Skip to content

Commit 4822f3e

Browse files
sapessisapessi
committed
Basic validation on proxy request object. If the object does not contain an HTTP method and a request context we throw an . This addresses #237 by making the error more explicit.
1 parent 83c19d6 commit 4822f3e

File tree

2 files changed

+44
-1
lines changed

2 files changed

+44
-1
lines changed

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequestReader.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
* object and uses it to initialize a <code>AwsProxyHttpServletRequest</code> object.
2727
*/
2828
public class AwsProxyHttpServletRequestReader extends RequestReader<AwsProxyRequest, AwsProxyHttpServletRequest> {
29+
static final String INVALID_REQUEST_ERROR = "The incoming event is not a valid request from Amazon API Gateway or an Application Load Balancer";
2930

3031
//-------------------------------------------------------------
3132
// Methods - Implementation
@@ -34,6 +35,11 @@ public class AwsProxyHttpServletRequestReader extends RequestReader<AwsProxyRequ
3435
@Override
3536
public AwsProxyHttpServletRequest readRequest(AwsProxyRequest request, SecurityContext securityContext, Context lambdaContext, ContainerConfig config)
3637
throws InvalidRequestEventException {
38+
// Expect the HTTP method and context to be populated. If they are not, we are handling an
39+
// unsupported event type.
40+
if (request.getHttpMethod() == null || request.getHttpMethod().equals("") || request.getRequestContext() == null) {
41+
throw new InvalidRequestEventException(INVALID_REQUEST_ERROR);
42+
}
3743

3844
request.setPath(stripBasePath(request.getPath(), config));
3945
if (request.getMultiValueHeaders().getFirst(HttpHeaders.CONTENT_TYPE) != null) {

aws-serverless-java-container-core/src/test/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequestReaderTest.java

Lines changed: 38 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ public void readRequest_reflection_returnType() throws NoSuchMethodException {
3434

3535
@Test
3636
public void readRequest_validAwsProxy_populatedRequest() {
37-
AwsProxyRequest request = new AwsProxyRequestBuilder().header(TEST_HEADER_KEY, TEST_HEADER_VALUE).build();
37+
AwsProxyRequest request = new AwsProxyRequestBuilder("/path", "GET").header(TEST_HEADER_KEY, TEST_HEADER_VALUE).build();
3838
try {
3939
HttpServletRequest servletRequest = reader.readRequest(request, null, null, ContainerConfig.defaultConfig());
4040
assertNotNull(servletRequest.getHeader(TEST_HEADER_KEY));
@@ -109,4 +109,41 @@ public void readRequest_contentCharset_appendsCharsetToComplextContentType() {
109109
fail("Could not read request");
110110
}
111111
}
112+
113+
@Test
114+
public void readRequest_validEventEmptyPath_expectExcepion() {
115+
try {
116+
AwsProxyRequest req = new AwsProxyRequestBuilder(null, "GET").build();
117+
AwsProxyHttpServletRequest servletReq = reader.readRequest(req, null, null, ContainerConfig.defaultConfig());
118+
assertNotNull(servletReq);
119+
} catch (InvalidRequestEventException e) {
120+
fail("Could not read a request with a null path");
121+
e.printStackTrace();
122+
}
123+
}
124+
125+
@Test
126+
public void readRequest_invalidEventEmptyMethod_expectExcepion() {
127+
try {
128+
AwsProxyRequest req = new AwsProxyRequestBuilder("/path", null).build();
129+
reader.readRequest(req, null, null, ContainerConfig.defaultConfig());
130+
fail("Expected InvalidRequestEventException");
131+
} catch (InvalidRequestEventException e) {
132+
assertEquals(AwsProxyHttpServletRequestReader.INVALID_REQUEST_ERROR, e.getMessage());
133+
e.printStackTrace();
134+
}
135+
}
136+
137+
@Test
138+
public void readRequest_invalidEventEmptyContext_expectExcepion() {
139+
try {
140+
AwsProxyRequest req = new AwsProxyRequestBuilder("/path", "GET").build();
141+
req.setRequestContext(null);
142+
reader.readRequest(req, null, null, ContainerConfig.defaultConfig());
143+
fail("Expected InvalidRequestEventException");
144+
} catch (InvalidRequestEventException e) {
145+
assertEquals(AwsProxyHttpServletRequestReader.INVALID_REQUEST_ERROR, e.getMessage());
146+
e.printStackTrace();
147+
}
148+
}
112149
}

0 commit comments

Comments
 (0)