Added new tests, updated readme and incorporated review comments

Author: ankushjain358

Libraries/src/Amazon.Lambda.AppSyncEvents/Amazon.Lambda.AppSyncEvents.csproj

@@ -12,22 +12,9 @@
     <PackageTags>AWS;Amazon;Lambda</PackageTags>
   </PropertyGroup>
 
-  <!-- .NET Standard 2.0 specific settings -->
-  <PropertyGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
-    <DefineConstants>NETSTANDARD_2_0</DefineConstants>
-    <WarningsAsErrors>IL2026,IL2067,IL2075</WarningsAsErrors>
-    <IsTrimmable>true</IsTrimmable>
+	<PropertyGroup Condition="'$(TargetFramework)' == 'net8.0'">
+		<WarningsAsErrors>IL2026,IL2067,IL2075</WarningsAsErrors>
+		<IsTrimmable>true</IsTrimmable>
     <EnableTrimAnalyzer>true</EnableTrimAnalyzer>
-  </PropertyGroup>
-
-  <!-- Newtonsoft.Json only for .NET Standard 2.0 -->
-  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
-  </ItemGroup>
-
-  <!-- System.Text.Json for .NET Core 3.1 and .NET 8.0 -->
-  <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.1' OR '$(TargetFramework)' == 'net8.0'">
-    <PackageReference Include="System.Text.Json" Version="8.0.5" />
-  </ItemGroup>
-
-</Project>
+	</PropertyGroup>
+</Project>

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncAuthorizerEvent.cs

@@ -1,40 +1,67 @@
 using System.Collections.Generic;
-
 namespace Amazon.Lambda.AppSyncEvents
 {
-    // Represents an AppSync authorization event
+    /// <summary>
+    /// Represents an AWS AppSync authorization event that is sent to a Lambda authorizer
+    /// for evaluating access permissions to the GraphQL API.
+    /// </summary>
     public class AppSyncAuthorizerEvent
     {
-        // The authorization token from the request
+        /// <summary>
+        /// Gets or sets the authorization token received from the client request.
+        /// This token is used to make authorization decisions.
+        /// </summary>
         public string AuthorizationToken { get; set; }
 
-        // Headers from the request
+        /// <summary>
+        /// Gets or sets the headers from the client request.
+        /// Contains key-value pairs of HTTP header names and their values.
+        /// </summary>
         public Dictionary<string, string> RequestHeaders { get; set; }
 
-        // Context information about the request
+        /// <summary>
+        /// Gets or sets the context information about the AppSync request.
+        /// Contains metadata about the API and the GraphQL operation being executed.
+        /// </summary>
         public RequestContext RequestContext { get; set; }
     }
 
-    // Request context for AppSync authorization
-
+    /// <summary>
+    /// Contains contextual information about the AppSync request being authorized.
+    /// This class provides details about the API, account, and GraphQL operation.
+    /// </summary>
     public class RequestContext
     {
-        // The ID of the AppSync API
+        /// <summary>
+        /// Gets or sets the unique identifier of the AppSync API.
+        /// </summary>
         public string ApiId { get; set; }
 
-        // The AWS account ID
+        /// <summary>
+        /// Gets or sets the AWS account ID where the AppSync API is deployed.
+        /// </summary>
         public string AccountId { get; set; }
 
-        // Unique identifier for the request
+        /// <summary>
+        /// Gets or sets the unique identifier for this specific request.
+        /// </summary>
         public string RequestId { get; set; }
 
-        // The GraphQL query string
+        /// <summary>
+        /// Gets or sets the GraphQL query string containing the operation to be executed.
+        /// </summary>
         public string QueryString { get; set; }
 
-        // Name of the GraphQL operation
+        /// <summary>
+        /// Gets or sets the name of the GraphQL operation to be executed.
+        /// This corresponds to the operation name in the GraphQL query.
+        /// </summary>
         public string OperationName { get; set; }
 
