "files": {
-    "9271c99fa7fd8d6ae26202fec69aaabba91d343b835d6cdc41a76f14fb6462d9": {
+    "0c2d0def6db3389453a3efadab8db4804f46dd1e84431da6a970923085b33a51": {
       "source": {
         "path": "integ-cognito.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "9271c99fa7fd8d6ae26202fec69aaabba91d343b835d6cdc41a76f14fb6462d9.json",
+          "objectKey": "0c2d0def6db3389453a3efadab8db4804f46dd1e84431da6a970923085b33a51.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

diff --git a/...elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ-cognito.template.json b/...elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ-cognito.template.json
@@ -459,6 +459,7 @@
     "DefaultActions": [
      {
       "AuthenticateCognitoConfig": {
+       "SessionTimeout": "86400",
        "UserPoolArn": {
         "Fn::GetAtt": [
          "UserPool6BA7E5F2",
@@ -497,6 +498,55 @@
     "Protocol": "HTTPS"
    }
   },
+  "LBListenerAction2RuleDEE172B4": {
+   "Type": "AWS::ElasticLoadBalancingV2::ListenerRule",
+   "Properties": {
+    "Actions": [
+     {
+      "AuthenticateCognitoConfig": {
+       "SessionTimeout": 86400,
+       "UserPoolArn": {
+        "Fn::GetAtt": [
+         "UserPool6BA7E5F2",
+         "Arn"
+        ]
+       },
+       "UserPoolClientId": {
+        "Ref": "Client4A7F64DF"
+       },
+       "UserPoolDomain": {
+        "Ref": "Domain66AC69E0"
+       }
+      },
+      "Order": 1,
+      "Type": "authenticate-cognito"
+     },
+     {
+      "FixedResponseConfig": {
+       "ContentType": "text/plain",
+       "MessageBody": "Authenticated",
+       "StatusCode": "200"
+      },
+      "Order": 2,
+      "Type": "fixed-response"
+     }
+    ],
+    "Conditions": [
+     {
+      "Field": "path-pattern",
+      "PathPatternConfig": {
+       "Values": [
+        "action2*"
+       ]
+      }
+     }
+    ],
+    "ListenerArn": {
+     "Ref": "LBListener49E825B4"
+    },
+    "Priority": 1
+   }
+  },
   "UserPool6BA7E5F2": {
    "Type": "AWS::Cognito::UserPool",
    "Properties": {

diff --git a/...ges/@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ.json b/...ges/@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/integ.json
@@ -1,11 +1,12 @@
 {
-  "version": "20.0.0",
+  "version": "30.1.0",
   "testCases": {
     "integ-test-cognito/DefaultTest": {
       "stacks": [
         "integ-cognito"
       ],
-      "assertionStack": "integ-test-cognito/DefaultTest/DeployAssert"
+      "assertionStack": "integ-test-cognito/DefaultTest/DeployAssert",
+      "assertionStackName": "integtestcognitoDefaultTestDeployAssert6F2623C9"
     }
   }
 }
diff --git a/...est/integ.cognito.js.snapshot/integtestcognitoDefaultTestDeployAssert6F2623C9.assets.json b/...est/integ.cognito.js.snapshot/integtestcognitoDefaultTestDeployAssert6F2623C9.assets.json
@@ -1,5 +1,5 @@
 {
-  "version": "20.0.0",
+  "version": "30.1.0",
   "files": {
     "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
       "source": {

diff --git a/.../@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/manifest.json b/.../@aws-cdk/aws-elasticloadbalancingv2-actions/test/integ.cognito.js.snapshot/manifest.json
@@ -1,12 +1,6 @@
 {
-  "version": "20.0.0",
+  "version": "30.1.0",
   "artifacts": {
-    "Tree": {
-      "type": "cdk:tree",
-      "properties": {
-        "file": "tree.json"
-      }
-    },
     "integ-cognito.assets": {
       "type": "cdk:asset-manifest",
       "properties": {
@@ -23,7 +17,7 @@
         "validateOnSynth": false,
         "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
         "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
-        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/9271c99fa7fd8d6ae26202fec69aaabba91d343b835d6cdc41a76f14fb6462d9.json",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0c2d0def6db3389453a3efadab8db4804f46dd1e84431da6a970923085b33a51.json",
         "requiresBootstrapStackVersion": 6,
         "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
         "additionalDependencies": [
@@ -195,6 +189,12 @@
             "data": "LBListener49E825B4"
           }
         ],
+        "/integ-cognito/LB/Listener/Action2Rule/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "LBListenerAction2RuleDEE172B4"
+          }
+        ],
         "/integ-cognito/UserPool/Resource": [
           {
             "type": "aws:cdk:logicalId",
@@ -280,6 +280,12 @@
         ]
       },
       "displayName": "integ-test-cognito/DefaultTest/DeployAssert"
+    },
+    "Tree": {
+      "type": "cdk:tree",
+      "properties": {
+        "file": "tree.json"
+      }
     }
   }
 }