I have a Lambda function integrated with API Gateway and the stack was deployed as cloud formation template. When I try to test the endpoint in the AWS web console I got correct response but when I try to invoke the deployed version of the API I got that error.
"message": "Could not parse request body into json: Unrecognized token ....etc"
I tried this mapping { "body" : $input.json('$') } in the integration request, but didn't work.
Here is the JSON I am trying to send using POSTMAN
{
"description": "test description",
"status": "test status"
}
and the request has header: Content-Type: application/json
Here you are screenshots for POSTMAN request body & headers, and the response from the API:
Any Solution guys?
UPDATE:
I put a mapping template at integration request level as the following:
{
"body-json" : $input.json('$')
}
And updated the lambda function to log the coming request, then made 2 requests:
First one: from API Gateway test web console:
I found the following in the cloudwatch logs:
INFO {
body: {
description: 'test',
projectId: 23,
action: 'test',
entity: 'test',
startDate: '01-01-2020',
endDate: '01-01-2020'
}
}
Second one: from POSTMAN:
I found the following in the cloudwatch logs:
INFO {
body: 'ewogICAgImRlc2NyaXB0aW9uIjogInRlc3QiLAogICAgInByb2plY3RJZCI6IDIzLAogICAgImFjdGlvbiI6ICJ0ZXN0IiwKICAgICJlbnRpdHkiOiAidGVzdCIsCiAgICAic3RhcnREYXRlIjogIjAxLTAxLTIwMjAiLAogICAgImVuZERhdGUiOiAiMDEtMDEtMjAyMCIKfQ=='
}
That indicates that in case of making the request using POSTMAN, the JSON payload is stringified automatically. What can cause such thing? and how to deal with it?
In this case we need to edit the mapping template since we are not using a proxy integration.
"body-json" : $input.json('$')
//also if binary data type is enabled for your api your body will be a base64
//encoded string which could be decoded using
$util.base64Decode($input.json('$'))
Also binary data types maybe enabled by default, search for these in the SAM template
x-amazon-apigateway-binary-media-types:
- '*/*'
You need to add a custom header in your response for it to respond correctly.
// The output from a Lambda proxy integration must be
// in the following JSON object. The 'headers' property
// is for custom response headers in addition to standard
// ones. The 'body' property must be a JSON string. For
// base64-encoded payload, you must also set the 'isBase64Encoded'
// property to 'true'.
let response = {
statusCode: responseCode,
headers: {
"x-custom-header" : "my custom header value"
},
body: JSON.stringify(responseBody)
};
Related
Could anyone please share how to run and test AWS API Gateway and Lambda via Browser and not via Postman or curl.
I am trying to create a simple demo app using HTML + JavaScript (with ajax call to API), and calling the AWS API.
I did tried with postman and curl both are working fine, however when calling from browser (ajax call) it is failing.
Any pointer will be a great.
code snippet :
$.ajax({
type: "POST",
url : URL,
dataType: "json",
mode: 'no-cors',
crossDomain: "true",
contentType: "application/json; charset=utf-8",
data: JSON.stringify(data),
success: function () {
// clear form and show a success message
alert("Your entry is saved Successfuly");
document.getElementById("my-form").requestFullscreen();
location.reload();
},
error: function() {
// show an error message
alert("Seems some issue with the entry, try again.")
}
});
This is a simple demo as of now to get the User Name and other details and save it into DynamoDB via AWS Lambda (Python).
AWS Lambda function is being called but in the Response it fails.
Sample code is https://codepen.io/mayanktripathi4u/pen/QWdrPOG
Tried with various options using JS Fetch; ajax; XMLHttpResponse etc.. non worked.
