Merge branch 'master' into fix_headers_insensitive

Author: jeromevdl

aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/IamPolicyResponse.java

@@ -11,6 +11,13 @@
 import java.util.List;
 import java.util.Map;
 
+/**
+ * The IAM Policy Response required for API Gateway HTTP APIs
+ *
+ * https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html
+ *
+ */
+
 @Data
 @Builder(setterPrefix = "with")
 @NoArgsConstructor

aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/IamPolicyResponseV1.java

@@ -0,0 +1,93 @@
+package com.amazonaws.services.lambda.runtime.events;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * The IAM Policy Response required for API Gateway REST APIs
+ *
+ * https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html
+ *
+ */
+
+@Data
+@Builder(setterPrefix = "with")
+@NoArgsConstructor
+@AllArgsConstructor
+public class IamPolicyResponseV1 implements Serializable, Cloneable {
+
+    public static final String EXECUTE_API_INVOKE = "execute-api:Invoke";
+    public static final String VERSION_2012_10_17 = "2012-10-17";
+    public static final String ALLOW = "Allow";
+    public static final String DENY = "Deny";
+
+    private String principalId;
+    private PolicyDocument policyDocument;
+    private Map<String, Object> context;
+    private String usageIdentifierKey;
+
+    public Map<String, Object> getPolicyDocument() {
+        Map<String, Object> serializablePolicy = new HashMap<>();
+        serializablePolicy.put("Version", policyDocument.getVersion());
+
+        int numberOfStatements = policyDocument.getStatement().size();
+        Map<String, Object>[] serializableStatementArray = new Map[numberOfStatements];
+        for (int i = 0; i < numberOfStatements; i++) {
+            Statement statement = policyDocument.getStatement().get(i);
+            Map<String, Object> serializableStatement = new HashMap<>();
+            serializableStatement.put("Effect", statement.getEffect());
+            serializableStatement.put("Action", statement.getAction());
+            serializableStatement.put("Resource", statement.getResource().toArray(new String[0]));
+            serializableStatement.put("Condition", statement.getCondition());
+            serializableStatementArray[i] = serializableStatement;
+        }
+        serializablePolicy.put("Statement", serializableStatementArray);
+        return serializablePolicy;
+    }
+
+    public static Statement allowStatement(String resource) {
+        return Statement.builder()
+                .withEffect(ALLOW)
+                .withResource(Collections.singletonList(resource))
+                .withAction(EXECUTE_API_INVOKE)
+                .build();
+    }
+
+    public static Statement denyStatement(String resource) {
+        return Statement.builder()
+                .withEffect(DENY)
+                .withResource(Collections.singletonList(resource))
+                .withAction(EXECUTE_API_INVOKE)
+                .build();
+    }
+
+    @Data
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class PolicyDocument implements Serializable, Cloneable {
+
+        private String version;
+        private List<Statement> statement;
+    }
+
+    @Data
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class Statement implements Serializable, Cloneable {
+
+        private String action;
+        private String effect;
+        private List<String> resource;
+        private Map<String, Map<String, Object>> condition;
+    }
+}

aws-lambda-java-events/src/test/java/com/amazonaws/services/lambda/runtime/events/IamPolicyResponseV1Test.java

