Using an Authorization Lambda doesn't include the context in the request

[joain946]

Basic information

Serverless Java Container version: 1.5.2

Implementations: Jersey

Framework version: Jersey 2.30.1

Frontend service: HTTP API

Deployment method: SAM

Scenario

When a "Lambda Authorizer" (not the "JWT Authorizer") is used then "authorizer" parts of the Json is ignored. This is when API Gateway is used with the newer "HTTP Api" and using 2.0 of the payload format.

Expected behavior

The context fields returned from the Authorization Lambda should be included in the request

Actual behavior

The Authorization part of the request is an empty map after deserialization of the request

Steps to reproduce

1. Create a HTTP Api in Api Gateway
2. Use a "Lambda Authorizer" with 2.0 payload format
3. In the Lambda use "HttpApiV2ProxyRequest"
4. When accessing the "event.getRequestContext().getAuthorizer()" then this map will not contain any of the context fields returned from the Authorizer Lambda. This is because only "jwt" is supported and not "lambda".

From the "HttpApiV2AuthorizerMap" class:

        @Override
        public HttpApiV2AuthorizerMap deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException, JsonProcessingException {
            HttpApiV2AuthorizerMap map = new HttpApiV2AuthorizerMap();
            JsonNode node = jsonParser.getCodec().readTree(jsonParser);
            if (node.get(JWT_KEY) != null) {
                HttpApiV2JwtAuthorizer authorizer = LambdaContainerHandler.getObjectMapper().treeToValue(node.get(JWT_KEY), HttpApiV2JwtAuthorizer.class);
                map.putJwtAuthorizer(authorizer);
            }
            // we ignore other, unknown values
            return map;
        }

Http request (some of the headers have been removed)

{
    "version": "2.0",
    "routeKey": "ANY /api/{proxy+}",
    "rawPath": "/api/v1/openapi",
    "rawQueryString": "",
    "headers": {
        "accept": "application/json,*/*"
    },
    "requestContext": {
        "accountId": "514976038597",
        "apiId": "xyz",
        "authorizer": {
            "lambda": {
                "roles": "TestRole1,TestRole2,authenticated",
                "tenant": "BAAS_AX2",
                "user": "xyz"
            }
        },
        "domainName": "xyz.execute-api.us-east-1.amazonaws.com",
        "domainPrefix": "xyz",
        "http": {
            "method": "GET",
            "path": "/api/v1/openapi",
            "protocol": "HTTP/1.1",
            "sourceIp": " 52.3.40.242",
            "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
        },
        "requestId": "UGFVDhAHoAMEPTg=",
        "routeKey": "ANY /api/{proxy+}",
        "stage": "$default",
        "time": "08/Oct/2020:14:03:12 +0000",
        "timeEpoch": 1602165792204
    },
    "pathParameters": {
        "proxy": "v1/openapi"
    },
    "isBase64Encoded": false
}

[sapessi]

Thanks for the report @joain946 - Lambda authorizers for HTTP APIs are indeed not supported yet. We'll make sure they are included in release 1.6.

[joain946]

Any idea on when version 1.6 will be released?

[jackmcguire1]

bump

[deki]

Is any of you willing to create a pull request for that?

[deki]

Finally found the time to implement it. @joain946 @jackmcguire1 please review the PR and let me know if you are ok with it...