Add back custom auth

[jamesls]

This needs to go through the define_authorizer in order to work
with the swagger generation.

[codecov-io]

Codecov Report

Merging #322 into master will increase coverage by 0.17%.
The diff coverage is 95.34%.

@@            Coverage Diff             @@
##           master     #322      +/-   ##
==========================================
+ Coverage   88.95%   89.13%   +0.17%     
==========================================
  Files          18       18              
  Lines        1865     1905      +40     
  Branches      225      231       +6     
==========================================
+ Hits         1659     1698      +39     
  Misses        152      152              
- Partials       54       55       +1

Impacted Files	Coverage Δ
chalice/__init__.py	100% <ø> (ø)	⬆️
chalice/deploy/swagger.py	100% <100%> (ø)	⬆️
chalice/app.py	95.13% <92.3%> (-0.31%)	⬇️
chalice/pipeline.py	100% <0%> (+1.36%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6a68aba...1b223a7. Read the comment docs.

[stealthycoin]

Any reason not to expose authorizerResultTtlInSeconds in the config?

[jamesls]

Ok, after chatting about this, I'd like to propose some changes here.

First, we should have a consistent pattern for configuring advanced resources. I like the pattern used with the CORSConfig PR: #311, which is you pass in a specific object that represents the configuration you'd like for that route. The define_authorizer relies on string name references. It's nice that it decouples the order of the auth needed, but I think a better option here is to just pass in an Authorizer object, with a different subclass for each type you need. With the current PR, I have the union of args needed for both the cognito user pools auth and custom auth, and would need to add additional validation to get decent error messages (what if you specify both? or you specify neither?). So the new version would look like this:

from chalice.app import CustomAuthorizer
from chalice.app import CognitoUserPoolsAuthorizer
from chalice import Chalice

app = Chalice(app_name='testauth')
custom = CustomAuthorizer('MyAuth', header='Authorization', provider_uri='...')
cognito_auth = CognitoUserPoolsAuthorizer(
    'MyUserPool', header='Authorization', provider_arns=['myarn...'],
)

@app.route('/auth1', authorizer=custom)
def custom_auth(): ...

@app.route('/cognito-auth', authorizer=cognito_auth)
def cognito_auth(): ...

To help transition, we should keep define_authorizer(...), which only works with cognito user pools, for a period of time. We could add a deprecation warning and eventually remove it.

Let me know if anyone has concerns about this.

[stealthycoin]

Need a different route name here since the other example was for user pools

[stealthycoin]

I'm guessing you meant to inherit from Authorizer here.

[jamesls]

@stealthycoin Feedback incorporated, ready for another look.