Phil Astle
09/17/2021, 4:04 PMRoss Coundon
09/17/2021, 4:49 PMPhil Astle
09/17/2021, 4:51 PMRoss Coundon
09/17/2021, 5:22 PMPhil Astle
09/17/2021, 5:42 PMFrank
sst.Api
), OPTIONS request is handled automatically by API Gateway.Frank
Frank
ANY
or $default
route configured? I wonder if they are intercepting the OPTIONS request 🤔Phil Astle
09/20/2021, 2:27 PMPhil Astle
09/20/2021, 2:32 PM"GET /google/oauth-callback": {
handler: "src/graph/site_reviews/google/oauth-callback.handler",
permissions: [auroraClusterPolicy, auroraSecretPolicy],
authorizationType: ApiAuthorizationType.NONE,
This doesn't work however - it ignores the authorizationType property. We had to change the route to this:
"GET /google/oauth-callback": {
function: {
handler: "src/graph/site_reviews/google/oauth-callback.handler",
permissions: [auroraClusterPolicy, auroraSecretPolicy],
},
authorizationType: ApiAuthorizationType.NONE,
},
This then caused it to ignore the default auth. This does make me wonder though... Could the default auth we defined have been affecting the undefined OPTIONS route, which is why it started working when I added a specific OPTIONS route which explicitly turned off the auth?Frank
This then caused it to ignore the default authIsn’t that what you intended to do by setting the authorizationType to
ApiAuthorizationType.NONE
?
Could the default auth we defined have been affecting the undefined OPTIONS route?It shouldn’t. CORS is configured by HTTP API internally. OPTION routes aren’t added explicitly and hence not affected by the default auth.
Frank
Phil Astle
09/21/2021, 9:26 AMIsn’t that what you intended to do by setting the authorizationType toÂIt is what we wanted but we didn't expect to have to declare the route differently to get it to accept the authorizationType override 🙂?ApiAuthorizationType.NONE
Phil Astle
09/21/2021, 9:28 AMIf you get a chance to create a sample repo with just an Api with 1 route that reproduced this issue. I can give it a try on my end 🙂Should be able to do that (and the other one) sometime this week or next week hopefully, now we're in a cooldown!