feat(event_sources): add get_context() to standardize API Gateway Lambda Authorizer context in v1 and v2 (aws-powertools#3454)

leandrodamascena · heitorlessa · web-flow · commit d76607c1ab33 · 2023-12-06T17:05:44.000+01:00
Co-authored-by: Heitor Lessa &lt;lessa@amazon.com&gt;
diff --git a/aws_lambda_powertools/utilities/data_classes/api_gateway_proxy_event.py b/aws_lambda_powertools/utilities/data_classes/api_gateway_proxy_event.py
@@ -33,6 +33,25 @@ def integration_latency(self) -> Optional[int]:
         """The authorizer latency in ms."""
         return self.get("integrationLatency")
 
+    def get_context(self) -> Dict[str, Any]:
+        """Retrieve the authorization context details injected by a Lambda Authorizer.
+
+        Example
+        --------
+
+        ```python
+        ctx: dict = request_context.authorizer.get_context()
+
+        tenant_id = ctx.get("tenant_id")
+        ```
+
+        Returns:
+        --------
+        Dict[str, Any]
+            A dictionary containing Lambda authorization context details.
+        """
+        return self._data
+
 
 class APIGatewayEventRequestContext(BaseRequestContext):
     @property
@@ -184,6 +203,25 @@ def get_lambda(self) -> Optional[Dict[str, Any]]:
         """Lambda authorization context details"""
         return self.get("lambda")
 
+    def get_context(self) -> Dict[str, Any]:
+        """Retrieve the authorization context details injected by a Lambda Authorizer.
+
+        Example
+        --------
+
+        ```python
+        ctx: dict = request_context.authorizer.get_context()
+
+        tenant_id = ctx.get("tenant_id")
+        ```
+
+        Returns:
+        --------
+        Dict[str, Any]
+            A dictionary containing Lambda authorization context details.
+        """
+        return self.get("lambda", {}) or {}
+
     @property
     def iam(self) -> Optional[RequestContextV2AuthorizerIam]:
         """IAM authorization details used for making the request."""
diff --git a/tests/events/apiGatewayProxyV2LambdaAuthorizerEvent.json b/tests/events/apiGatewayProxyV2LambdaAuthorizerEvent.json
@@ -24,10 +24,19 @@
         "stage": "$default",
         "requestId": "id",
         "authorizer": {
+            "jwt": {
+              "claims": {
+                "claim1": "value1"
+              },
+              "scopes": [
+                "scope1",
+                "scope2"
+              ]
+            },
             "lambda": {
-                "key": "value"
+                "tenantId": "123-456-789-012"
             }
-        },
+          },
         "apiId": "api-id",
         "domainName": "id.execute-api.us-east-1.amazonaws.com",
         "domainPrefix": "id",
@@ -47,4 +56,4 @@
     },
     "body": "{\r\n\t\"a\": 1\r\n}",
     "isBase64Encoded": false
-}
+}
diff --git a/tests/unit/data_classes/test_api_gateway_proxy_event.py b/tests/unit/data_classes/test_api_gateway_proxy_event.py
@@ -150,6 +150,10 @@ def test_api_gateway_proxy_event_with_principal_id():
     assert authorizer.integration_latency == raw_event["requestContext"]["authorizer"]["integrationLatency"]
     assert authorizer.get("integrationStatus", "failed") == "failed"
 
+    # Accessing context with direct function
+    context_variables = request_context.authorizer.get_context()
+    assert context_variables.get("user_id") == raw_event["requestContext"]["authorizer"]["user_id"]
+
 
 def test_api_gateway_proxy_v2_event():
     raw_event = load_event("apiGatewayProxyV2Event.json")
@@ -200,9 +204,23 @@ def test_api_gateway_proxy_v2_lambda_authorizer_event():
 
     request_context = parsed_event.request_context
     assert request_context is not None
+
     lambda_props = request_context.authorizer.get_lambda
     assert lambda_props is not None
-    assert lambda_props.get("key") == "value"
+    assert lambda_props.get("tenantId") == raw_event["requestContext"]["authorizer"]["lambda"]["tenantId"]
+
+    # Accessing context with direct function
+    context_variables = request_context.authorizer.get_context()
+    assert context_variables.get("tenantId") == raw_event["requestContext"]["authorizer"]["lambda"]["tenantId"]
+
+    jwt_claims = request_context.authorizer.jwt_claim
+    assert jwt_claims is not None
+    assert jwt_claims.get("claim1") == raw_event["requestContext"]["authorizer"]["jwt"]["claims"]["claim1"]
+
+    jwt_scopes = request_context.authorizer.jwt_scopes
+    assert jwt_scopes is not None
+    assert jwt_scopes[0] == raw_event["requestContext"]["authorizer"]["jwt"]["scopes"][0]
+    assert jwt_scopes[1] == raw_event["requestContext"]["authorizer"]["jwt"]["scopes"][1]
 
 
 def test_api_gateway_proxy_v2_iam_event():
diff --git a/tests/unit/parser/test_apigwv2.py b/tests/unit/parser/test_apigwv2.py
@@ -79,7 +79,16 @@ def test_api_gateway_proxy_v2_event_lambda_authorizer():
 
     lambda_props: RequestContextV2Authorizer = request_context.authorizer.lambda_value
     assert lambda_props is not None
-    assert lambda_props["key"] == raw_event["requestContext"]["authorizer"]["lambda"]["key"]
+    assert lambda_props["tenantId"] == raw_event["requestContext"]["authorizer"]["lambda"]["tenantId"]
+
+    jwt_claims: RequestContextV2Authorizer = request_context.authorizer.jwt.claims
+    assert jwt_claims is not None
+    assert jwt_claims["claim1"] == raw_event["requestContext"]["authorizer"]["jwt"]["claims"]["claim1"]
+
+    jwt_scopes: RequestContextV2Authorizer = request_context.authorizer.jwt.scopes
+    assert jwt_scopes is not None
+    assert jwt_scopes[0] == raw_event["requestContext"]["authorizer"]["jwt"]["scopes"][0]
+    assert jwt_scopes[1] == raw_event["requestContext"]["authorizer"]["jwt"]["scopes"][1]
 
 
 def test_api_gateway_proxy_v2_event_iam_authorizer():
