From 114fd56434df9d578c049f77dbd61a6dd7513b17 Mon Sep 17 00:00:00 2001
From: Jaden VanEckhout <jaden@jadenv.com>
Date: Fri, 10 Mar 2023 10:09:46 -0600
Subject: [PATCH] Allow all origin request policies to be passed as props

---
 API.md                    | 82 ++++++++++++++++++++++++++++++++++++---
 src/NextjsDistribution.ts | 60 +++++++++++++++++++++-------
 src/index.ts              |  1 +
 3 files changed, 123 insertions(+), 20 deletions(-)

diff --git a/API.md b/API.md
index b96331f8..60865c11 100644
--- a/API.md
+++ b/API.md
@@ -1805,7 +1805,9 @@ Any object.
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
+| <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.fallbackOriginRequestPolicyProps">fallbackOriginRequestPolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.OriginRequestPolicyProps</code> | *No description.* |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.imageCachePolicyProps">imageCachePolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.CachePolicyProps</code> | The default CloudFront cache policy properties for images. |
+| <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.imageOptimizationOriginRequestPolicyProps">imageOptimizationOriginRequestPolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.OriginRequestPolicyProps</code> | *No description.* |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.lambdaCachePolicyProps">lambdaCachePolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.CachePolicyProps</code> | The default CloudFront cache policy properties for the Lambda server handler. |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.lambdaOriginRequestPolicyProps">lambdaOriginRequestPolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.OriginRequestPolicyProps</code> | The default CloudFront lambda origin request policy. |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistribution.property.staticCachePolicyProps">staticCachePolicyProps</a></code> | <code>aws-cdk-lib.aws_cloudfront.CachePolicyProps</code> | The default CloudFront cache policy properties for static pages. |
@@ -1833,6 +1835,16 @@ The tree node.
 
 ---
 
+##### `fallbackOriginRequestPolicyProps`<sup>Required</sup> <a name="fallbackOriginRequestPolicyProps" id="cdk-nextjs-standalone.NextjsDistribution.property.fallbackOriginRequestPolicyProps"></a>
+
+```typescript
+public readonly fallbackOriginRequestPolicyProps: OriginRequestPolicyProps;
+```
+
+- *Type:* aws-cdk-lib.aws_cloudfront.OriginRequestPolicyProps
+
+---
+
 ##### `imageCachePolicyProps`<sup>Required</sup> <a name="imageCachePolicyProps" id="cdk-nextjs-standalone.NextjsDistribution.property.imageCachePolicyProps"></a>
 
 ```typescript
@@ -1845,6 +1857,16 @@ The default CloudFront cache policy properties for images.
 
 ---
 
+##### `imageOptimizationOriginRequestPolicyProps`<sup>Required</sup> <a name="imageOptimizationOriginRequestPolicyProps" id="cdk-nextjs-standalone.NextjsDistribution.property.imageOptimizationOriginRequestPolicyProps"></a>
+
+```typescript
+public readonly imageOptimizationOriginRequestPolicyProps: OriginRequestPolicyProps;
+```
+
+- *Type:* aws-cdk-lib.aws_cloudfront.OriginRequestPolicyProps
+
+---
+
 ##### `lambdaCachePolicyProps`<sup>Required</sup> <a name="lambdaCachePolicyProps" id="cdk-nextjs-standalone.NextjsDistribution.property.lambdaCachePolicyProps"></a>
 
