feat(event_handler): add Cookies first class citizen

rubenfonseca · rubenfonseca · commit 97bd70fc315f · 2022-08-31T10:28:21.000+02:00
diff --git a/aws_lambda_powertools/event_handler/api_gateway.py b/aws_lambda_powertools/event_handler/api_gateway.py
@@ -13,6 +13,7 @@
 from typing import Any, Callable, Dict, List, Match, Optional, Pattern, Set, Tuple, Type, Union
 
 from aws_lambda_powertools.event_handler import content_types
+from aws_lambda_powertools.event_handler.cookies import Cookie
 from aws_lambda_powertools.event_handler.exceptions import NotFoundError, ServiceError
 from aws_lambda_powertools.shared import constants
 from aws_lambda_powertools.shared.functions import resolve_truthy_env_var_choice
@@ -147,7 +148,7 @@ def __init__(
         content_type: Optional[str],
         body: Union[str, bytes, None],
         headers: Optional[Dict[str, Union[str, List[str]]]] = None,
-        cookies: Optional[List[str]] = None,
+        cookies: Optional[List[Cookie]] = None,
     ):
         """
 
@@ -162,7 +163,7 @@ def __init__(
             Optionally set the response body. Note: bytes body will be automatically base64 encoded
         headers: dict[str, Union[str, List[str]]]
             Optionally set specific http headers. Setting "Content-Type" here would override the `content_type` value.
-        cookies: list[str]
+        cookies: list[Cookie]
             Optionally set cookies.
         """
         self.status_code = status_code
diff --git a/aws_lambda_powertools/event_handler/cookies.py b/aws_lambda_powertools/event_handler/cookies.py
@@ -0,0 +1,77 @@
+from datetime import datetime
+from enum import Enum
+from io import StringIO
+from typing import List, Optional
+
+
+class SameSite(Enum):
+    DEFAULT_MODE = ""
+    LAX_MODE = "Lax"
+    STRICT_MODE = "Strict"
+    NONE_MODE = "None"
+
+
+class Cookie:
+    def __init__(
+        self,
+        name: str,
+        value: str,
+        path: Optional[str] = None,
+        domain: Optional[str] = None,
+        expires: Optional[datetime] = None,
+        max_age: Optional[int] = None,
+        secure: Optional[bool] = None,
+        http_only: Optional[bool] = None,
+        same_site: Optional[SameSite] = None,
+        custom_attributes: Optional[List[str]] = None,
+    ):
+        self.name = name
+        self.value = value
+        self.path = path
+        self.domain = domain
+        self.expires = expires
+        self.max_age = max_age
+        self.secure = secure
+        self.http_only = http_only
+        self.same_site = same_site
+        self.custom_attributes = custom_attributes
+
+    def __str__(self) -> str:
+        payload = StringIO()
+        payload.write(f"{self.name}=")
+
+        # Maintenance(rf): the value needs to be sanitized
+        payload.write(self.value)
+
+        if self.path and len(self.path) > 0:
+            # Maintenance(rf): the value of path needs to be sanitized
+            payload.write(f"; Path={self.path}")
+
+        if self.domain and len(self.domain) > 0:
+            payload.write(f"; Domain={self.domain}")
+
+        if self.expires:
+            # Maintenance(rf) this format is wrong
+            payload.write(f"; Expires={self.expires.strftime('YYYY-MM-dd')}")
+
+        if self.max_age:
+            if self.max_age > 0:
+                payload.write(f"; MaxAge={self.max_age}")
+            if self.max_age < 0:
+                payload.write("; MaxAge=0")
+
+        if self.http_only:
+            payload.write("; HttpOnly")
+
+        if self.secure:
+            payload.write("; Secure")
+
+        if self.same_site:
+            payload.write(f"; SameSite={self.same_site.value}")
+
+        if self.custom_attributes:
+            for attr in self.custom_attributes:
+                # Maintenance(rf): the value needs to be sanitized
+                payload.write(f"; {attr}")
+
+        return payload.getvalue()
diff --git a/aws_lambda_powertools/shared/headers_serializer.py b/aws_lambda_powertools/shared/headers_serializer.py
@@ -2,14 +2,16 @@
 from collections import defaultdict
 from typing import Any, Dict, List, Union
 
+from aws_lambda_powertools.event_handler.cookies import Cookie
+
 
 class BaseHeadersSerializer:
     """
     Helper class to correctly serialize headers and cookies for Amazon API Gateway,
     ALB and Lambda Function URL response payload.
     """
 
-    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str]) -> Dict[str, Any]:
+    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[Cookie]) -> Dict[str, Any]:
         """
         Serializes headers and cookies according to the request type.
         Returns a dict that can be merged with the response payload.
@@ -25,7 +27,7 @@ def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str
 
 
 class HttpApiHeadersSerializer(BaseHeadersSerializer):
-    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str]) -> Dict[str, Any]:
+    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[Cookie]) -> Dict[str, Any]:
         """
         When using HTTP APIs or LambdaFunctionURLs, everything is taken care automatically for us.
         We can directly assign a list of cookies and a dict of headers to the response payload, and the
@@ -44,11 +46,11 @@ def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str
             else:
                 combined_headers[key] = ", ".join(values)
 
