Micronauts AWS API Gateway Authorizer JSON output issue

Question

I've written a simple lambda function in Micronauts/Groovy to return Allow/Deny policies as an AWS API gateway authorizer. When used as the API gateway authorizer the JSON cannot be parsed

Execution failed due to configuration error: Could not parse policy

When testing locally the response has the correct property case in the JSON. e.g:

{
"principalId": "user",
"PolicyDocument": {
    "Context": {
        "stringKey": "1551172564541"
    },
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "execute-api:Invoke",
            "Effect": "Allow",
            "Resource": "arn:aws:execute-api:eu-west-1:<account>:<ref>/*/GET/"
        }
    ]
}}

When this is run in AWS the JSON response has the properties all in lowercase:

{
"principalId": "user",
"policyDocument": {
    "context": {
        "stringKey": "1551172664327"
    },
    "version": "2012-10-17",
    "statement": [
        {
            "resource": "arn:aws:execute-api:eu-west-1:<account>:<ref>/*/GET/",
            "action": "execute-api:Invoke",
            "effect": "Allow"
        }
    ]
}

}

Not sure if the case is the issue but I cannot see what else might be the issue (tried many variations in output). I've tried various Jackson annotations (@JsonNaming(PropertyNamingStrategy.UpperCamelCaseStrategy.class) etc) but they do not seem to have an affect on the output in AWS.

Any idea how to sort this? Thanks.

Example code :

trying to get output to look like the example.

Running example locally using

runtime "io.micronaut:micronaut-function-web"
runtime "io.micronaut:micronaut-http-server-netty"

Lambda function handler:

AuthResponse sessionAuth(APIGatewayProxyRequestEvent event) {

AuthResponse authResponse = new AuthResponse()
authResponse.principalId = 'user'
authResponse.policyDocument = new PolicyDocument()
authResponse.policyDocument.version = "2012-10-17"

    authResponse.policyDocument.setStatement([new session.auth.Statement(
            Effect: Statement.Effect.Allow,
            Action:"execute-api:Invoke",
            Resource: "arn:aws:execute-api:eu-west-1:<account>:<ref>/*/GET/"
    )])

return authResponse

}

AuthResponse looks like:

@CompileStatic
class AuthResponse {
    String principalId
    PolicyDocument policyDocument
}

@JsonNaming(PropertyNamingStrategy.UpperCamelCaseStrategy.class)
@CompileStatic
class PolicyDocument {
    String Version
    List<Statement> Statement = []
}

@JsonNaming(PropertyNamingStrategy.UpperCamelCaseStrategy.class)
@CompileStatic
class Statement {
    String Action
    String Effect
    String Resource
}

@daggett - I've editted the question to include the code now. Thanks. — Holophrasis, Feb 27 '19 at 16:39

score 0 · Answer 1 · answered Mar 06 '19 at 10:03

Looks like you cannot rely on AWS lambda Java serializer to not change your JSON response if you are relying on some kind of annotation or mapper. If you want the response to be untouched you'll need to you the raw output stream type of handler.

See the end of this AWS doc Handler Input/Output Types (Java)

Micronauts AWS API Gateway Authorizer JSON output issue

1 Answers1