feat(parser): Support for API GW v1 proxy schema & envelope

[ran-isenberg]

This schema exists in the validator but not in the parser. It was requested in the webinar audience.
This feature will also provide an envelope class which will parse the string body parameter as a pydantic Model.

Also added new identity parameters as defined at https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html

[codecov-commenter]

Codecov Report

Merging #403 (ee58a5c) into develop (0edec8e) will decrease coverage by 0.05%.
The diff coverage is 97.82%.

@@             Coverage Diff             @@
##           develop     #403      +/-   ##
===========================================
- Coverage    99.94%   99.89%   -0.06%     
===========================================
  Files           98      100       +2     
  Lines         3688     3780      +92     
  Branches       174      175       +1     
===========================================
+ Hits          3686     3776      +90     
- Misses           0        1       +1     
- Partials         2        3       +1     

Impacted Files	Coverage Δ
...lambda_powertools/utilities/parser/models/apigw.py	97.43% <97.43%> (ø)
..._powertools/utilities/parser/envelopes/__init__.py	100.00% <100.00%> (ø)
...bda_powertools/utilities/parser/envelopes/apigw.py	100.00% <100.00%> (ø)
...bda_powertools/utilities/parser/models/__init__.py	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9be19b2...ee58a5c. Read the comment docs.

[heitorlessa]

Awesome, thank you @risenberg-cyberark. A few minor questions on the additional checks, and an explicit comment to tag whether this is REST API (v1) or HTTP API (v2), or both, so it's easier to add and use HTTP API later judging by the import, naming, etc.

[heitorlessa]

could you add a note why this check is needed?

[ran-isenberg]

what would you like to write here? basically what i saw that in the v1 version there's a duplication 3 fields, so i made sure that all values are actually the same. V2 removes this duplication

[heitorlessa]

could you add a note why this check is needed?

[ran-isenberg]

what would you like to write here? basically what i saw that in the v1 version there's a duplication 3 fields, so i made sure that all values are actually the same. V2 removes this duplication

[heitorlessa]

could you add a note why this check is needed? e.g. spoofing?

[ran-isenberg]

what would you like to write here? basically what i saw that in the v1 version there's a duplication 3 fields, so i made sure that all values are actually the same. V2 removes this duplication

[heitorlessa]

API Gateway v1, v2, or both? e.g. REST vs HTTP API. By my first look I'd guess REST API

[ran-isenberg]

V1

[heitorlessa]

API Gateway v1, v2, or both? e.g. REST vs HTTP API. By my first look I'd guess REST API

[ran-isenberg]

V1

[heitorlessa]

Thanks for the clarifications @risenberg-cyberark - I'm happy to merge after we remove those root validators.

I don't see a need a benefit in keeping them if we, the provider, are the ones duplicating these possibly for backward compatible reasons (until HTTP API when they're gone).

Alternatively, I can merge and fiz that later too - up to you.

Thanks a lot for adding this support!

[ran-isenberg]

Thanks for the clarifications @risenberg-cyberark - I'm happy to merge after we remove those root validators.

I don't see a need a benefit in keeping them if we, the provider, are the ones duplicating these possibly for backward compatible reasons (until HTTP API when they're gone).

Alternatively, I can merge and fiz that later too - up to you.

Thanks a lot for adding this support!

@heitorlessa
I'll explain. They are duplicated in the payload. I didnt duplicate them, i just made sure that the values are the same since they clearly are supposed to be the same. Those 2 items reside on the main event and are also found in the request context part.

You remove them but I do think they add a value because if there's a discrepancy in between them, you should not use the entire payload at all ,

[heitorlessa]

Thanks for the clarifications @risenberg-cyberark - I'm happy to merge after we remove those root validators.

I don't see a need a benefit in keeping them if we, the provider, are the ones duplicating these possibly for backward compatible reasons (until HTTP API when they're gone).

Alternatively, I can merge and fiz that later too - up to you.

Thanks a lot for adding this support!

@heitorlessa

I'll explain. They are duplicated in the payload. I didnt duplicate them, i just made sure that the values are the same since they clearly are supposed to be the same. Those 2 items reside on the main event and are also found in the request context part.

You remove them but I do think they add a value because if there's a discrepancy in between them, you should not use the entire payload at all ,

That's what I understood too @risenberg-cyberark ;)

Putting in another way, I wouldn't like to break customers applications because this behaviour isn't documented. For this reason, I don't trust that API Gateway Lambda integration to follow through these checks consistently.

[ran-isenberg]

Thanks for the clarifications @risenberg-cyberark - I'm happy to merge after we remove those root validators.

I don't see a need a benefit in keeping them if we, the provider, are the ones duplicating these possibly for backward compatible reasons (until HTTP API when they're gone).

Alternatively, I can merge and fiz that later too - up to you.

Thanks a lot for adding this support!

@heitorlessa
I'll explain. They are duplicated in the payload. I didnt duplicate them, i just made sure that the values are the same since they clearly are supposed to be the same. Those 2 items reside on the main event and are also found in the request context part.
You remove them but I do think they add a value because if there's a discrepancy in between them, you should not use the entire payload at all ,

That's what I understood too @risenberg-cyberark ;)

Putting in another way, I wouldn't like to break customers applications because this behaviour isn't documented. For this reason, I don't trust that API Gateway Lambda integration to follow through these checks consistently.

np, removed the relevant root validator. is the last root validator ok?

[heitorlessa]

All good on the validators except I think there's an accidental duplicates field (eventType).

Mind checking before I merge?

[heitorlessa]

Is this perhaps a typo as it's defined twice?

That's for WebSockets and the line 65 is correct

[ran-isenberg]

seems like a bad copy paste :)
removed

[heitorlessa]

I bet :D Glad I checked w/ you before merging :) Merging now!

…

On Wed, 21 Apr 2021 at 18:41, Ran Isenberg ***@***.***> wrote: ***@***.**** commented on this pull request. ------------------------------ In aws_lambda_powertools/utilities/parser/models/apigw.py <#403 (comment)> : > + protocol: str + identity: APIGatewayEventIdentity + requestId: str + requestTime: str + requestTimeEpoch: datetime + resourceId: Optional[str] + resourcePath: str + domainName: Optional[str] + domainPrefix: Optional[str] + extendedRequestId: Optional[str] + httpMethod: Literal["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] + path: str + connectedAt: Optional[datetime] + connectionId: Optional[str] + eventType: Optional[Literal["CONNECT", "MESSAGE", "DISCONNECT"]] + eventType: Optional[str] seems like a bad copy paste :) removed — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#403 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAZPQBHENA66LKXNJP3EKZLTJ354JANCNFSM43EEWPWA> .