Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Validate path param in AWS API Gateway through OpenAPI spec

0

I created a POST API with path parameter and request body through openAPI spec.

"/v2/{lang}/subject": {
  "post": {
    "parameters": [
        {
          "name": "lang",
          "in": "path",
          "required": true,
          "type": "string"
        },
        {
          "in": "body",
          "name": "subject",
          "required": true,
          "schema": {
            "$ref": "#/definitions/subject"
          }
        }
      ],
    "requestBody": {
      "content": {
        "application/json": {
          "schema": {
            "$ref": "#/components/schemas/subject"
          }
        }
      },
      "required": true
    },
    "x-amazon-apigateway-request-validator" : "all",
    .....
   }

I want to validate the path param and request body at APIGW. Unfortunately, 1 test case is failing.

If I try accessing API with missing lang, ex: https://apigwsampleurl.com/v2/subject, AWS APIGW is throwing Missing Authentication Token error.

How this case should be handled through openapi configuration?

Temas
Sin servidorWeb y móvil front-endRedes y entrega de contenido
Etiquetas
Amazon API Gateway
Idioma
English
AWS-User-8132802
preguntada hace 2 años2126 visualizaciones
1 Respuesta
1

Hello,

I understand that you have created POST API with path parameter and request body validation using OpenAPI definition. You tested by sending API request with missing {lang}, to validate the path parameter, however it is not validating properly. Please correct, if I am misunderstanding.

API Gateway currently does not support request’s path parameter validation. If the schema includes "required: true”, basic request validation only verifies if the parameter is included. If you require that only specific paths should exist, please create the resource for those paths separately.

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html

As a workaround, you can also consider implementing request validation logic, using Lambda authorizer or at the backend API integration itself.

API returns 403 “Missing Authentication Token” error, if request is made to a resource that doesn't exist, eg: /v2/subject. https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-authentication-token-errors/

We already have a feature request open with API Gateway service team, to support path parameter validation. I have added this post to the feature request. While I am unable to comment on if/when this feature may get released, I request you to keep an eye on our What's New (https://aws.amazon.com/new/) and Blog (https://aws.amazon.com/blogs/aws/) pages for any new feature announcements.

Please let us know if you have any further questions or concerns.

AWS
INGENIERO DE SOPORTE
Isha_K
respondido hace 2 años
  • LuX90
    hace 6 meses

    Are there any updates on the delivery of the "request path parameters validation" feature in API Gateway?

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante