Transforming List[Dict..List]]] in a hashed object

leandrodamascena · leandrodamascena · commit 8f6cb1714e82 · 2024-05-28T22:42:16.000+01:00
diff --git a/aws_lambda_powertools/event_handler/api_gateway.py b/aws_lambda_powertools/event_handler/api_gateway.py
@@ -43,7 +43,7 @@
     validation_error_definition,
     validation_error_response_definition,
 )
-from aws_lambda_powertools.event_handler.util import _FrozenDict, extract_origin_header
+from aws_lambda_powertools.event_handler.util import _FrozenDict, _FrozenListDict, extract_origin_header
 from aws_lambda_powertools.shared.cookies import Cookie
 from aws_lambda_powertools.shared.functions import powertools_dev_is_set
 from aws_lambda_powertools.shared.json_encoder import Encoder
@@ -2386,6 +2386,7 @@ def register_route(func: Callable):
             methods = (method,) if isinstance(method, str) else tuple(method)
             frozen_responses = _FrozenDict(responses) if responses else None
             frozen_tags = frozenset(tags) if tags else None
+            frozen_security = _FrozenListDict(security) if security else None
 
             route_key = (
                 rule,
@@ -2400,7 +2401,7 @@ def register_route(func: Callable):
                 frozen_tags,
                 operation_id,
                 include_in_schema,
-                security,
+                frozen_security,
             )
 
             # Collate Middleware for routes
diff --git a/aws_lambda_powertools/event_handler/util.py b/aws_lambda_powertools/event_handler/util.py
@@ -18,6 +18,27 @@ def __hash__(self):
         return hash(frozenset(self.keys()))
 
 
+class _FrozenListDict(list[dict[str, list[str]]]):
+    """
+    Freezes a list of dictionaries containing lists of strings.
+
+    This function takes a list of dictionaries where the values are lists of strings and converts it into
+    a frozen set of frozen sets of frozen dictionaries. This is done by iterating over the input list,
+    converting each dictionary's values (lists of strings) into frozen sets of strings, and then
+    converting the resulting dictionary into a frozen dictionary. Finally, all these frozen dictionaries
+    are collected into a frozen set of frozen sets.
+
+    This operation is useful when you want to ensure the immutability of the data structure and make it
+    hashable, which is required for certain operations like using it as a key in a dictionary or as an
+    element in a set.
+
+    Example: [{"TestAuth": ["test", "test1"]}]
+    """
+
+    def __hash__(self):
+        return hash(frozenset({_FrozenDict({key: frozenset(self) for key, self in item.items()}) for item in self}))
+
+
 def extract_origin_header(resolver_headers: Dict[str, Any]):
     """
     Extracts the 'origin' or 'Origin' header from the provided resolver headers.
diff --git a/tests/functional/event_handler/test_openapi_security.py b/tests/functional/event_handler/test_openapi_security.py
@@ -1,23 +1,27 @@
 import pytest
 
 from aws_lambda_powertools.event_handler import APIGatewayRestResolver
+from aws_lambda_powertools.event_handler.api_gateway import Router
 from aws_lambda_powertools.event_handler.openapi.models import APIKey, APIKeyIn
 
 
 def test_openapi_top_level_security():
+    # GIVEN an APIGatewayRestResolver instance
     app = APIGatewayRestResolver()
 
     @app.get("/")
     def handler():
         raise NotImplementedError()
 
+    # WHEN the get_openapi_schema method is called with a security scheme
     schema = app.get_openapi_schema(
         security_schemes={
             "apiKey": APIKey(name="X-API-KEY", description="API Key", in_=APIKeyIn.header),
         },
         security=[{"apiKey": []}],
     )
 
+    # THEN the resulting schema should have security defined at the top level
     security = schema.security
     assert security is not None
 
@@ -26,31 +30,67 @@ def handler():
 
 
 def test_openapi_top_level_security_missing():
+    # GIVEN an APIGatewayRestResolver instance
     app = APIGatewayRestResolver()
 
     @app.get("/")
     def handler():
         raise NotImplementedError()
 
+    # WHEN the get_openapi_schema method is called with security defined without security schemes
+    # THEN a ValueError should be raised
     with pytest.raises(ValueError):
         app.get_openapi_schema(
             security=[{"apiKey": []}],
         )
 
 
 def test_openapi_operation_security():
+    # GIVEN an APIGatewayRestResolver instance
     app = APIGatewayRestResolver()
 
     @app.get("/", security=[{"apiKey": []}])
     def handler():
         raise NotImplementedError()
 
+    # WHEN the get_openapi_schema method is called with security defined at the operation level
     schema = app.get_openapi_schema(
         security_schemes={
             "apiKey": APIKey(name="X-API-KEY", description="API Key", in_=APIKeyIn.header),
         },
     )
 
+    # THEN the resulting schema should have security defined at the operation level, not the top level
+    security = schema.security
+    assert security is None
+
+    operation = schema.paths["/"].get
+    security = operation.security
+    assert security is not None
+
+    assert len(security) == 1
+    assert security[0] == {"apiKey": []}
+
+
+def test_openapi_operation_security_with_router():
+    # GIVEN an APIGatewayRestResolver instance with a Router
+    app = APIGatewayRestResolver()
+    router = Router()
+
+    @router.get("/", security=[{"apiKey": []}])
+    def handler():
+        raise NotImplementedError()
+
+    app.include_router(router)
+
+    # WHEN the get_openapi_schema method is called with security defined at the operation level in the Router
+    schema = app.get_openapi_schema(
+        security_schemes={
+            "apiKey": APIKey(name="X-API-KEY", description="API Key", in_=APIKeyIn.header),
+        },
+    )
+
+    # THEN the resulting schema should have security defined at the operation level
     security = schema.security
     assert security is None
 
