如何使用自定义授权者和空的$ context.authorizer.*变量测试API网关方法? [英] How to test API Gateway methods with custom authorizer and empty $context.authorizer.* variables?
问题描述
我有一个带有POST方法的API网关,该方法直接放入DynamoDB表中.我的方法还配置为通过Lambda使用自定义授权者.
I have an API Gateway with a POST method that puts directly to a DynamoDB table. My method is also configured to use a custom authorizer via Lambda.
在我的模板映射中,我使用了一些授权者变量,例如$context.authorizer.principalId或$context.authorizer.accountId.简化的模板映射如下所示:
In my template mapping I'm consuming some of the authorizer variables, such as $context.authorizer.principalId or $context.authorizer.accountId. Simplified template mapping looks as follows:
{
"TableName": "$stageVariables.tableName",
"Item": {
"AccountId": {
"S": "$context.authorizer.accountId"
},
"Id": {
"S": "$context.requestId"
},
"Content": {
"S": "$input.path('$.content')"
},
"UserId": {
"S": "$context.authorizer.principalId"
}
}
}
现在,当我向部署到实际阶段的此API方法发出HTTP请求时,该请求将通过自定义授权者并提供/填写模板中的所有$context.authorizer.*变量,如下所示:
Now, when I make an HTTP request to this API method deployed to a an actual stage, that request will go through the custom authorizer and provide / fill in all $context.authorizer.* variables in the template which might look like this:
{
"TableName": "MyTable",
"Item": {
"AccountId": {
"S": "12345"
},
"Id": {
"S": "6fd5ff08-34c0-11e7-bf96-591a565835b3"
},
"Content": {
"S": "my content"
},
"UserId": {
"S": "userid-123456789"
}
}
}
通过"API网关测试"按钮测试API方法时,测试请求会绕过自定义授权者(这很有意义,因为可以单独测试授权者),并产生如下结果:
When testing the API method via the API Gateway Test button, the test request is bypassing the custom authorizer (which makes sense, since authorizer can be tested separately) and produces a result like this:
{
"TableName": "MyTable",
"Item": {
"AccountId": {
"S": ""
},
"Id": {
"S": "test-invoke-request"
},
"Content": {
"S": "my content"
},
"UserId": {
"S": ""
}
}
}
以下内容现已无效,因为所有字段均已针对模型进行了验证,并收到以下验证错误:
The following content is now invalid, since all fields get validated against the model, and getting the following validation error:
Endpoint response body before transformations: {"__type":"com.amazon.coral.validate#ValidationException","message":"One or more parameter values were invalid: An AttributeValue may not contain an empty string"}
在测试API网关方法时,是否可以通过某些方法指定授权者变量?
还是有一些聪明的方法在模板映射中定义一个后备变量,以便当它解析为空时,它会回退到例如test-invoke-principalid,就像$context.requestId可以立即使用一样?
Is there some way to specify authorizer variables when testing API Gateway methods?
Or is there some smart way to define a fallback variable in the template mapping so that when it resolves to empty, it will fall back to, e.g., test-invoke-principalid, just like $context.requestId gets that out of the box?
我想要的是仍然能够使用API网关测试功能,同时保留所有验证/授权者设置.
All I want is to be still able to use the API Gateway test feature while keeping all the validation / authorizer settings in place.
推荐答案
当然,我们可以看看为测试调用功能添加占位符.当然是principalId.至于自定义上下文变量,可能会更困难.我们最终也希望有一个更好的端到端测试解决方案.
Sure we can look at adding placeholders for the test invoke feature. Certainly for the principalId. As for the custom context variables, that might be more difficult, we'll see. We eventually would like to have a better end-to-end testing solution as well.
这篇关于如何使用自定义授权者和空的$ context.authorizer.*变量测试API网关方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
