feat(AWS API Gateway): Change default identity source for authorizers

BREAKING CHANGE: For authorizers with `request` type and caching disabled
(`resultTtlInSeconds: 0`), the `identitySource` will no longer be set to
`method.request.header.Authorization` by default.

lib/plugins/aws/package/compile/events/apiGateway/index.js

@@ -3,7 +3,6 @@
 /* eslint-disable global-require */
 
 const BbPromise = require('bluebird');
-const _ = require('lodash');
 const memoize = require('memoizee');
 
 const validate = require('./lib/validate');
@@ -238,27 +237,6 @@ class AwsCompileApigEvents {
 
     this.hooks = {
       'initialize': () => {
-        if (
-          this.serverless.service.provider.name === 'aws' &&
-          Object.values(this.serverless.service.functions).some(({ events }) =>
-            events.some(({ http }) => {
-              return (
-                http &&
-                _.isObject(http.authorizer) &&
-                http.authorizer.type &&
-                http.authorizer.type.toUpperCase() === 'REQUEST' &&
-                http.authorizer.identitySource === undefined &&
-                http.authorizer.resultTtlInSeconds === 0
-              );
-            })
-          )
-        ) {
-          this.serverless._logDeprecation(
-            'AWS_API_GATEWAY_DEFAULT_IDENTITY_SOURCE',
-            'Starting with v3.0.0, "functions[].events[].http.authorizer.identitySource" will no longer be set to "method.request.header.Authorization" by default for authorizers of "request" type with caching disabled ("resultTtlInSeconds" set to "0").\nIf you want to keep this setting, please set it explicitly in your configuration. If you do not want this to be set, please set it explicitly to "null".'
-          );
-        }
-
         if (
           this.serverless.service.provider.name === 'aws' &&
           this.serverless.service.provider.apiGateway &&

lib/plugins/aws/package/compile/events/apiGateway/lib/validate.js

@@ -297,7 +297,10 @@ module.exports = {
       managedExternally = false;
     }
 
-    if (typeof identitySource === 'undefined') {
+    if (
+      !identitySource &&
+      !(type && type.toUpperCase() === 'REQUEST' && resultTtlInSeconds === 0)
+    ) {
       identitySource = 'method.request.header.Authorization';
     }
 

test/unit/lib/plugins/aws/package/compile/events/apiGateway/lib/validate.test.js

@@ -1425,6 +1425,22 @@ describe('test/unit/lib/plugins/aws/package/compile/events/apiGateway/lib/valida
         command: 'package',
         configExt: {
           functions: {
+            authorized: {
+              handler: 'index.handler',
+              events: [
+                {
+                  http: {
+                    method: 'get',
+                    path: '/authorized',
+                    authorizer: {
+                      type: 'REQUEST',
+                      name: 'basic',
+                      resultTtlInSeconds: 0,
+                    },
+                  },
+                },
+              ],
+            },
             corsDefault: {
               handler: 'index.handler',
               events: [
@@ -1475,6 +1491,11 @@ describe('test/unit/lib/plugins/aws/package/compile/events/apiGateway/lib/valida
           .IntegrationResponses[0].ResponseParameters
       ).to.deep.eq(expected);
     });
+
+    it('Should not set default `identitySource` for `request` authorizers with caching disabled', async () => {
+      expect(cfResources[naming.getAuthorizerLogicalId('basic')].Properties.IdentitySource).to.be
+        .undefined;
+    });
   });
 
   it('should throw an error when restApiRootResourceId is not provided with restApiId', async () => {