I have set up an OpenAPI connector in Loopback 4 as described here and for unauthorized requests, it is working well; I managed to create the respective datasource, service and controller. My service is similar to the GeocoderProvider example, but, let's say, with the following service interface.
export interface MyExternalService {
search_stuff(params: {query?: string}): Promise<MyExternalServiceResponse>;
}
export interface MyExternalServiceResponse {
text: string;
}
From my controller, I invoke it like this, where this.myExternalService is the injected service (kind of unrelated, but can Loopback also implicitly parse a JSON response from an external API datasource?):
#get('/search')
async searchStuff(#param.query.string('query') query: string): Promise<void> {
return JSON.parse(
(await this.myExternalService.search_stuff({query})).text,
);
}
Now, the external endpoint corresponding to myExternalService.search_stuff needs an Authorization: Bearer <token> header, where the token is sent to Loopback by the client, i.e. it's not a static API key or so. Assuming I added #param.query.string('token') token: string to the parameter list of my searchStuff controller method, how can I forward that token to the OpenAPI connector? This is the relevant part of the underlying OpenAPI YAML definition file:
paths:
/search:
get:
security:
- Authorization: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SearchResults'
operationId: search-stuff
components:
securitySchemes:
Authorization:
type: http
scheme: Bearer
I am now using the underlying execute function of the OpenAPI connector and manually intercept the request (the object that is passed to requestInterceptor is later passed directly to the http module by Swagger):
return JSON.parse(
(
await this.myExternalService.execute(
'search_stuff',
{query},
{
requestInterceptor: (req: {headers: {Authorization: string}}) => {
req.headers.Authorization = 'Bearer ' + token;
return req;
},
},
)
).text,
);
I also added the following method to the MyExternalService interface, inspired by the connector's actual execute function:
execute(
operationId: string,
parameters: object,
options: object,
): Promise<MyExternalServiceResponse>;
Some things I found:
Loopback internally uses the swagger-client module to do OpenAPI-based requests.
Specifically the securities option of Swagger's execute function expects a Security Definitions Object. There are some quirks with actually passing it to Swagger as well.
Internally, Swagger builds the final HTTP request that is sent out here in its source code. There, the securities key is mentioned, yet is is never actually used for the request. This means that manually specifying it in the third parameter of this.myExternalService.execute will change nothing.
I'll not accept this answer yet and I'm looking forward to finding a more Loopback-like approach.
I configured my service like this, to inject the basic authentication.
import {inject, lifeCycleObserver, LifeCycleObserver} from '#loopback/core';
import {juggler} from '#loopback/repository';
const SwaggerClient = require('swagger-client');
const config = {
name: 'jira',
connector: 'openapi',
spec: 'swagger-v2.json',
validate: false,
httpClient: (request: any) => {
request.headers["Authorization"] = "Basic " + Buffer.from("test:test").toString('base64');
return SwaggerClient.http(request);
},
};
#lifeCycleObserver('datasource')
export class JiraDataSource extends juggler.DataSource
implements LifeCycleObserver {
static dataSourceName = 'jira';
static readonly defaultConfig = config;
constructor(
#inject('datasources.config.jira', {optional: true})
dsConfig: object = config,
) {
super(dsConfig);
}
}
I am referring to Amazon documentation for the purpose of Customer Authentication. Currently, I am using LWA.
Steps I followed:
I enabled the Send Alexa Events Permission from the Alexa developer Console in Build > Permission page.
I took the grant code from the request in the cloudwatch logs which was sent when I logged in using Alexa companion app.
Example:-
{
"directive": {
"header": {
"messageId": "Example",
"name": "AcceptGrant",
"namespace": "Alexa.Authorization",
"payloadVersion": "3"
},
"payload": {
"grant": {
"code": "Example2",
"type": "OAuth2.AuthorizationCode"
},
"grantee": {
"token": "Example3",
"type": "BearerToken"
}
}
}
}
Permission Page under build on Alexa Developer console gave me client-Id and client-secret Which I used for making the post request to https://api.amazon.com/auth/o2/token.
Example:-
POST /auth/o2/token HTTP/l.l
Host: api.amazon.com
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=authorization_code&code=&client_id=&client_secret=
I passed the code,client_id, and client_secret in the above example and made the post request to this URL https://api.amazon.com/auth/o2/token
I tried using x-www-form-urlencoded;charset=UTF-8 and also JSON for the Content-Type.
I followed the step given in the above documentation and I am stuck on the error ( 401 Unauthorized ):
{
"error_description": "The request has an invalid grant parameter : code",
"error": "invalid_grant"
}
I tried implementing it using Python code and Postman both. Ending up with the Same above error scenario.