 ```typescript
@@ -3831,7 +3853,7 @@ const nextjsDistributionProps: NextjsDistributionProps = { ... }
 | <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.cachePolicies">cachePolicies</a></code> | <code><a href="#cdk-nextjs-standalone.NextjsCachePolicyProps">NextjsCachePolicyProps</a></code> | Override the default CloudFront cache policies created internally. |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.cdk">cdk</a></code> | <code><a href="#cdk-nextjs-standalone.NextjsDistributionCdkProps">NextjsDistributionCdkProps</a></code> | Overrides for created CDK resources. |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.customDomain">customDomain</a></code> | <code>string \| <a href="#cdk-nextjs-standalone.NextjsDomainProps">NextjsDomainProps</a></code> | The customDomain for this website. Supports domains that are hosted either on [Route 53](https://aws.amazon.com/route53/) or externally. |
-| <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.lambdaOriginRequestPolicy">lambdaOriginRequestPolicy</a></code> | <code>aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy</code> | Override the default CloudFront lambda origin request policy created internally. |
+| <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.originRequestPolicies">originRequestPolicies</a></code> | <code><a href="#cdk-nextjs-standalone.NextjsOriginRequestPolicyProps">NextjsOriginRequestPolicyProps</a></code> | Override the default CloudFront origin request policies created internally. |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.stackPrefix">stackPrefix</a></code> | <code>string</code> | Optional value to prefix the edge function stack It defaults to "Nextjs". |
 | <code><a href="#cdk-nextjs-standalone.NextjsDistributionProps.property.stageName">stageName</a></code> | <code>string</code> | Include the name of your deployment stage if present. |
 
@@ -4082,15 +4104,15 @@ new NextjsDistribution(this, "Dist", {
 ```
 
 
-##### `lambdaOriginRequestPolicy`<sup>Optional</sup> <a name="lambdaOriginRequestPolicy" id="cdk-nextjs-standalone.NextjsDistributionProps.property.lambdaOriginRequestPolicy"></a>
+##### `originRequestPolicies`<sup>Optional</sup> <a name="originRequestPolicies" id="cdk-nextjs-standalone.NextjsDistributionProps.property.originRequestPolicies"></a>
 
 ```typescript
-public readonly lambdaOriginRequestPolicy: IOriginRequestPolicy;
+public readonly originRequestPolicies: NextjsOriginRequestPolicyProps;
 ```
 
-- *Type:* aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy
+- *Type:* <a href="#cdk-nextjs-standalone.NextjsOriginRequestPolicyProps">NextjsOriginRequestPolicyProps</a>
 
-Override the default CloudFront lambda origin request policy created internally.
+Override the default CloudFront origin request policies created internally.
 
 ---
 
@@ -4427,6 +4449,56 @@ const nextjsLayerProps: NextjsLayerProps = { ... }
 ```
 
 
+### NextjsOriginRequestPolicyProps <a name="NextjsOriginRequestPolicyProps" id="cdk-nextjs-standalone.NextjsOriginRequestPolicyProps"></a>
+
+#### Initializer <a name="Initializer" id="cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.Initializer"></a>
+
+```typescript
+import { NextjsOriginRequestPolicyProps } from 'cdk-nextjs-standalone'
+
+const nextjsOriginRequestPolicyProps: NextjsOriginRequestPolicyProps = { ... }
+```
+
+#### Properties <a name="Properties" id="Properties"></a>
+
+| **Name** | **Type** | **Description** |
+| --- | --- | --- |
+| <code><a href="#cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.fallbackOriginRequestPolicy">fallbackOriginRequestPolicy</a></code> | <code>aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy</code> | *No description.* |
+| <code><a href="#cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.imageOptimizationOriginRequestPolicy">imageOptimizationOriginRequestPolicy</a></code> | <code>aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy</code> | *No description.* |
+| <code><a href="#cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.lambdaOriginRequestPolicy">lambdaOriginRequestPolicy</a></code> | <code>aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy</code> | *No description.* |
+
+---
+
+##### `fallbackOriginRequestPolicy`<sup>Optional</sup> <a name="fallbackOriginRequestPolicy" id="cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.fallbackOriginRequestPolicy"></a>
+
+```typescript
+public readonly fallbackOriginRequestPolicy: IOriginRequestPolicy;
+```
+
+- *Type:* aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy
+
+---
+
+##### `imageOptimizationOriginRequestPolicy`<sup>Optional</sup> <a name="imageOptimizationOriginRequestPolicy" id="cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.imageOptimizationOriginRequestPolicy"></a>
+
+```typescript
+public readonly imageOptimizationOriginRequestPolicy: IOriginRequestPolicy;
+```
+
+- *Type:* aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy
+
+---
+
+##### `lambdaOriginRequestPolicy`<sup>Optional</sup> <a name="lambdaOriginRequestPolicy" id="cdk-nextjs-standalone.NextjsOriginRequestPolicyProps.property.lambdaOriginRequestPolicy"></a>
+
+```typescript
+public readonly lambdaOriginRequestPolicy: IOriginRequestPolicy;
+```
+
+- *Type:* aws-cdk-lib.aws_cloudfront.IOriginRequestPolicy
+
+---
+
 ### NextjsProps <a name="NextjsProps" id="cdk-nextjs-standalone.NextjsProps"></a>
 
