Question

我一直在尝试部署lambda函数，然后通过API网关对其进行访问。我的Java函数在JAVA中，这是我在JAVA中创建简单的AWS lambda函数所遵循的文档：

https://docs.aws.amazon.com/lambda/latest/dg/java-handler-io-type-pojo.html

这是我的函数处理程序的外观：

package lambda;

    import com.amazonaws.services.lambda.runtime.Context;
    import com.amazonaws.services.lambda.runtime.RequestHandler;
    import lambda.axon.Path;

    public class shortestPath implements RequestHandler<RequestClass, ResponseClass>{

        public ResponseClass handleRequest(RequestClass request, Context context){
            String inputString = request.inputString;
            int steps = Path.stepsTo(inputString);
            return new ResponseClass(steps);

        }
    }

这是此请求类：

package lambda;

public class RequestClass {
    String inputString;

    public String getInputString() {
        return inputString;
    }

    public void setInputString(String inputString) {
        this.inputString = inputString;
    }


    public RequestClass(String inputString) {
        this.inputString = inputString;
    }

    public RequestClass() {
    }
}

这是响应类：

package lambda;

public class ResponseClass {
    int steps;

    public ResponseClass(int steps) {
        this.steps = steps;
    }

    public ResponseClass() {
    }
    public int getSteps() {
        return steps;
    }

    public void setSteps(int steps) {
        this.steps = steps;
    }


}

我将其部署在aws上并配置AWS api网关来触发它，当我使用postman（https://www.getpostman.com/）时，当达到API网关给定的端点时，一切工作正常

但是通过浏览器尝试相同操作会给我一个CORS错误：

Access to XMLHttpRequest at 'https://<hash>execute-api.us-east-1.amazonaws.com/dev' from origin 'http://localhost:4200' has been blocked by CORS policy: Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

我尝试在API网关控制台中启用CORS，然后重新部署它：

此Stackoverflow帖子（Configure CORS response headers on AWS Lambda?）说，如果我使用的是lambda-proxy，我应该在处理程序响应本身中包含标头，但我不确定代理是什么，但是如何使用当前的代码来实现函数的实现，即在我的响应中包含自定义标头

Answer 1

要为连接到lambda函数的api网关端点启用cors，必须为api端点启用cors（已完成）并配置lambda函数支持cors。

按照我的示例：

// new respose class, replace for your class - ResponseClass
public class Response {

    private int statusCode; // http status code

    private Map<String, String> headers; // headers

    private String body; // body - what you want to return to client

    public Response(int statusCode, Map<String, String> headers, String body) {
        this.statusCode = statusCode;
        this.headers = headers;
        this.body = body;
    }

    public int getStatusCode() {
        return statusCode;
    }

    public Map<String, String> getHeaders() {
        return headers;
    }

    public String getBody() {
        return body;
    }

    public void setStatusCode(int statusCode) {
        this.statusCode = statusCode;
    }

    public void setHeaders(Map<String, String> headers) {
        this.headers = headers;
    }

    public void setBody(String body) {
        this.body = body;
    }

}

/// -------------

package lambda;

    import com.amazonaws.services.lambda.runtime.Context;
    import com.amazonaws.services.lambda.runtime.RequestHandler;
    import lambda.axon.Path;

    public class shortestPath implements RequestHandler<RequestClass, Response>{

        public Response handleRequest(RequestClass request, Context context){
            String inputString = request.inputString;
            int steps = Path.stepsTo(inputString);

            Map<String, String> headers = new HashMap<>();
            headers.put(Access-Control-Allow-Origin, "*"); // cors header, you can add another header fields

            return new Response(200, headers, "" + steps);
            // return new Response(200, headers, "{result: " + steps + "}");
            // simple json response. ex: {result: '3433"}
        }
    }

我的方法仅在api gatewateway使用LAMBDA-PROXY事件配置（默认）时有效

Answer 2

您可以从api网关启用cors，可以从lambda管理cors并从lambda管理标头。

我建议从api网关启用cors并对其进行测试。

您可以通过这种方式管理access-control-origin和headers

'use strict';

module.exports.hello = function(event, context, callback) {

const response = {
  statusCode: 200,
  headers: {
    "Access-Control-Allow-Origin" : "*", // Required for CORS support to work
    "Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS 
  },
  body: JSON.stringify({ "message": "Hello World!" })
};

callback(null, response);
};

您可以参考以下文档：https://serverless.com/framework/docs/providers/aws/events/apigateway/

在Java中的AWS lambda函数中包括Access-control-header

2 个答案: