From 94d4c4dc4358bac3f1123059e600e843eb4bb523 Mon Sep 17 00:00:00 2001
From: Steve Corwin <scorwin@venuetize.com>
Date: Wed, 16 Feb 2022 11:39:57 -0800
Subject: [PATCH 1/2] fixed /auth being the only path allowed (all others were
 denied access, no matter what value was passed for apiKey).

---
 auth_function/app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth_function/app.py b/auth_function/app.py
index c9c164f..6f30323 100644
--- a/auth_function/app.py
+++ b/auth_function/app.py
@@ -22,7 +22,7 @@ def lambda_handler(event, context):
     policy.restApiId = apiGatewayArnTmp[0]
     policy.region = tmp[3]
     policy.stage = apiGatewayArnTmp[1]
-    policy.allowMethod('GET', '/auth') 
+    policy.allowMethod('GET', event['path'])
     authResponse = policy.build()
     context = {
         'SomeKey': 'SomeValue'

From 3d448e1500adf7f579c3ce3e2cb394b26234c36d Mon Sep 17 00:00:00 2001
From: Steve Corwin <scorwin@venuetize.com>
Date: Wed, 16 Feb 2022 11:41:49 -0800
Subject: [PATCH 2/2] fixed lamba not allowing underscores in file names.

    [ERROR] NameError: Invalid resource path: /js/steve-add_application.js. Path should match ^[/.a-zA-Z0-9-\*]+$
    Traceback (most recent call last):
      File "/var/task/lambda_function.py", line 20, in lambda_handler
        policy.allowMethod('GET', event['path'])
      File "/var/task/lambda_function.py", line 158, in allowMethod
        self._addMethod("Allow", verb, resource, [])
      File "/var/task/lambda_function.py", line 91, in _addMethod
        raise NameError("Invalid resource path: " + resource + ". Path should match " + self.pathRegex)
---
 auth_function/app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth_function/app.py b/auth_function/app.py
index 6f30323..a5cfbf5 100644
--- a/auth_function/app.py
+++ b/auth_function/app.py
@@ -52,7 +52,7 @@ class AuthPolicy(object):
     """The principal used for the policy, this should be a unique identifier for the end user."""
     version = "2012-10-17"
     """The policy version used for the evaluation. This should always be '2012-10-17'"""
-    pathRegex = "^[/.a-zA-Z0-9-\*]+$"
+    pathRegex = "^[/.a-zA-Z0-9-_\*]+$"
     """The regular expression used to validate resource paths for the policy"""
 
     """these are the internal lists of allowed and denied methods. These are lists