-        /// Variables passed to the GraphQL operation.
+        /// <summary>
+        /// Gets or sets the variables passed to the GraphQL operation.
+        /// Contains key-value pairs of variable names and their values.
+        /// </summary>
         public Dictionary<string, object> Variables { get; set; }
     }
 }

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncAuthorizerResult.cs

@@ -1,44 +1,49 @@
 using System.Collections.Generic;
-#if NETSTANDARD_2_0
-using Newtonsoft.Json;
-#else
-using System.Text.Json.Serialization;
-#endif
+using System.Runtime.Serialization;
+
 
 namespace Amazon.Lambda.AppSyncEvents
 {
-    public class AppSyncAuthorizerResult
-    {
-        // Indicates if the request is authorized
-#if NETSTANDARD_2_0
-        [JsonProperty("isAuthorized")]
-#else
-        [JsonPropertyName("isAuthorized")]
+        /// <summary>
+        /// Represents the result returned by an AWS AppSync Lambda authorizer.
+        /// </summary>
+        [DataContract]
+        public class AppSyncAuthorizerResult
+        {
+                /// <summary>
+                /// Indicates if the request is authorized
+                /// </summary>
+                [DataMember(Name = "isAuthorized")]
+#if NETCOREAPP3_1_OR_GREATER
+                [System.Text.Json.Serialization.JsonPropertyName("isAuthorized")]
 #endif
-        public bool IsAuthorized { get; set; }
+                public bool IsAuthorized { get; set; }
 
-        // Custom context to pass to resolvers, only supports key-value pairs.
-#if NETSTANDARD_2_0
-        [JsonProperty("resolverContext")]
-#else
-        [JsonPropertyName("resolverContext")]
+                /// <summary>
+                /// Custom context to pass to resolvers, only supports key-value pairs.
+                /// </summary>
+                [DataMember(Name = "resolverContext")]
+#if NETCOREAPP3_1_OR_GREATER
+                [System.Text.Json.Serialization.JsonPropertyName("resolverContext")]
 #endif
-        public Dictionary<string, string> ResolverContext { get; set; }
+                public Dictionary<string, string> ResolverContext { get; set; }
 
-        // List of fields that are denied access
-#if NETSTANDARD_2_0
-        [JsonProperty("deniedFields")]
-#else
-        [JsonPropertyName("deniedFields")]
+                /// <summary>
+                /// List of fields that are denied access
+                /// </summary>
+                [DataMember(Name = "deniedFields")]
+#if NETCOREAPP3_1_OR_GREATER
+                [System.Text.Json.Serialization.JsonPropertyName("deniedFields")]
 #endif
-        public IEnumerable<string> DeniedFields { get; set; }
+                public IEnumerable<string> DeniedFields { get; set; }
 
-        // The number of seconds that the response should be cached for
-#if NETSTANDARD_2_0
-        [JsonProperty("ttlOverride")]
-#else
-        [JsonPropertyName("ttlOverride")]
+                /// <summary>
+                /// The number of seconds that the response should be cached for
+                /// </summary>
+                [DataMember(Name = "ttlOverride")]
+#if NETCOREAPP3_1_OR_GREATER
+                [System.Text.Json.Serialization.JsonPropertyName("ttlOverride")]
 #endif
-        public int? TtlOverride { get; set; }
-    }
+                public int? TtlOverride { get; set; }
+        }
 }

Libraries/src/Amazon.Lambda.AppSyncEvents/README.md

@@ -2,7 +2,7 @@
 
 This package contains classes that can be used as input types for Lambda functions that process AppSync events.
 
-# Sample Function
+## Sample Function
 
 The following is a sample class and Lambda function that receives AppSync resolver event record data as an `appSyncResolverEvent` and logs some of the incoming event data. (Note that by default anything written to Console will be logged as CloudWatch Logs events.)
 