@@ -0,0 +1,94 @@
+package com.amazonaws.services.lambda.runtime.events;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.jupiter.api.Test;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.Map;
+
+import static com.amazonaws.services.lambda.runtime.events.IamPolicyResponseV1.ALLOW;
+import static com.amazonaws.services.lambda.runtime.events.IamPolicyResponseV1.EXECUTE_API_INVOKE;
+import static com.amazonaws.services.lambda.runtime.events.IamPolicyResponseV1.VERSION_2012_10_17;
+import static com.amazonaws.services.lambda.runtime.events.IamPolicyResponseV1.allowStatement;
+import static com.amazonaws.services.lambda.runtime.events.IamPolicyResponseV1.denyStatement;
+import static java.util.Collections.singletonList;
+import static java.util.Collections.singletonMap;
+import static net.javacrumbs.jsonunit.assertj.JsonAssertions.assertThatJson;
+
+public class IamPolicyResponseV1Test {
+
+    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+    @Test
+    public void testAllowStatement() throws JsonProcessingException {
+        IamPolicyResponseV1 iamPolicyResponse = IamPolicyResponseV1.builder()
+                .withPrincipalId("me")
+                .withPolicyDocument(IamPolicyResponseV1.PolicyDocument.builder()
+                        .withVersion(VERSION_2012_10_17)
+                        .withStatement(singletonList(allowStatement("arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*")))
+                        .build())
+                .withUsageIdentifierKey("123ABC")
+                .build();
+
+        String json = OBJECT_MAPPER.writeValueAsString(iamPolicyResponse);
+
+        assertThatJson(json).isEqualTo(readResource("iamPolicyV1Responses/allow.json"));
+    }
+
+    @Test
+    public void testDenyStatement() throws JsonProcessingException {
+        IamPolicyResponseV1 iamPolicyResponse = IamPolicyResponseV1.builder()
+                .withPrincipalId("me")
+                .withPolicyDocument(IamPolicyResponseV1.PolicyDocument.builder()
+                        .withVersion(VERSION_2012_10_17)
+                        .withStatement(singletonList(denyStatement("arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*")))
+                        .build())
+                .withUsageIdentifierKey("123ABC")
+                .build();
+
+        String json = OBJECT_MAPPER.writeValueAsString(iamPolicyResponse);
+
+        assertThatJson(json).isEqualTo(readResource("iamPolicyV1Responses/deny.json"));
+    }
+
+    @Test
+    public void testStatementWithCondition() throws JsonProcessingException {
+        Map<String, Map<String, Object>> conditions = new HashMap<>();
+        conditions.put("DateGreaterThan", singletonMap("aws:TokenIssueTime", "2020-01-01T00:00:01Z"));
+
+        IamPolicyResponseV1 iamPolicyResponse = IamPolicyResponseV1.builder()
+                .withPrincipalId("me")
+                .withPolicyDocument(IamPolicyResponseV1.PolicyDocument.builder()
+                        .withVersion(VERSION_2012_10_17)
+                        .withStatement(singletonList(IamPolicyResponseV1.Statement.builder()
+                                .withAction(EXECUTE_API_INVOKE)
+                                .withEffect(ALLOW)
+                                .withResource(singletonList("arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*"))
+                                .withCondition(conditions)
+                                .build()))
+                        .build())
+                .withUsageIdentifierKey("123ABC")
+                .build();
+
+        String json = OBJECT_MAPPER.writeValueAsString(iamPolicyResponse);
+
+        assertThatJson(json).isEqualTo(readResource("iamPolicyV1Responses/allow-with-condition.json"));
+    }
+
+    private String readResource(String name) {
+        Path filePath = Paths.get("src", "test", "resources", name);
+        byte[] bytes = new byte[0];
+        try {
+            bytes = Files.readAllBytes(filePath);
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        return new String(bytes, StandardCharsets.UTF_8);
+    }
+}

aws-lambda-java-events/src/test/resources/iamPolicyV1Responses/allow-with-condition.json

@@ -0,0 +1,14 @@
+{
+  "principalId": "me",
+  "policyDocument": {
+    "Version": "2012-10-17",
+    "Statement": [{
+      "Action": "execute-api:Invoke",
+      "Resource": ["arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*"],
+      "Effect": "Allow",
+      "Condition": {"DateGreaterThan": {"aws:TokenIssueTime": "2020-01-01T00:00:01Z"}}
+    }]
+  },
+  "context":null,
+  "usageIdentifierKey": "123ABC"
+}

aws-lambda-java-events/src/test/resources/iamPolicyV1Responses/allow.json

@@ -0,0 +1,14 @@
+{
+  "principalId": "me",
+  "policyDocument": {
+    "Version": "2012-10-17",
+    "Statement": [{
+      "Action": "execute-api:Invoke",
+      "Resource": ["arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*"],
+      "Effect": "Allow",
+      "Condition": null
+    }]
+  },
+  "context":null,
+  "usageIdentifierKey": "123ABC"
+}

aws-lambda-java-events/src/test/resources/iamPolicyV1Responses/deny.json

@@ -0,0 +1,14 @@
+{
+  "principalId": "me",
+  "policyDocument": {
+    "Version": "2012-10-17",
+    "Statement": [{
+      "Action": "execute-api:Invoke",
+      "Resource": ["arn:aws:execute-api:eu-west-1:123456789012:1234abc/$deafult/*/*"],
+      "Effect": "Deny",
+      "Condition": null
+    }]
+  },
+  "context":null,
+  "usageIdentifierKey": "123ABC"
+}

aws-lambda-java-runtime-interface-client/src/main/java/com/amazonaws/services/lambda/runtime/api/client/AWSLambda.java

@@ -203,7 +203,7 @@ private static void startRuntime(String handler, LambdaLogger lambdaLogger) thro
         System.setErr(new PrintStream(new LambdaOutputStream(System.err), false, "UTF-8"));
         setupRuntimeLogger(lambdaLogger);
 
-        String runtimeApi = getEnvOrExit("AWS_LAMBDA_RUNTIME_API");
+        String runtimeApi = getEnvOrExit(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_RUNTIME_API);
         LambdaRuntimeClient runtimeClient = new LambdaRuntimeClient(runtimeApi);
 
         EnvReader envReader = new EnvReader();

aws-lambda-java-runtime-interface-client/src/main/java/com/amazonaws/services/lambda/runtime/api/client/LambdaEnvironment.java

