Merge branch 'release/1.1.0'

Author: diana.ionita

.circleci/config.yml

@@ -4,9 +4,6 @@ references:
   container_config: &container_config
     docker:
       - image: circleci/node:8.10
-    environment:
-      MOCHA_FILE: ./test-results/unit/test-results.xml
-
   poke_npmrc: &poke_npmrc
     run: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
 
@@ -25,12 +22,12 @@ references:
   create_test_results_dir: &create_test_results_dir
     run: 
       command: |
-        mkdir ./test-results
-        mkdir ./test-results/unit
+        mkdir test-results
+        mkdir test-results/mocha
         
   store_test_results: &store_test_results
     store_test_results:
-      path: ./test-results
+      path: test-results
 
 jobs:
   dev:
@@ -41,7 +38,11 @@ jobs:
       - *restore_npm_cache
       - run: npm install
       - *save_npm_cache
-      - run: npm run test -- --reporter mocha-junit-reporter
+      - *create_test_results_dir
+      - run:
+          environment:
+            MOCHA_FILE: ./test-results/mocha/results.xml
+          command: npm run test -- --reporter mocha-junit-reporter
       - *store_test_results
 
   live:

README.md

@@ -6,8 +6,20 @@
 A plugin for the serverless framework which helps with configuring caching for API Gateway endpoints.
 
 ## Good to know
-If you enable caching globally, it does NOT automatically enable caching for your endpoints - you have to be explicit about which endpoints should have caching enabled.
+* If you enable caching globally, it does NOT automatically enable caching for your endpoints - you have to be explicit about which endpoints should have caching enabled.
 However, disabling caching globally disables it across endpoints.
+* If you don't specify `ttlInSeconds` and `perKeyInvalidation` for an endpoint which has caching enabled, these settings are inherited from global settings.
+* For HTTP method `ANY`, caching will be enabled only for the `GET` method and disabled for the other methods.
+
+## Per-key cache invalidation
+If you don't configure per-key cache invalidation authorization, by default it is *required*.
+You can configure how to handle unauthorized requests to invalidate a cache key using the options:
+* `Ignore` - ignores the request to invalidate the cache key.
+* `IgnoreWithWarning` - ignores the request to invalidate and adds a `warning` header in the response.
+* `Fail` - fails the request to invalidate the cache key with a 403 response status code.
+
+## Currently not supported:
+* lambda functions with many HTTP events.
 
 ## Example
 
@@ -21,6 +33,9 @@ custom:
     enabled: true
     clusterSize: '0.5' # defaults to '0.5'
     ttlInSeconds: 300 # defaults to the maximum allowed: 3600
+    perKeyInvalidation:
+      requireAuthorization: true # default is true
+      handleUnauthorizedRequests: IgnoreWithWarning # default is "IgnoreWithWarning"
 
