Skip to content

feat: add device endpoints to Smithy model#271

Merged
layertwo merged 1 commit intomainlinefrom
feat/device-smithy
Mar 3, 2026
Merged

feat: add device endpoints to Smithy model#271
layertwo merged 1 commit intomainlinefrom
feat/device-smithy

Conversation

@layertwo
Copy link
Owner

@layertwo layertwo commented Mar 3, 2026

Summary

Add the 4 device management endpoints to the Smithy model so API Gateway generates routes for them.

Context

PR #269 added the Lambda route handlers for device endpoints, but they still return 403 because the routes don't exist in the API Gateway OpenAPI spec. The auth API uses SpecRestApi with a Smithy-generated OpenAPI spec — without the routes defined in Smithy, API Gateway rejects requests before the Lambda is invoked.

Changes

  • New smithy/models/auth/device.smithy — Device resource with 4 operations
  • smithy/models/main.smithy — Add Device to AuthService resources

Test plan

  • smithyBuild succeeds (804 shapes validated)
  • Deploy — API Gateway should now route device requests to Lambda
  • Verify Firefox device registration returns 200 instead of 403

@layertwo
feat: add device endpoints to Smithy model
3dedc03 
Add Device resource to AuthService with 4 operations:
- POST /v1/account/device (RegisterDevice)
- GET /v1/account/devices (ListDevices)
- GET /v1/account/attached_clients (ListAttachedClients)
- POST /v1/account/devices/notify (NotifyDevices)

Without these routes in the API Gateway OpenAPI spec, requests return
403 before the Lambda is invoked.
@github-actions
Copy link

github-actions bot commented Mar 3, 2026

Diff for stage: DefaultStage

Warning

3 Destructive Changes

Diff for stack: GitHubOidcStack - 0 to add, 1 to update, 0 to destroy 🟡

Details 
Resources
[~] Custom::AWSCDKOpenIdConnectProvider GitHubOidcProvider7EBF861F
 ├─ [~] CodeHash
 │   ├─ [-] 62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb
 │   └─ [+] d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50
 └─ [~] RejectUnauthorized
[~] AWS::Lambda::Function CustomAWSCDKOpenIdConnectProviderCustomResourceProviderHandlerF2C543E0
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb.zip
 │       └─ [+] d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb
         └─ [+] asset.d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50

Diff for stack: Service-prod - 3 to add, 4 to update, 3 to destroy

Details

[!WARNING]
Destructive Changes ‼️
Stack: Service-prod - Resource: AuthApiDeploymentB62B2E4627f0b326f37b837e2a54a9393870f6be - Impact: WILL_DESTROY

Stack: Service-prod - Resource: TokenApiDeploymentB896C2197f4fd8f40928d8ff6b65325e6f60c797 - Impact: WILL_DESTROY

Stack: Service-prod - Resource: ProfileApiDeployment84A54415afa95090416ea0bbd4b1d2aac5a9241c - Impact: WILL_DESTROY

Resources
[-] AWS::ApiGateway::Deployment AuthApiDeploymentB62B2E4627f0b326f37b837e2a54a9393870f6be destroy
[-] AWS::ApiGateway::Deployment TokenApiDeploymentB896C2197f4fd8f40928d8ff6b65325e6f60c797 destroy
[-] AWS::ApiGateway::Deployment ProfileApiDeployment84A54415afa95090416ea0bbd4b1d2aac5a9241c destroy
[+] AWS::ApiGateway::Deployment AuthApiDeploymentB62B2E46e6df84b588a887363a13ab29adc3623c
[+] AWS::ApiGateway::Deployment TokenApiDeploymentB896C219b16a73c2bacf13dff150a851137e236c
[+] AWS::ApiGateway::Deployment ProfileApiDeployment84A54415e0158c62574d24c31b8dbd21e82873c4
[~] AWS::ApiGateway::RestApi AuthApi4BD72F20
 └─ [~] Body
     ├─ [~] .components:
     │   └─ [~] .schemas:
     │       ├─ [+] Added: .AttachedClient
     │       ├─ [+] Added: .AvailableCommandsMap
     │       ├─ [+] Added: .DeviceRecord
     │       ├─ [+] Added: .ListAttachedClientsResponseContent
     │       ├─ [+] Added: .ListDevicesResponseContent
     │       ├─ [+] Added: .RegisterDeviceRequestContent
     │       └─ [+] Added: .RegisterDeviceResponseContent
     └─ [~] .paths:
         ├─ [+] Added: ./v1/account/attached_clients
         ├─ [+] Added: ./v1/account/device
         ├─ [+] Added: ./v1/account/devices
         └─ [+] Added: ./v1/account/devices/notify
[~] AWS::ApiGateway::Stage AuthApiDeploymentStageprodB0E4172A
 └─ [~] DeploymentId
     └─ [~] .Ref:
         ├─ [-] AuthApiDeploymentB62B2E4627f0b326f37b837e2a54a9393870f6be
         └─ [+] AuthApiDeploymentB62B2E46e6df84b588a887363a13ab29adc3623c
[~] AWS::ApiGateway::Stage TokenApiDeploymentStageprod11035AE4
 └─ [~] DeploymentId
     └─ [~] .Ref:
         ├─ [-] TokenApiDeploymentB896C2197f4fd8f40928d8ff6b65325e6f60c797
         └─ [+] TokenApiDeploymentB896C219b16a73c2bacf13dff150a851137e236c
[~] AWS::ApiGateway::Stage ProfileApiDeploymentStageprodF609D968
 └─ [~] DeploymentId
     └─ [~] .Ref:
         ├─ [-] ProfileApiDeployment84A54415afa95090416ea0bbd4b1d2aac5a9241c
         └─ [+] ProfileApiDeployment84A54415e0158c62574d24c31b8dbd21e82873c4

No Changes for stack: Frontend-prod ✅
No Changes for stack: Monitoring-prod ✅

Generated for commit 3dedc03 at 2026-03-03T05:01:07.987Z

@layertwo layertwo merged commit 9a8e643 into mainline Mar 3, 2026
8 checks passed
@layertwo layertwo deleted the feat/device-smithy branch March 3, 2026 05:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@layertwo