In AWS Api gateway custom authorizer, how to add custom headers to the input request based on validation on headers and send to backend

Question

In AWS API gateway, I am using custom lambda authorizer to validate request headers. I need to update the existing headers or add new ones based on the validation result. Below is the lambda authorizer logic in java, validation works as expected. Irrespective of updating the header values, the event object received in backend lambda is empty.

@Override
    public AuthPolicy handleRequest(APIGatewayProxyRequestEvent event, Context context) {
    LambdaLogger logger = context.getLogger();
    logger.log("Loading Java Lambda handler of Proxy");
    logger.log("Event Object  :  " + event.toString());

    Pattern requestIdpattern = Pattern.compile("[0-9a-f]{4}-[0-9A-Z]{3}");

    ProxyRequestContext reqContext = event.getRequestContext();
    boolean isValid = false;
    Map<String, String> headers = event.getHeaders();
    if (requestIdpattern.matcher(headers.get("x-request-id")).matches()) {
        isValid = true;
        headers.put("x-jid", UUID.randomUUID().toString());
    }
    if (isValid) {
        AuthPolicy authPolicy = new AuthPolicy("XXXX",
                PolicyDocument.getAllowPolicy("us-east-1", reqContext.getAccountId(), reqContext.getApiId(),
                        reqContext.getStage(), HttpMethod.getHttpMethod(reqContext.getHttpMethod()),
                        reqContext.getResourcePath()));
        return authPolicy;
    } else {
        AuthPolicy authPolicy = new AuthPolicy("XXXXXX",
                PolicyDocument.getDenyPolicy("us-east-1", reqContext.getAccountId(), reqContext.getApiId(),
                        reqContext.getStage(), HttpMethod.getHttpMethod(reqContext.getHttpMethod()),
                        reqContext.getResourcePath()));
        logger.log("Auth Policy Response Object  :  " + authPolicy.toString());
        return authPolicy;
    }
}

Could you please let me know how to configure the authorizer such that input request to API gateway request should be sent to integration service after successfully authorized.

Can you confirm whether you enabled the proxy integration between the API Gateway and the Lambda function? [1]. Also please go through the "context" object in the output from the custom authorizer. The "context" object will be useful for your requirement [2]. [1] https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-api-as-simple-proxy-for-lambda.html [2] https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html — Denis Weerasiri, Mar 02 '19 at 19:46
Thanks for responding, event object is sent to backed after I set the type to AWS_PROXY. But I am not able to set the context object with the headers, could you share any example in java. If I set additional headers in context object would it be combined with the existing headers or can I modify the value of existing header? It would be really helpful if you can share a example. thank you. — Ali, Mar 04 '19 at 18:59

In AWS Api gateway custom authorizer, how to add custom headers to the input request based on validation on headers and send to backend

0 Answers0