 functions:
   # Responses are not cached
@@ -44,15 +59,10 @@ functions:
           caching:
             enabled: true
             ttlInSeconds: 3600
+            perKeyInvalidation:
+              requireAuthorization: true
+              handleUnauthorizedRequests: Ignore
             cacheKeyParameters:
               - name: request.path.pawId
-                required: true
               - name: request.header.Accept-Language
-                required: false
 ```
-
-## Limitations
-* For HTTP method `ANY`, caching will be enabled only for the `GET` method and disabled for the other methods.
-
-## Currently not supported:
-* lambda functions with many http events

package-lock.json

@@ -1,10 +1,10 @@
 {
   "name": "serverless-api-gateway-caching",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "A plugin for the serverless framework which helps with configuring caching for API Gateway endpoints.",
   "main": "src/apiGatewayCachingPlugin.js",
   "scripts": {
-    "test": "mocha --recursive test/**/*.js -t 5000"
+    "test": "mocha --recursive 'test/**/*.js' -t 5000"
   },
   "keywords": [
     "serverless",

package.json

@@ -1,5 +1,46 @@
 const isEmpty = require('lodash.isempty');
 const get = require('lodash.get');
+const { Ignore, IgnoreWithWarning, Fail } = require('./UnauthorizedCacheControlHeaderStrategy');
+
+const DEFAULT_CACHE_CLUSTER_SIZE = '0.5';
+const DEFAULT_TTL = 3600;
+const DEFAULT_UNAUTHORIZED_INVALIDATION_REQUEST_STRATEGY = IgnoreWithWarning;
+
+const mapUnauthorizedRequestStrategy = strategy => {
+  if (!strategy) {
+    return DEFAULT_UNAUTHORIZED_INVALIDATION_REQUEST_STRATEGY;
+  }
+  switch (strategy.toLowerCase()) {
+    case 'ignore': return Ignore;
+    case 'ignorewithwarning': return IgnoreWithWarning;
+    case 'fail': return Fail;
+    default: return DEFAULT_UNAUTHORIZED_INVALIDATION_REQUEST_STRATEGY;
+  }
+}
+
+const isApiGatewayEndpoint = functionSettings => {
+  if (isEmpty(functionSettings.events)) {
+    return false;
+  }
+  return functionSettings.events.filter(e => e.http != null).length > 0;
+}
+
+class PerKeyInvalidationSettings {
+  constructor(cachingSettings) {
+    let { perKeyInvalidation } = cachingSettings;
+    if (!perKeyInvalidation) {
+      this.requireAuthorization = true;
+      this.handleUnauthorizedRequests = DEFAULT_UNAUTHORIZED_INVALIDATION_REQUEST_STRATEGY;
+    }
+    else {
+      this.requireAuthorization = perKeyInvalidation.requireAuthorization
+      if (perKeyInvalidation.requireAuthorization) {
+        this.handleUnauthorizedRequests =
+          mapUnauthorizedRequestStrategy(perKeyInvalidation.handleUnauthorizedRequests);
+      }
+    }
+  }
+}
 
 class ApiGatewayEndpointCachingSettings {
   constructor(functionName, functionSettings, globalSettings) {
@@ -14,13 +55,17 @@ class ApiGatewayEndpointCachingSettings {
     this.cachingEnabled = globalSettings.cachingEnabled ? cachingConfig.enabled : false;
     this.cacheTtlInSeconds = cachingConfig.ttlInSeconds || globalSettings.cacheTtlInSeconds;
     this.cacheKeyParameters = cachingConfig.cacheKeyParameters;
+
+    if (!cachingConfig.perKeyInvalidation) {
+      this.perKeyInvalidation = globalSettings.perKeyInvalidation;
+    } else {
+      this.perKeyInvalidation = new PerKeyInvalidationSettings(cachingConfig);
+    }
   }
 }
 
 class ApiGatewayCachingSettings {
   constructor(serverless, options) {
-    const DEFAULT_CACHE_CLUSTER_SIZE = '0.5';
-    const DEFAULT_TTL = 3600;
     if (!get(serverless, 'service.custom.apiGatewayCaching')) {
       return;
     }
@@ -39,19 +84,15 @@ class ApiGatewayCachingSettings {
     this.cacheClusterSize = serverless.service.custom.apiGatewayCaching.clusterSize || DEFAULT_CACHE_CLUSTER_SIZE;
     this.cacheTtlInSeconds = serverless.service.custom.apiGatewayCaching.ttlInSeconds || DEFAULT_TTL;
 
+    this.perKeyInvalidation = new PerKeyInvalidationSettings(serverless.service.custom.apiGatewayCaching);
+
     for (let functionName in serverless.service.functions) {
       let functionSettings = serverless.service.functions[functionName];