-        return {"headers": combined_headers, "cookies": cookies}
+        return {"headers": combined_headers, "cookies": list(map(str, cookies))}
 
 
 class MultiValueHeadersSerializer(BaseHeadersSerializer):
-    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str]) -> Dict[str, Any]:
+    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[Cookie]) -> Dict[str, Any]:
         """
         When using REST APIs, headers can be encoded using the `multiValueHeaders` key on the response.
         This is also the case when using an ALB integration with the `multiValueHeaders` option enabled.
@@ -69,13 +71,13 @@ def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str
         if cookies:
             payload.setdefault("Set-Cookie", [])
             for cookie in cookies:
-                payload["Set-Cookie"].append(cookie)
+                payload["Set-Cookie"].append(str(cookie))
 
         return {"multiValueHeaders": payload}
 
 
 class SingleValueHeadersSerializer(BaseHeadersSerializer):
-    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str]) -> Dict[str, Any]:
+    def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[Cookie]) -> Dict[str, Any]:
         """
         The ALB integration has `multiValueHeaders` disabled by default.
         If we try to set multiple headers with the same key, or more than one cookie, print a warning.
@@ -93,7 +95,7 @@ def serialize(self, headers: Dict[str, Union[str, List[str]]], cookies: List[str
                 )
 
             # We can only send one cookie, send the last one
-            payload["headers"]["Set-Cookie"] = cookies[-1]
+            payload["headers"]["Set-Cookie"] = str(cookies[-1])
 
         for key, values in headers.items():
             if isinstance(values, str):
diff --git a/tests/e2e/event_handler/handlers/alb_handler.py b/tests/e2e/event_handler/handlers/alb_handler.py
@@ -1,16 +1,20 @@
+from typing import Dict
+
 from aws_lambda_powertools.event_handler import ALBResolver, Response, content_types
 
 app = ALBResolver()
 
 
-@app.get("/todos")
+@app.post("/todos")
 def hello():
+    payload: Dict = app.current_event.json_body
+
     return Response(
         status_code=200,
         content_type=content_types.TEXT_PLAIN,
         body="Hello world",
-        cookies=["CookieMonster", "MonsterCookie"],
-        headers={"Foo": ["bar", "zbr"]},
+        cookies=payload["cookies"],
+        headers=payload["headers"],
     )
 
 
diff --git a/tests/e2e/event_handler/handlers/lambda_function_url_handler.py b/tests/e2e/event_handler/handlers/lambda_function_url_handler.py
@@ -3,14 +3,21 @@
 app = LambdaFunctionUrlResolver()
 
 
-@app.get("/todos")
+@app.post("/todos")
 def hello():
+    payload = app.current_event.json_body
+
+    body = payload.get("body", "Hello World")
+    status_code = payload.get("status_code", 200)
+    headers = payload.get("headers", {})
+    cookies = payload.get("cookies", [])
+
     return Response(
-        status_code=200,
-        content_type=content_types.TEXT_PLAIN,
-        body="Hello world",
-        cookies=["CookieMonster", "MonsterCookie"],
-        headers={"Foo": ["bar", "zbr"]},
+        status_code=status_code,
+        content_type=headers.get("Content-Type", content_types.TEXT_PLAIN),
+        body=body,
+        cookies=cookies,
+        headers=headers,
     )
 
 
diff --git a/tests/e2e/event_handler/test_header_serializer.py b/tests/e2e/event_handler/test_header_serializer.py
@@ -1,6 +1,9 @@
+from uuid import uuid4
+
 import pytest
 from requests import Request
 
+from aws_lambda_powertools.event_handler.cookies import Cookie
 from tests.e2e.utils import data_fetcher
 
 
@@ -122,20 +125,32 @@ def test_api_gateway_http_headers_serializer(apigw_http_endpoint):
 def test_lambda_function_url_headers_serializer(lambda_function_url_endpoint):
     # GIVEN
     url = f"{lambda_function_url_endpoint}todos"  # the function url endpoint already has the trailing /
+    body = "Hello World"
+    status_code = 200
+    headers = {"Content-Type": "text/plain", "Vary": ["Accept-Encoding", "User-Agent"]}
+    cookies = [
+        Cookie(name="session_id", value=str(uuid4()), secure=True, http_only=True),
+        Cookie(name="ab_experiment", value="3"),
+    ]
 
     # WHEN
-    response = data_fetcher.get_http_response(Request(method="GET", url=url))
+    response = data_fetcher.get_http_response(
+        Request(
+            method="POST",
+            url=url,
+            json={"body": body, "status_code": status_code, "headers": headers, "cookies": list(map(str, cookies))},
+        )
+    )
 
     # THEN
-    assert response.status_code == 200
-    assert response.content == b"Hello world"
-    assert response.headers["content-type"] == "text/plain"
+    assert response.status_code == status_code
+    assert response.content.decode("ascii") == body
 
-    # Only the last header for key "Foo" should be set
-    assert "Foo" in response.headers
-    foo_headers = [x.strip() for x in response.headers["Foo"].split(",")]
-    assert sorted(foo_headers) == ["bar", "zbr"]
+    for key, value in headers.items():
+        assert key in response.headers
+        value = value if isinstance(value, str) else ", ".join(value)
+        assert response.headers[key] == value
 
-    # Only the last cookie should be set
-    assert "MonsterCookie" in response.cookies.keys()
-    assert "CookieMonster" in response.cookies.keys()
+    for cookie in cookies:
+        assert cookie.name in response.cookies
+        assert response.cookies.get(cookie.name) == cookie.value
