In Lambda Authorizer of API Gateway (Rest API), [Return specified JSON](https://docs.aws.amazon.com/ja_jp/apigateway/latest/developerguide/api-gateway-lambda-authorizer] in Lambda response -output.html) Must be.
What is a Lambda Authorizer? Click here [https://docs.aws.amazon.com/ja_jp/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html).
With Node.js, you can return JSON as it is like this. It's convenient.
exports.handler = async (event) => {
console.log(JSON.stringify(event, null, 4));
return {
"principalId": "1234",
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": "Allow",
"Resource": event.methodArn
}
]
}
};
};
In Java, it can't be returned in JSON, and returning JSON as a string doesn't work. There are two methods, one is to use Map and the other is to use POJO class.
import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.RequestHandler;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class MapLambdaAuthorizer implements RequestHandler<Map<String, Object>, Map<String, Object>> {
@Override
public Map<String, Object> handleRequest(Map<String, Object> event, Context lambdaContext) {
Map<String, Object> response = new HashMap<String, Object>();
response.put("principalId", "1234");
Map<String, Object> policyDocument = new HashMap<String, Object>();
policyDocument.put("Version", "2012-10-17");
Map<String, String> statement = new HashMap<>();
statement.put("Action", "execute-api:Invoke");
statement.put("Effect", "Allow");
statement.put("Resource", (String) event.get("methodArn"));
policyDocument.put("Statement", Arrays.asList(statement));
response.put("policyDocument", policyDocument);
Map<String, String> context = new HashMap<String, String>();
context.put("now", new Date().toString());
response.put("context", context);
return response;
}
}
https://github.com/kazfuku/apigateway-java-lambda-authorizer/blob/master/lambda/authorizer/src/main/java/com/kazfuku/aws/MapLambdaAuthorizer.java
import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.RequestHandler;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class PojoLambdaAuthorizer implements RequestHandler<Map<String, Object>, AuthorizerResponse> {
@Override
public AuthorizerResponse handleRequest(Map<String, Object> event, Context lambdaContext) {
AuthorizerResponse response = new AuthorizerResponse();
response.setPrincipalId("1234");
Map<String, Object> policyDocument = new HashMap<>();
policyDocument.put("Version", "2012-10-17");
Map<String, String> statement = new HashMap<>();
statement.put("Action", "execute-api:Invoke");
statement.put("Effect", "Allow");
statement.put("Resource", (String) event.get("methodArn"));
policyDocument.put("Statement", Arrays.asList(statement));
response.setPolicyDocument(policyDocument);
Map<String, String> context = new HashMap<>();
context.put("now", new Date().toString());
response.setContext(context);
return response;
}
}
https://github.com/kazfuku/apigateway-java-lambda-authorizer/blob/master/lambda/authorizer/src/main/java/com/kazfuku/aws/PojoLambdaAuthorizer.java
import java.util.Map;
public class AuthorizerResponse {
private String principalId;
public void setPrincipalId(String principalId) {
this.principalId = principalId;
}
public String getPrincipalId() {
return this.principalId;
}
private Map<String, Object> policyDocument;
public void setPolicyDocument(Map<String, Object> policyDocument) {
this.policyDocument = policyDocument;
}
public Map<String, Object> getPolicyDocument() {
return this.policyDocument;
}
private Map<String, String> context;
public Map<String, String> getContext() {
return context;
}
public void setContext(Map<String, String> context) {
this.context = context;
}
}
https://github.com/kazfuku/apigateway-java-lambda-authorizer/blob/master/lambda/authorizer/src/main/java/com/kazfuku/aws/AuthorizerResponse.java
If you want to be a POJO
policyDocument.put("Version", "2012-10-17");
statement.put("Action", "execute-api:Invoke");
It's unpleasant if I don't make it POJO, but when I make it POJO, the JSON key name returned to API Gateway starts with a lowercase letter (version, action), and it doesn't interpret well.
Since JSON isn't that big, I think the Map method is easier to read.
Source Code https://github.com/kazfuku/apigateway-java-lambda-authorizer
Recommended Posts