8

I have an API Gateway with a POST method that puts directly to a DynamoDB table. My method is also configured to use a custom authorizer via Lambda.

In my template mapping I'm consuming some of the authorizer variables, such as $context.authorizer.principalId or $context.authorizer.accountId. Simplified template mapping looks as follows:

{ 
"TableName": "$stageVariables.tableName",
"Item": {
    "AccountId": {
        "S": "$context.authorizer.accountId"
        },
    "Id": {
        "S": "$context.requestId"
        },
    "Content": {
        "S": "$input.path('$.content')"
        },
    "UserId": {
        "S": "$context.authorizer.principalId"
        }
}

}

Now, when I make an HTTP request to this API method deployed to a an actual stage, that request will go through the custom authorizer and provide / fill in all $context.authorizer.* variables in the template which might look like this:

{ 
"TableName": "MyTable",
"Item": {
    "AccountId": {
        "S": "12345"
        },
    "Id": {
        "S": "6fd5ff08-34c0-11e7-bf96-591a565835b3"
        },
    "Content": {
        "S": "my content"
        },
    "UserId": {
        "S": "userid-123456789"
        }
}

}

When testing the API method via the API Gateway Test button, the test request is bypassing the custom authorizer (which makes sense, since authorizer can be tested separately) and produces a result like this:

{ 
"TableName": "MyTable",
"Item": {
    "AccountId": {
        "S": ""
        },
    "Id": {
        "S": "test-invoke-request"
        },
    "Content": {
        "S": "my content"
        },
    "UserId": {
        "S": ""
        }
}

}

The following content is now invalid, since all fields get validated against the model, and getting the following validation error:

Endpoint response body before transformations: {"__type":"com.amazon.coral.validate#ValidationException","message":"One or more parameter values were invalid: An AttributeValue may not contain an empty string"}

Is there some way to specify authorizer variables when testing API Gateway methods? Or is there some smart way to define a fallback variable in the template mapping so that when it resolves to empty, it will fall back to, e.g., test-invoke-principalid, just like $context.requestId gets that out of the box?

All I want is to be still able to use the API Gateway test feature while keeping all the validation / authorizer settings in place.

Jacek M
  • 2,349
  • 5
  • 22
  • 47

1 Answers1

2

Sure we can look at adding placeholders for the test invoke feature. Certainly for the principalId. As for the custom context variables, that might be more difficult, we'll see. We eventually would like to have a better end-to-end testing solution as well.

jackko
  • 6,998
  • 26
  • 38