@@ -36,3 +36,36 @@ public void Handler(AppSyncResolverEvent<Dictionary<string, object>> appSyncReso
     }
 }
 ```
+
+## Example of Custom Lambda Authorizer
+This example demonstrates how to implement a custom Lambda authorizer for AppSync using the AppSync Events package. The authorizer function receives an `AppSyncAuthorizerEvent` containing the authorization token and request context. It returns an `AppSyncAuthorizerResult` that determines whether the request is authorized and includes additional context.
+
+The function also provides some data in the `resolverContext` object. This information is available in the AppSync resolver’s context `identity` object.
+
+```
+public async Task<AppSyncAuthorizerResult> CustomLambdaAuthorizerHandler(AppSyncAuthorizerEvent appSyncAuthorizerEvent)
+{
+    var authorizationToken = appSyncAuthorizerEvent.AuthorizationToken;
+    var apiId = appSyncAuthorizerEvent.RequestContext.ApiId;
+    var accountId = appSyncAuthorizerEvent.RequestContext.AccountId;
+
+    var response = new AppSyncAuthorizerResult
+    {
+        IsAuthorized = authorizationToken == "custom-authorized",
+        ResolverContext = new Dictionary<string, string>
+        {
+            { "userid", "test-user-id" },
+            { "info", "contextual information A" },
+            { "more_info", "contextual information B" }
+        },
+        DeniedFields = new List<string>
+        {
+            $"arn:aws:appsync:{Environment.GetEnvironmentVariable("AWS_REGION")}:{accountId}:apis/{apiId}/types/Event/fields/comments",
+            "Mutation.createEvent"
+        },
+        TtlOverride = 10
+    };
+
+    return response;
+}
+```

Libraries/test/EventsTests.Shared/EventTests.cs

@@ -4113,6 +4113,73 @@ public void AppSyncTestOidcAuthorizer(Type serializerType)
             }
         }
 
+        [Theory]
+        [InlineData(typeof(JsonSerializer))]
+        #if NETCOREAPP3_1_OR_GREATER
+        [InlineData(typeof(Amazon.Lambda.Serialization.SystemTextJson.LambdaJsonSerializer))]
+        [InlineData(typeof(Amazon.Lambda.Serialization.SystemTextJson.DefaultLambdaJsonSerializer))]
+        #endif
+        public void AppSyncTestLambdaAuthorizerRequestEvent(Type serializerType)
+        {
+            var serializer = Activator.CreateInstance(serializerType) as ILambdaSerializer;
+            using (var fileStream = LoadJsonTestFile("appsync-event-lambda-authorizer-request.json"))
+            {
+                var request = serializer.Deserialize<AppSyncAuthorizerEvent>(fileStream);
+
+                // Assert Authorization Token
+                Assert.Equal("custom-token", request.AuthorizationToken);
+
+                // Assert Request Context
+                Assert.NotNull(request.RequestContext);
+                Assert.Equal("xxxxxxxx", request.RequestContext.ApiId);
+                Assert.Equal("112233445566", request.RequestContext.AccountId);
+                Assert.Equal("36307622-97fe-4dfa-bd71-b15b1d03ce97", request.RequestContext.RequestId);
+                Assert.Equal("MyQuery", request.RequestContext.OperationName);
+                Assert.NotNull(request.RequestContext.Variables);
+                Assert.Empty(request.RequestContext.Variables);
+                Assert.Contains("listTodos", request.RequestContext.QueryString);
+
+                // Assert Request Headers
+                Assert.NotNull(request.RequestHeaders);
+                Assert.Equal("This is test token", request.RequestHeaders["authorization"]);
+                Assert.Equal("application/json", request.RequestHeaders["content-type"]);
+                Assert.Equal("https://ap-south-1.console.aws.amazon.com", request.RequestHeaders["origin"]);
+            }
