aws-lambda-runtime-interface-emulator/lambda/rapi/middleware/middleware.go at e5440b64bd74cefd3a70aaff9c7615343ea700f5 · aws/aws-lambda-runtime-interface-emulator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0

package middleware

import (
	"context"
	"net/http"

	"github.com/google/uuid"
	"go.amzn.com/lambda/extensions"
	"go.amzn.com/lambda/rapi/handler"
	"go.amzn.com/lambda/rapi/rendering"

	"github.com/go-chi/chi/v5"
	"go.amzn.com/lambda/appctx"

	log "github.com/sirupsen/logrus"
)

// AwsRequestIDValidator validates that {awsrequestid} parameter
// is present in the URL and matches to the currently active id.
func AwsRequestIDValidator(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		appCtx := appctx.FromRequest(r)
		interopServer := appctx.LoadInteropServer(appCtx)

		if interopServer == nil {
			log.Panic("Invalid state, cannot access interop server")
		}

		invokeID := chi.URLParam(r, "awsrequestid")
		if invokeID == "" || invokeID != interopServer.GetCurrentInvokeID() {
			rendering.RenderInvalidRequestID(w, r)
			return
		}

		next.ServeHTTP(w, r)
	})
}

// AgentUniqueIdentifierHeaderValidator validates that the request contains a valid agent unique identifier in the headers
func AgentUniqueIdentifierHeaderValidator(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		agentIdentifier := r.Header.Get(handler.LambdaAgentIdentifier)
		if len(agentIdentifier) == 0 {
			rendering.RenderForbiddenWithTypeMsg(w, r, handler.ErrAgentIdentifierMissing, "Missing Lambda-Extension-Identifier header")
			return
		}
		agentID, e := uuid.Parse(agentIdentifier)
		if e != nil {
			rendering.RenderForbiddenWithTypeMsg(w, r, handler.ErrAgentIdentifierInvalid, "Invalid Lambda-Extension-Identifier")
			return
		}

		r = r.WithContext(context.WithValue(r.Context(), handler.AgentIDCtxKey, agentID))
		next.ServeHTTP(w, r)
	})
}

// AppCtxMiddleware injects application context into request context.
func AppCtxMiddleware(appCtx appctx.ApplicationContext) func(next http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		fn := func(w http.ResponseWriter, r *http.Request) {
			r = appctx.RequestWithAppCtx(r, appCtx)
			next.ServeHTTP(w, r)
		}
		return http.HandlerFunc(fn)
	}
}

// AccessLogMiddleware writes api access log.
func AccessLogMiddleware() func(next http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		fn := func(w http.ResponseWriter, r *http.Request) {
			log.Debug("API request - ", r.Method, " ", r.URL, ", Headers:", r.Header)
			next.ServeHTTP(w, r)
		}
		return http.HandlerFunc(fn)
	}
}

func AllowIfExtensionsEnabled(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if !extensions.AreEnabled() {
			w.WriteHeader(http.StatusNotFound)
			return
		}
		next.ServeHTTP(w, r)
	})
}

// RuntimeReleaseMiddleware places runtime_release into app context.
func RuntimeReleaseMiddleware() func(next http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		fn := func(w http.ResponseWriter, r *http.Request) {
			appCtx := appctx.FromRequest(r)
			// Place runtime_release into app context.
			appctx.UpdateAppCtxWithRuntimeRelease(r, appCtx)
			next.ServeHTTP(w, r)
		}
		return http.HandlerFunc(fn)
	}
}