 #### Initializer <a name="Initializer" id="cdk-nextjs-standalone.NextjsProps.Initializer"></a>
diff --git a/src/NextjsDistribution.ts b/src/NextjsDistribution.ts
index caf79e95..77952110 100644
--- a/src/NextjsDistribution.ts
+++ b/src/NextjsDistribution.ts
@@ -46,6 +46,12 @@ export interface NextjsCachePolicyProps {
   readonly staticClientMaxAgeDefault?: Duration;
 }
 
+export interface NextjsOriginRequestPolicyProps {
+  readonly lambdaOriginRequestPolicy?: cloudfront.IOriginRequestPolicy;
+  readonly fallbackOriginRequestPolicy?: cloudfront.IOriginRequestPolicy;
+  readonly imageOptimizationOriginRequestPolicy?: cloudfront.IOriginRequestPolicy;
+}
+
 export interface NextjsDistributionProps extends NextjsBaseProps {
   /**
    * Bucket containing static assets.
@@ -81,9 +87,9 @@ export interface NextjsDistributionProps extends NextjsBaseProps {
   readonly cachePolicies?: NextjsCachePolicyProps;
 
   /**
-   * Override the default CloudFront lambda origin request policy created internally
+   * Override the default CloudFront origin request policies created internally.
    */
-  readonly lambdaOriginRequestPolicy?: cloudfront.IOriginRequestPolicy;
+  readonly originRequestPolicies?: NextjsOriginRequestPolicyProps;
 
   /**
    * The customDomain for this website. Supports domains that are hosted
@@ -180,6 +186,20 @@ export class NextjsDistribution extends Construct {
     comment: 'Nextjs Lambda Origin Request Policy',
   };
 
+  public static fallbackOriginRequestPolicyProps: cloudfront.OriginRequestPolicyProps = {
+    cookieBehavior: cloudfront.OriginRequestCookieBehavior.all(), // pretty much disables caching - maybe can be changed
+    queryStringBehavior: cloudfront.OriginRequestQueryStringBehavior.all(),
+    headerBehavior: cloudfront.OriginRequestHeaderBehavior.all(),
+    comment: 'Nextjs Fallback Origin Request Policy',
+  };
+
+  public static imageOptimizationOriginRequestPolicyProps: cloudfront.OriginRequestPolicyProps = {
+    queryStringBehavior: cloudfront.OriginRequestQueryStringBehavior.allowList('q', 'w', 'url'),
+    headerBehavior: cloudfront.OriginRequestHeaderBehavior.allowList('accept'),
+    cookieBehavior: cloudfront.OriginRequestCookieBehavior.none(),
+    comment: 'Nextjs Image Optimization Origin Request Policy',
+  };
+
   protected props: NextjsDistributionProps;
 
   /////////////////////
@@ -276,7 +296,7 @@ export class NextjsDistribution extends Construct {
   /////////////////////
 
   private createCloudFrontDistribution(): cloudfront.Distribution {
-    const { cdk: cdkProps, cachePolicies, lambdaOriginRequestPolicy: lambdaOriginRequestPolicyOverride } = this.props;
+    const { cdk: cdkProps, cachePolicies, originRequestPolicies } = this.props;
     const cfDistributionProps = cdkProps?.distribution;
 