+        }
+ 
+        [Theory]
+        [InlineData(typeof(JsonSerializer))]
+#if NETCOREAPP3_1_OR_GREATER
+        [InlineData(typeof(Amazon.Lambda.Serialization.SystemTextJson.LambdaJsonSerializer))]
+        [InlineData(typeof(Amazon.Lambda.Serialization.SystemTextJson.DefaultLambdaJsonSerializer))]
+#endif
+        public void AppSyncTestLambdaAuthorizerResponseEvent(Type serializerType)
+        {
+            var response = new AppSyncAuthorizerResult
+            {
+                IsAuthorized = true,
+                ResolverContext = new Dictionary<string, string>
+                {
+                    { "userid", "test-user-id" },
+                    { "info", "contextual information A" },
+                    { "more_info", "contextual information B" }
+                },
+                DeniedFields = new List<string>
+                {
+                    "arn:aws:appsync:us-east-1:1234567890:apis/xxxxxx/types/Event/fields/comments",
+                    "Mutation.createEvent"
+                },
+                TtlOverride = 10
+            };
+
+            var serializer = Activator.CreateInstance(serializerType) as ILambdaSerializer;
+            var json = SerializeJson(serializer, response);
+            var actualObject = JObject.Parse(json);
+            var expectedJObject = JObject.Parse(File.ReadAllText("appsync-event-lambda-authorizer-response.json"));
+
+            Assert.True(JToken.DeepEquals(actualObject, expectedJObject));
+        }
+
         class ClassUsingPascalCase
         {
             public int SomeValue { get; set; }

Libraries/test/EventsTests.Shared/appsync-event-lambda-authorizer-request.json

@@ -0,0 +1,35 @@
+{
+    "authorizationToken": "custom-token",
+    "requestContext": {
+      "apiId": "xxxxxxxx",
+      "accountId": "112233445566",
+      "requestId": "36307622-97fe-4dfa-bd71-b15b1d03ce97",
+      "queryString": "query MyQuery {\n  listTodos {\n    completed\n    createdAt\n    description\n    id\n    title\n    updatedAt\n  }\n}\n",
+      "operationName": "MyQuery",
+      "variables": {}
+    },
+    "requestHeaders": {
+      "x-forwarded-for": "182.70.233.9, 15.158.25.215",
+      "accept-encoding": "gzip, deflate, br, zstd",
+      "sec-ch-ua-mobile": "?0",
+      "referer": "https://ap-south-1.console.aws.amazon.com/",
+      "via": "2.0 30c122bd8d8efabc1fd1b3b11bfb53ea.cloudfront.net (CloudFront)",
+      "content-type": "application/json",
+      "origin": "https://ap-south-1.console.aws.amazon.com",
+      "sec-fetch-mode": "cors",
+      "authorization": "This is test token",
+      "sec-fetch-dest": "empty",
+      "content-length": "159",
+      "x-amz-user-agent": "AWS-Console-AppSync/",
+      "sec-ch-ua-platform": "\"macOS\"",
+      "x-forwarded-proto": "https",
+      "accept-language": "en-US,en;q=0.9",
+      "host": "cndjdbaxrfhzppcdhvfvx3a7zq.appsync-api.ap-south-1.amazonaws.com",
+      "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36",
+      "sec-fetch-site": "cross-site",
+      "accept": "application/json, text/plain, */*",
+      "priority": "u=1, i",
+      "sec-ch-ua": "\"Chromium\";v=\"134\", \"Not:A-Brand\";v=\"24\", \"Google Chrome\";v=\"134\"",
+      "x-forwarded-port": "443"
+    }
+  }

Libraries/test/EventsTests.Shared/appsync-event-lambda-authorizer-response.json

@@ -0,0 +1,13 @@
+{
+    "isAuthorized": true,
+    "resolverContext": {
+      "userid": "test-user-id",
+      "info": "contextual information A",
+      "more_info": "contextual information B"
+    },
+    "deniedFields": [
+        "arn:aws:appsync:us-east-1:1234567890:apis/xxxxxx/types/Event/fields/comments",
+        "Mutation.createEvent"
+    ],
+    "ttlOverride": 10
+  }