Here is a sample code to help you and others who are looking to send events to alexa gateway.
const AWS = require('aws-sdk');
AWS.config.update({region: 'eu-west-1'});
// Create the DynamoDB service object
const ddb = new AWS.DynamoDB({ apiVersion: 'latest' });
const doc = new AWS.DynamoDB.DocumentClient({
convertEmptyValues: true,
service: ddb
});
// Using 'request' for http POST and GET request.
// https://www.npmjs.com/package/requests
// npm install --save requests
const r = require('request');
//Handle Authorization. Call this method from your lambda handler whenever you get Alexa.Authorization message. You will get this message only when you select permission to
//send events in your Smart Home Skill.
//Access to Event gateway allows you to enable Proactive Device Discovery and
//Proactive State Reporting in your skill
//More information on Alexa.Authorization can be found on https://developer.amazon.com/docs/device-apis/alexa-authorization.html
function handleAuthorization(request, context, user) {
//Even when you are using your own authentication, the url below will still
//point to amazon OAuth token url. The token you obtain here has to be stored
//separately for this user. Whenever sending an event to alexa event gateway you will
//require this token.
//URL below is for EU server. Look at following documentation link to identify correct url
//for your system.
//https://developer.amazon.com/docs/smarthome/send-events-to-the-alexa-event-gateway.html
var url = "https://api.amazon.com/auth/o2/token";
var body = {
grant_type : 'authorization_code',
code : request.directive.payload.grant.code,
client_id : 'your client id from permissions page on developer portal where you enable alexa events. This is id different than one you specify in account linking settings',
client_secret : 'client secret from permissions page'
}
//https://developer.amazon.com/docs/smarthome/authenticate-a-customer-permissions.html
r.post({
url: url,
form : body
}, function(error, response, b){
if (error) { return console.log(error); }
var body = JSON.parse(b);
var params = {
TableName: 'Devices',
Item: {
'id' : user,
'auth_token' : body.access_token,
'refresh_token' : body.refresh_token
}
}
log("DEBUG:", "Authorization Body", JSON.stringify(body));
log("DEBUG:", "Authorization Response", JSON.stringify(response));
log("DEBUG:", "Database Params", JSON.stringify(params));
// Call DynamoDB to add the item to the table
var putObjectPromise = doc.put(params).promise();
//Store auth_token and refresh_token in database. We will need these
//while sending events to event gateway.
//Send a success response.
putObjectPromise.then(function(data) {
var response = {
event: {
header: {
messageId: request.directive.header.messageId,
namespace: "Alexa.Authorization",
name: "AcceptGrant.Response",
payloadVersion: "3"
},
"payload": {
}
}
};
context.succeed(response);
}).catch(function(err) {
//TODO - Add a Authorization error response JSON here.
console.log(err);
});
});
}
Wanting to build a microservice within Lambda.
I want it to be accessible via an HTTP request so I believe I need to configure it with API gateway. I am unsure if I should use API Gateway Proxy Request Event or API Gateway Proxy Response Event.
Also in terms of authenticating the user, what is the best way?
I am thinking using Auth0 so a user will essentially just send a JWT with the HTTP request.
Thanks
I use API Gateway Proxy Request. I configure the Integration Request to use Use Lambda Proxy integration which will result in Integration Response updating to Proxy integrations cannot be configured to transform responses.
I then handle responses within the lambda function itself. For example, I will have the following for a successful response:
context.succeed({
statusCode: 200,
headers: { 'Content-Type': 'Application/json'},
body
});
And for an example of an expected fail, I have:
context.succeed({
statusCode: 404,
headers: { 'Content-Type': 'Application/json'},
body: JSON.stringify({'Error': error})
});
NOTE: It is important to note I use context.succeed on error handling and not context.fail.