-      if (this.isApiGatewayEndpoint(functionSettings)) {
+      if (isApiGatewayEndpoint(functionSettings)) {
         this.endpointSettings.push(new ApiGatewayEndpointCachingSettings(functionName, functionSettings, this))
       }
     }
   }
-
-  isApiGatewayEndpoint(functionSettings) {
-    if (isEmpty(functionSettings.events)) {
-      return false;
-    }
-    return functionSettings.events.filter(e => e.http != null).length > 0;
-  }
 }
+
 module.exports = ApiGatewayCachingSettings

src/ApiGatewayCachingSettings.js

@@ -0,0 +1,5 @@
+module.exports = {
+  Fail: 'FAIL_WITH_403',
+  IgnoreWithWarning: 'SUCCEED_WITH_RESPONSE_HEADER',
+  Ignore: 'SUCCEED_WITHOUT_RESPONSE_HEADER'
+}

src/UnauthorizedCacheControlHeaderStrategy.js

@@ -48,7 +48,7 @@ const addPathParametersCacheConfig = (settings, serverless) => {
     }
 
     for (let cacheKeyParameter of endpointSettings.cacheKeyParameters) {
-      method.resource.Properties.RequestParameters[`method.${cacheKeyParameter.name}`] = cacheKeyParameter.required;
+      method.resource.Properties.RequestParameters[`method.${cacheKeyParameter.name}`] = true;
       method.resource.Properties.Integration.RequestParameters[`integration.${cacheKeyParameter.name}`] = `method.${cacheKeyParameter.name}`;
       method.resource.Properties.Integration.CacheKeyParameters.push(`method.${cacheKeyParameter.name}`);
     }

src/pathParametersCache.js

@@ -60,6 +60,20 @@ const patchForMethod = (path, method, endpointSettings) => {
       value: `${endpointSettings.cacheTtlInSeconds}`
     })
   }
+  if (endpointSettings.perKeyInvalidation) {
+    patch.push({
+      op: 'replace',
+      path: `/${patchPath}/caching/requireAuthorizationForCacheControl`,
+      value: `${endpointSettings.perKeyInvalidation.requireAuthorization}`
+    });
+    if (endpointSettings.perKeyInvalidation.requireAuthorization) {
+      patch.push({
+        op: 'replace',
+        path: `/${patchPath}/caching/unauthorizedCacheControlHeaderStrategy`,
+        value: `${endpointSettings.perKeyInvalidation.handleUnauthorizedRequests}`
+      });
+    }
+  }
   return patch;
 }
 
@@ -113,7 +127,7 @@ const updateStageCacheSettings = async (settings, serverless) => {
   });
 
   let patchOps = createPatchForStage(settings);
-  
+
   let endpointsWithCachingEnabled = settings.endpointSettings.filter(e => e.cachingEnabled);
   if (settings.cachingEnabled && isEmpty(endpointsWithCachingEnabled)) {
     serverless.cli.log(`[serverless-api-gateway-caching] [WARNING] API Gateway caching is enabled but none of the endpoints have caching enabled`);

src/stageCache.js

@@ -52,9 +52,7 @@ describe('Configuring path parameter caching', () => {
         .withHttpEndpoint('get', '/cats');
 
       functionWithCachingName = 'get-cat-by-paw-id';
-      cacheKeyParameters = [
-        { name: 'request.path.pawId', required: true },
-        { name: 'request.header.Accept-Language', required: false }];
+      cacheKeyParameters = [{ name: 'request.path.pawId' }, { name: 'request.header.Accept-Language' }];
       let functionWithCaching = given.a_serverless_function(functionWithCachingName)
         .withHttpEndpoint('get', '/cat/{pawId}', { enabled: true, cacheKeyParameters });
 
@@ -73,13 +71,13 @@ describe('Configuring path parameter caching', () => {
         method = serverless.getMethodResourceForFunction(functionWithCachingName);
       });
 
-      it('should set whether request parameters are required', () => {
-        for (let parameter of cacheKeyParameters) {
-          expect(method.Properties.RequestParameters)
-            .to.deep.include({
-              [`method.${parameter.name}`]: parameter.required
-            });
-        }
+      it('should set that request parameters are part of the cache key', () => {	
+        for (let parameter of cacheKeyParameters) {	
+          expect(method.Properties.RequestParameters)	
+            .to.deep.include({	
+              [`method.${parameter.name}`]: true
+            });	
+        }	
       });
 
       it('should set integration request parameters', () => {