(apigatewayv2-authorizers): WebSocketLambdaAuthorizer's default is invalid

[Tietew]

What is the problem?

WebSocketLambdaAuthorizer's default identitySource is currently ['$request.header.Authorization'].
But this value is rejected by CloudFormation with following error message:

Invalid request identity source expression: $request.header.Authorization. The sources must be separated by comma, and each source must be either a request parameter, matching 'route.request.querystring|header.[a-zA-Z0-9._-]+', or a stage variable, matching 'stageVariables.[a-zA-Z0-9._-]+', or a context parameter, matching 'context.[a-zA-Z0-9._-]+'

identitySource shoud not have default value (mandatory prop) because constant does not match required criteria.

Reproduction Steps

const authorizerHandler = new lambda.Function(this, 'AuthorizerHandler', /* snip */);
const connectHandler = new lambda.Function(this, 'ConnectHandler', /* snip */);
const api = new WebSocketApi(this, 'WebSocketApi', {
  connectRouteOptions: {
    authorizer: new WebSocketLambdaAuthorizer('Authorizer', authorizerHandler),
    integration: new WebSocketLambdaIntegration('Connect', connectHandler)
  }
});

What did you expect to happen?

WebSocketApi is successfully created.

What actually happened?

Failed to deploy stack with an error described above.

CDK CLI Version

2.4.0

Framework Version

No response

Node.js Version

14.18.0

OS

Linux 5.10.60.1-microsoft-standard-WSL2

Language

Typescript

Language Version

No response

Other information

No response

[kaizencc]

Thanks for bringing this to our attention @Tietew! I have reproduced this bug and it looks like we need to update the default identitySource to route.request.header.Authorization.