     // build domainNames
@@ -306,7 +326,8 @@ export class NextjsDistribution extends Construct {
     const imageCachePolicy = cachePolicies?.imageCachePolicy ?? this.createCloudFrontImageCachePolicy();
 
     // origin request policies
-    const lambdaOriginRequestPolicy = lambdaOriginRequestPolicyOverride ?? this.createLambdaOriginRequestPolicy();
+    const lambdaOriginRequestPolicy =
+      originRequestPolicies?.lambdaOriginRequestPolicy ?? this.createLambdaOriginRequestPolicy();
 
     // main server function origin (lambda URL HTTP origin)
     const fnUrl = this.props.serverFunction.addFunctionUrl({
@@ -324,11 +345,8 @@ export class NextjsDistribution extends Construct {
       authType: lambda.FunctionUrlAuthType.NONE,
     });
     const imageOptFunctionOrigin = new origins.HttpOrigin(Fn.parseDomainName(imageOptFnUrl.url));
-    const imageOptORP = new cloudfront.OriginRequestPolicy(this, 'ImageOptPolicy', {
-      queryStringBehavior: cloudfront.OriginRequestQueryStringBehavior.allowList('q', 'w', 'url'),
-      headerBehavior: cloudfront.OriginRequestHeaderBehavior.allowList('accept'),
-      cookieBehavior: cloudfront.OriginRequestCookieBehavior.none(),
-    });
+    const imageOptORP =
+      originRequestPolicies?.imageOptimizationOriginRequestPolicy ?? this.createImageOptimizationOriginRequestPolicy();
 
     // lambda behavior edge function
     const lambdaOriginRequestEdgeFn = this.buildLambdaOriginRequestEdgeFunction();
@@ -398,12 +416,8 @@ export class NextjsDistribution extends Construct {
     // requests to fallback origin group (default behavior)
     // used for S3 and lambda. would prefer to forward all headers to lambda but need to strip out host
     // TODO: try to do this with headers whitelist or edge lambda
-    const fallbackOriginRequestPolicy = new cloudfront.OriginRequestPolicy(this, 'FallbackOriginRequestPolicy', {
-      cookieBehavior: cloudfront.OriginRequestCookieBehavior.all(), // pretty much disables caching - maybe can be changed
-      queryStringBehavior: cloudfront.OriginRequestQueryStringBehavior.all(),
-      headerBehavior: cloudfront.OriginRequestHeaderBehavior.all(),
-      comment: 'Nextjs Fallback Origin Request Policy',
-    });
+    const fallbackOriginRequestPolicy =
+      originRequestPolicies?.fallbackOriginRequestPolicy ?? this.createFallbackOriginRequestPolicy();
 
     // if we don't have a static file called index.html then we should
     // redirect to the lambda handler
@@ -474,6 +488,22 @@ export class NextjsDistribution extends Construct {
     );
   }
 
+  private createFallbackOriginRequestPolicy(): cloudfront.OriginRequestPolicy {
+    return new cloudfront.OriginRequestPolicy(
+      this,
+      'FallbackOriginRequestPolicy',
+      NextjsDistribution.fallbackOriginRequestPolicyProps
+    );
+  }
+
+  private createImageOptimizationOriginRequestPolicy(): cloudfront.OriginRequestPolicy {
+    return new cloudfront.OriginRequestPolicy(
+      this,
+      'ImageOptPolicy',
+      NextjsDistribution.imageOptimizationOriginRequestPolicyProps
+    );
+  }
+
   private createCloudFrontLambdaCachePolicy(): cloudfront.CachePolicy {
     return new cloudfront.CachePolicy(this, 'LambdaCache', NextjsDistribution.lambdaCachePolicyProps);
   }
diff --git a/src/index.ts b/src/index.ts
index cd7c3cc5..0a472f7c 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -28,6 +28,7 @@ export {
   NextjsDistributionProps,
   NextjsDomainProps,
   NextjsCachePolicyProps,
+  NextjsOriginRequestPolicyProps,
 } from './NextjsDistribution';
 
 // L3 constructs