fix(apigw): add all safe URI chars RFC3986

heitorlessa · heitorlessa · commit 9e58198dcea8 · 2021-07-23T20:36:03.000+02:00
diff --git a/aws_lambda_powertools/event_handler/api_gateway.py b/aws_lambda_powertools/event_handler/api_gateway.py
@@ -21,7 +21,8 @@
 logger = logging.getLogger(__name__)
 
 _DYNAMIC_ROUTE_PATTERN = r"(<\w+>)"
-_NAMED_GROUP_BOUNDARY_PATTERN = r"(?P\1[-%@.:\\w]+)"
+# Safe URI chars https://www.ietf.org/rfc/rfc3986.txt
+_NAMED_GROUP_BOUNDARY_PATTERN = r"(?P\1[-._~()'!*:@,;\\w]+)"
 
 
 class ProxyEventType(Enum):
diff --git a/tests/functional/event_handler/test_api_gateway.py b/tests/functional/event_handler/test_api_gateway.py
@@ -703,17 +703,20 @@ def get_network_account(account_id: str, network_id: str):
     app.resolve(event, {})
 
 
-def test_non_word_chars_route():
+@pytest.mark.parametrize("req", [123456789, "user@example.com", "<foo>", "-._~'!*:@,;"])
+def test_non_word_chars_route(req):
     # GIVEN
     app = ApiGatewayResolver()
     event = deepcopy(LOAD_GW_EVENT)
 
     # WHEN
     @app.get("/accounts/<account_id>")
     def get_account(account_id: str):
-        assert account_id == "12345"
+        assert account_id == f"{req}"
 
     # THEN
     event["resource"] = "/accounts/{account_id}"
-    event["path"] = "/accounts/12345"
-    app.resolve(event, None)
+    event["path"] = f"/accounts/{req}"
+
+    ret = app.resolve(event, None)
+    assert ret["statusCode"] == 200
