AWS API Gateway:由于配置错误导致执行失败:响应中的JSON无效

时间:2017-01-05 13:17:14

标签: node.js amazon-web-services lambda aws-api-gateway

我有一个API网关设置,其中包含一个调用Lambda函数的自定义授权程序。出于测试目的,我从这里复制了示例:http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-api-as-simple-proxy-for-lambda.html#api-gateway-proxy-integration-lambda-function-nodejs

我得到了与文档中相同的答案,但是当我测试授权程序时,我得到了这个堆栈跟踪:

    Endpoint request body after transformations: {"type":"TOKEN","authorizationToken":"test","methodArn":"arn:aws:execute-api:ap-southeast-2:893445519708:uyue0zqh15/null/GET/"}
    Authorizer result body before parsing: {"statusCode":200,"headers":{"x-custom-header":"my custom header value"},"body":"{\"message\":\"Hello World!\",\"input\":{\"type\":\"TOKEN\",\"authorizationToken\":\"test\",\"methodArn\":\"arn:aws:execute-api:ap-southeast-2:893445519708:uyue0zqh15/null/GET/\"}}"}
    Execution failed due to configuration error: Invalid JSON in response: {"statusCode":200,"headers":{"x-custom-header":"my custom header value"},"body":"{\"message\":\"Hello World!\",\"input\":{\"type\":\"TOKEN\",\"authorizationToken\":\"test\",\"methodArn\":\"arn:aws:execute-api:ap-southeast-2:893445519708:uyue0zqh15/null/GET/\"}}"}
    AuthorizerConfigurationException

为什么授权人不喜欢JSON响应?

2 个答案:

答案 0 :(得分:9)

授权者响应格式与集成代理响应格式不同。我可以看到这令人困惑!

output of a custom authorizer应符合以下格式:

f `mappend` g = Mem (\s -> 
                    let (fa, fs) = runMem f s
                        (ga, gs) = runMem g fs
                    in (fa `mappend` ga, gs))

{ "principalId": "yyyyyyyy", // The principal user identification associated with the token sent by the client. "policyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": "execute-api:Invoke", "Effect": "Allow|Deny", "Resource": "arn:aws:execute-api:<regionId>:<accountId>:<appId>/<stage>/<httpVerb>/[<resource>/<httpVerb>/[...]]" } ] }, "context": { "key": "value", "numKey": 1, "boolKey": true } } principalId是必需的,policyDocument是可选的。

更新:

context不是用户定义的,它与在API网关操作和资源上运行的常规IAM策略具有相同的语法http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html

在Lambda Web控制台中,python和node中的授权者也有很好的蓝图,这里有一个Java蓝图:https://github.com/awslabs/aws-apigateway-lambda-authorizer-blueprints

答案 1 :(得分:4)

我只是遇到了同样的错误,但就我而言,问题是context太复杂-显然它不能包含数组或对象值键。

在此处记录:https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html

  

请注意,您无法将JSON对象或数组设置为上下文映射中任何键的有效值。

(我试图将解码的JWT设置为上下文,它具有一个数组值的roles密钥。我现在改为发送编码的JWT)

相关问题
最新问题