@@ -8,9 +8,9 @@
 
 public class LambdaEnvironment {
     public static final EnvReader ENV_READER = new EnvReader();
-    public static final int MEMORY_LIMIT = parseInt(ENV_READER.getEnvOrDefault("AWS_LAMBDA_FUNCTION_MEMORY_SIZE", "128"));
-    public static final String LOG_GROUP_NAME = ENV_READER.getEnv("AWS_LAMBDA_LOG_GROUP_NAME");
-    public static final String LOG_STREAM_NAME = ENV_READER.getEnv("AWS_LAMBDA_LOG_STREAM_NAME");
-    public static final String FUNCTION_NAME = ENV_READER.getEnv("AWS_LAMBDA_FUNCTION_NAME");
-    public static final String FUNCTION_VERSION = ENV_READER.getEnv("AWS_LAMBDA_FUNCTION_VERSION");
+    public static final int MEMORY_LIMIT = parseInt(ENV_READER.getEnvOrDefault(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_FUNCTION_MEMORY_SIZE, "128"));
+    public static final String LOG_GROUP_NAME = ENV_READER.getEnv(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_LOG_GROUP_NAME);
+    public static final String LOG_STREAM_NAME = ENV_READER.getEnv(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_LOG_STREAM_NAME);
+    public static final String FUNCTION_NAME = ENV_READER.getEnv(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_FUNCTION_NAME);
+    public static final String FUNCTION_VERSION = ENV_READER.getEnv(ReservedRuntimeEnvironmentVariables.AWS_LAMBDA_FUNCTION_VERSION);
 }

aws-lambda-java-runtime-interface-client/src/main/java/com/amazonaws/services/lambda/runtime/api/client/ReservedRuntimeEnvironmentVariables.java

@@ -0,0 +1,104 @@
+/*
+ * Copyright 2017-2020 original authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.amazonaws.services.lambda.runtime.api.client;
+
+/**
+ * Lambda runtimes set several environment variables during initialization.
+ * Most of the environment variables provide information about the function or runtime.
+ * The keys for these environment variables are reserved and cannot be set in your function configuration.
+ * @see <a href="https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime">Using AWS Lambda Environment Variables</a>
+ *
+ * NOTICE: This class is forked from io.micronaut.function.aws.runtime.ReservedRuntimeEnvironments found at https://github.com/micronaut-projects/micronaut-aws
+ *
+ */
+public interface ReservedRuntimeEnvironmentVariables {
+
+    /**
+     * The handler location configured on the function.
+     */
+    String HANDLER = "_HANDLER";
+
+    /**
+     * The AWS Region where the Lambda function is executed.
+     */
+    String AWS_REGION = "AWS_REGION";
+
+    /**
+     * The runtime identifier, prefixed by AWS_Lambda_—for example, AWS_Lambda_java8.
+     */
+    String AWS_EXECUTION_ENV = "AWS_EXECUTION_ENV";
+
+    /**
+     * The name of the function.
+     */
+    String AWS_LAMBDA_FUNCTION_NAME = "AWS_LAMBDA_FUNCTION_NAME";
+
+    /**
+     * The amount of memory available to the function in MB.
+     */
+    String AWS_LAMBDA_FUNCTION_MEMORY_SIZE = "AWS_LAMBDA_FUNCTION_MEMORY_SIZE";
+
+    /**
+     * The version of the function being executed.
+     */
+    String AWS_LAMBDA_FUNCTION_VERSION = "AWS_LAMBDA_FUNCTION_VERSION";
+
+    /**
+     * The name of the Amazon CloudWatch Logs group for the function.
+     */
+    String AWS_LAMBDA_LOG_GROUP_NAME = "AWS_LAMBDA_LOG_GROUP_NAME";
+
+    /**
+     * The name of the Amazon CloudWatch stream for the function.
+     */
+    String AWS_LAMBDA_LOG_STREAM_NAME = "AWS_LAMBDA_LOG_STREAM_NAME";
+
+    /**
+     * Access key id obtained from the function's execution role.
+     */
+    String AWS_ACCESS_KEY_ID = "AWS_ACCESS_KEY_ID";
+
+    /**
+     * secret access key obtained from the function's execution role.
+     */
+    String AWS_SECRET_ACCESS_KEY = "AWS_SECRET_ACCESS_KEY";
+
+    /**
+     *
+     * The access keys obtained from the function's execution role.
+     */
+    String AWS_SESSION_TOKEN = "AWS_SESSION_TOKEN";
+
+    /**
+     * (Custom runtime) The host and port of the runtime API.
+     */
+    String AWS_LAMBDA_RUNTIME_API = "AWS_LAMBDA_RUNTIME_API";
+
+    /**
+     * The path to your Lambda function code.
+     */
+    String LAMBDA_TASK_ROOT = "LAMBDA_TASK_ROOT";
+
+    /**
+     * The path to runtime libraries.
+     */
+    String LAMBDA_RUNTIME_DIR = "LAMBDA_RUNTIME_DIR";
+
+    /**
+     * The environment's time zone (UTC). The execution environment uses NTP to synchronize the system clock.
+     */
+    String TZ = "TZ";
+}