-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(lambda-api): track api key usage
- Loading branch information
Showing
16 changed files
with
69 additions
and
105 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,60 +1,45 @@ | ||
import { HttpHeader, LambdaContext, LambdaFunction, LambdaHttpResponse } from '@basemaps/lambda'; | ||
import { Const, LogConfig, tileFromPath, TileType, ProjectionTileMatrixSet } from '@basemaps/shared'; | ||
import { LogConfig, tileFromPath, TileType, ProjectionTileMatrixSet } from '@basemaps/shared'; | ||
import { ValidateRequest } from './validate'; | ||
|
||
function setTileInfo(ctx: LambdaContext): boolean { | ||
function setTileInfo(ctx: LambdaContext): void { | ||
const xyzData = tileFromPath(ctx.action.rest); | ||
if (xyzData?.type === TileType.WMTS) { | ||
return true; | ||
} | ||
if (xyzData == null) return; | ||
|
||
if (xyzData?.type === TileType.Image) { | ||
const { x, y, z } = xyzData; | ||
if (xyzData.type === TileType.Image) { | ||
const { x, y, z, ext } = xyzData; | ||
ctx.set('xyz', { x, y, z }); | ||
ctx.set('projection', xyzData.projection.code); | ||
ctx.set('extension', ext); | ||
|
||
const latLon = ProjectionTileMatrixSet.get(xyzData.projection.code).tileCenterToLatLon(xyzData); | ||
ctx.set('location', latLon); | ||
} | ||
return false; | ||
} | ||
|
||
/** | ||
* Validate a CloudFront request has a valid API key and is not abusing the system | ||
*/ | ||
export async function handleRequest(req: LambdaContext): Promise<LambdaHttpResponse> { | ||
req.set('name', 'LambdaApiTracker'); | ||
req.set('method', req.method); | ||
req.set('path', req.path); | ||
|
||
// Extract request information | ||
// ctx.set('clientIp', ctx.evt.clientIp); FIXME | ||
if (LambdaContext.isCloudFrontEvent(req.evt)) { | ||
req.set('clientIp', req.evt.Records[0].cf.request.clientIp); | ||
} | ||
|
||
req.set('referer', req.header('referer')); | ||
req.set('userAgent', req.header('user-agent')); | ||
|
||
const doNotCache = req.action.name === 'tiles' && setTileInfo(req); | ||
|
||
const apiKey = req.query[Const.ApiKey.QueryString]; | ||
if (apiKey == null || Array.isArray(apiKey)) { | ||
return new LambdaHttpResponse(400, 'Invalid API Key'); | ||
} | ||
|
||
// Include the APIKey in the final log entry | ||
req.set(Const.ApiKey.QueryString, apiKey); | ||
if (req.action.name === 'tiles') setTileInfo(req); | ||
|
||
// Validate the request throwing an error if anything goes wrong | ||
req.timer.start('validate'); | ||
const res = await ValidateRequest.validate(apiKey, req); | ||
const res = await ValidateRequest.validate(req); | ||
req.timer.end('validate'); | ||
|
||
if (res != null) { | ||
return res; | ||
} | ||
if (res != null) return res; | ||
|
||
const response = new LambdaHttpResponse(100, 'Continue'); | ||
// Api key will be trimmed from the forwarded request so pass it via a well known header | ||
response.header(HttpHeader.ApiKey, apiKey); | ||
if (doNotCache) response.header(HttpHeader.CacheControl, 'max-age=0'); | ||
return response; | ||
return new LambdaHttpResponse(100, 'Continue'); | ||
} | ||
|
||
export const handler = LambdaFunction.wrap(handleRequest, LogConfig.get()); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 3 additions & 4 deletions
7
...ages/shared/src/__test__/api.path.test.ts → ...ages/lambda/src/__test__/api.path.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.