I developed my lambda locally in Node and used a combination of lambda-local and lambda-tester for debugging/testing functionality. For example, I would run the following command to pass in the lambda and the event:
lambda-local -f ~/Desktop/lambdaNode/myNewAPI.js -e ~/Desktop/lambdaEvents/testEvent.json
An example event will look like this:
{
"queryStringParameters":
{
"param1": "1234567890",
"param2": "0987654321",
}
}
For my unit tests, I used lambda-tester along with mocha as follows:
const LambdaTester = require( 'lambda-tester' );
describe('handle my new lambda: ', () => {
it('should do exactly what I expect', () => {
return LambdaTester( myNewAPI.handler )
.event( testEvents.newLambdaEvent )
.expectSucceed( ( result ) => {
expect( result.statusCode ).to.equal(200);
});
});
});
Test the above with npm test if you're setup for that, otherwise just mocha testFile
For my use case, authentication is handled differently as it is an internal API. For your case, I think JWT is the best way forward there, although I am sorry I cannot provide more info in that regard.
After enabled CORS on API gateway, here is the request I sent to the http end point:
$.ajax({
type: 'put',
url: 'https://xxxxx.execute-api.us-east-1.amazonaws.com/dev/artist/application/julian_test',
data: {params: {param1: "543543", param2: "fdasghdfghdf", test: "yes"}},
success: function(msg){
console.log(msg);
},
error: function(msg){
console.log(msg);
}
});
Here is the lambda function(I'm using node serverless package, and no mistakes on the code):
module.exports.julian_test = (event, context, callback) => {
console.log(event);
console.log(event.body);
var response_success = {
statusCode: 200,
headers: {
"Access-Control-Allow-Origin": "*"
},
body: JSON.stringify({
firstUser: {
username: "Julian",
email: "awesome"
},
secondUser: {
username: "Victor",
email: "hello world"
},
thirdUser: {
username: "Peter",
email: "nice"
}
})
};
callback(null, response_success);
};
The console.log(event.body) logs out :
params%5Bparam1%5D=543543¶ms%5Bparam2%5D=fdasghdfghdf¶ms%5Btest%5D=yes
, which is not the format I want. I checked the OPTIONS Integration Request / body mapping template, here is the snapshot.
I tried to delete the "application/json" but after that I receive the following response:
XMLHttpRequest cannot load https://xxxxxx.execute-api.us-east-1.amazonaws.com/dev/artist/application/julian_test. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 500.
Does anyone know how to get a raw string request body in the back-end lambda? Please help!
The screenshot is for OPTIONS method which is used for CORS.
Your actual Lambda function call is likely made via POST method. Please check the integration request Body mapping templates under the POST method. If it is setup to pass through body (which is default), the body from your input request should be passed to Lambda as is.
Please use test feature in API Gateway console to see how the input is transformed to integration request. That should help you to debug.
Two things here:
Firstly, under your API Gateway resource, go to Method Response and make sure you have a response for 200 OK mapped.
Secondly, under your API Gateway resource, go to Integration Request, under Body Mapping Templates select application/json and enter the following code in the template text editor:
{
"method": "$context.httpMethod",
"body" : $input.json('$'),
"headers": {
#foreach($param in $input.params().header.keySet())
"$param": "$util.escapeJavaScript($input.params().header.get($param))" #if($foreach.hasNext),#end
#end
},
"queryParams": {
#foreach($param in $input.params().querystring.keySet())
"$param": "$util.escapeJavaScript($input.params().querystring.get($param))" #if($foreach.hasNext),#end
#end
},
"pathParams": {
#foreach($param in $input.params().path.keySet())
"$param": "$util.escapeJavaScript($input.params().path.get($param))" #if($foreach.hasNext),#end
#end
}
}
When this is applied, you can access your request object as such: (Node.js)
console.log('Body:', event.body);
console.log('Headers:', event.headers);
console.log('Method:', event.method);
console.log('Params:', event.params);
console.log('Query:', event.query);
Took me a while to figure this out, props to Kenn Brodhagen for the explanation:
tutorial
The only way get real raw AWS Lambda request is via Stream for Handler Input.
As per documentation:
The input payload must be valid JSON but the output stream does not carry such a restriction. Any bytes are supported.
Example of streaming AWS Lambda input and output in Java:
public void handler(InputStream inputStream, OutputStream outputStream, Context context) throws IOException {
int letter;
while((letter = inputStream.read()) != -1)
{
outputStream.write(Character.toUpperCase(letter));
}
}
Tom's answer above adds everything except the raw request body. Adding this line to that mapping template allowed me to verify requests as per Slack's documentation:
"rawBody": $util.escapeJavaScript($input.body)