smallorange-gateway
v1.0.64
Published
Simple HTTP gateway for lambdas
Downloads
69
Readme
Small Orange Gateway
Simple HTTP gateway for lambdas
This gateway takes care to create a HTTP server, call lambda functions, cache into Redis according to provided strategy and log into cloudWatch.
Sample
Setup
// used env vars
process.env.ACCESS_KEY_ID = 'xxxxx'; // (required)
process.env.SECRET_ACCESS_KEY = 'xxxxx'; // (required)
process.env.REGION = 'xxxxx'; // (optional)
process.env.REDIS_URL = 'xxxxx'; // (optional)
process.env.LOG_GROUP = 'xxxxx'; // (optional)
process.env.PORT = 8080; // (optional)
process.env.CACHE_PREFIX = ''; // (optional)
process.env.CACHE_TTL = 2592000; // time in seconds to live (optional) default: 30 days
process.env.CACHE_TTR = 7200; // time in seconds to refresh (optional) default: 2 hours
process.env.CACHE_TIMEOUT = 1000; // time in ms to wait before route to the origin (optional) default: 1 second
// lambdas manifest
const lambdas = {
'/': {
name: 'functionName' // required,
cache: {
driver: {}, // Object like https://github.com/feliperohdee/smallorange-rxjs-cache-driver
enabled: args => args.method === 'GET' && !args.hasExtension && !args.url.query || boolean,
namespace: args => args.host, // required
key: args => args.url.pathname || string // required,
options: args => ({
ttl: number, // optional, override default
ttr: number // optional, override default
})
},
transform: {
args: args => { // it happens immediately after authentication is handled
args.headers = {
...args.headers,
customHeader: 'customHeaderValue'
};
},
response: (response, req, res) => {
response.body = ...;
return response;
},
error: err => {
return err;
}
}
},
// or with HTTP verb
'POST /': {
name: 'functionName' // required,
cache: {
enabled: args => args.method === 'GET' && !args.hasExtension && !args.url.query || boolean,
namespace: args => args.host, // required
key: args => args.url.pathname || string // required
},
transform: {
args: args => {
args.headers = {
...args.headers,
customHeader: 'customHeaderValue'
};
}
}
},
'/functionName': {
name: 'functionName', // required
// pass just params (not all args as described below) to the lambda function
paramsOnly: true,
defaults: {
// default request params, it will be merged with params fetched from req.query, in case of key collision, the latter is going to have precedence
requestParams: {
width: 100,
height: 100
},
// default response base64 value, lambda response can override this value, if checked, value will be converted to a buffer before returns to the browser
responseBase64: true,
// default response headers, lambda response headers will be merged with this value, in case of key collision, the latter is going to have precedence
respondeHeaders: {
'content-type': 'image/png'
}
}
},
'/local': {
name: 'functionName', // required,
local: path.resolve('...path to local function index')
},
'/mocked': {
mocked: args => 'anything'
},
'/authOnly': {
name: 'functionName' // required,
auth: {
enabled: true,
allowedFields: ['role', 'user', 'loggedAt'], // (optional)
handleInvalidSignature: false, // (optional)
secret: (payload, params, headers) => 'mySecret' || 'mySecret', // (required)
token(params, headers) => params.token || headers.authorization // (optional),
options: {
/*
algorithms: List of strings with the names of the allowed algorithms. For instance, ["HS256", "HS384"].
audience: if you want to check audience (aud), provide a value here
issuer (optional): string or array of strings of valid values for the iss field.
ignoreExpiration: if true do not validate the expiration of the token.
ignoreNotBefore...
subject: if you want to check subject (sub), provide a value here
clockTolerance: number of seconds to tolerate when checking the nbf and exp claims, to deal with small clock differences among different servers
*/
},
resolve: (auth, args) => object || Observable<Object> // (optional)
}
},
'/adminOnly': {
enabled: args => true,
name: 'functionName' // required,
auth: {
// ...
requiredRoles: ['admin']
}
},
'/adminOrPublic': {
name: 'functionName' // required,
auth: {
// ...
requiredRoles: ['admin', 'public']
}
},
// note: JWT should have role property, like:
// {
// role: string, // (required)
// ...anyOtherParams
// }
// full wildcards
'/*': {
name: 'functionName' // required,
},
'/*/*': {
name: 'functionName' // required,
},
// partial wildcards
'/*/functionName': {
name: 'functionName' // required,
},
'/*/*/functionName': {
name: 'functionName' // required,
}
};
const gateway = new Gateway({
logGroup: 'myAppLogs', // || env.LOG_GROUP
lambdas,
redisUrl: 'redis://localhost:6380', // || env.REDIS_URL
cachePrefix: '', || // env.CACHE_PREFIX
});
Usage Details
// for a request like
GET http://localhost/functionName/resource?string=value&number=2&boolean=true&nulled=null
// lambda function will receive args like:
{
auth: {}, // if enabled
body: {},
hasExtension: false, // if url ends with .jpg or .png
headers: {
//...request headers
},
host: 'http://localhost',
method: 'GET',
// fetched from req.query
params: {
string: 'value',
number: 2,
boolean: true,
nulled: null,
},
url: {
path: '/functionName/resource?string=value&number=2&boolean=true&nulled=null',
pathname: '/functionName/resource',
query: 'string=value&number=2&boolean=true&nulled=null'
},
uri: '/functionName/resource'
}
// or just params if explicity declared at lambdas manifest with "paramsOnly = true":
{
string: 'value',
number: 2,
boolean: true,
nulled: null
}
// lambdas can responds with just string, or an object with following signature
{
//string or stringified object,
body: string,
headers: object,
base64: boolean,
statusCode: number // is statusCode >= 400, gateway is going to handle as an error following the Http/1.1 rfc (https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html)
}
Cache handling
// you can manually mark cache to refresh making a request like:
POST http://yourhost/cache
{
operation: 'markToRefresh',
namespace: 'http://localhost'
}
// or unset
POST http://yourhost/cache
{
operation: 'unset',
namespace: 'http://localhost',
keys: ['/', '/cart']
}