Add AWS AppSyncEvent

.autover/autover.json

@@ -139,6 +139,10 @@
     {
       "Name": "Amazon.Lambda.TestTool",
       "Path": "Tools/LambdaTestTool-v2/src/Amazon.Lambda.TestTool/Amazon.Lambda.TestTool.csproj"
+    },
+	{
+      "Name": "Amazon.Lambda.AppSyncEvents",
+      "Path": "Libraries/src/Amazon.Lambda.AppSyncEvents/Amazon.Lambda.AppSyncEvents.csproj"
     }
   ],
   "UseCommitsForChangelog": false,

.autover/changes/78ee1265-f50d-434a-b25c-fcb8e9e7a26a.json

@@ -0,0 +1,11 @@
+{
+  "Projects": [
+    {
+      "Name": "Amazon.Lambda.AppSyncEvents",
+      "Type": "Major",
+      "ChangelogMessages": [
+        "Added AppSyncResolverEvent to support direct lambda resolver"
+      ]
+    }
+  ]
+}

CONTRIBUTING.md

@@ -104,6 +104,7 @@ The available projects are:
 * Amazon.Lambda.SQSEvents
 * Amazon.Lambda.TestUtilities
 * Amazon.Lambda.TestTool.BlazorTester
+* Amazon.Lambda.AppSyncEvents
 
 The possible increment types are:
 * Patch

Libraries/Libraries.sln

@@ -123,17 +123,19 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestMinimalAPIApp", "test\T
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Amazon.Lambda.MQEvents", "src\Amazon.Lambda.MQEvents\Amazon.Lambda.MQEvents.csproj", "{BF85932E-2DFF-41CD-8090-A672468B8FBB}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Amazon.Lambda.LexV2Events", "src\Amazon.Lambda.LexV2Events\Amazon.Lambda.LexV2Events.csproj", "{3C6AABF5-0372-41E0-874F-DF18ECCC7FB6}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Amazon.Lambda.LexV2Events", "src\Amazon.Lambda.LexV2Events\Amazon.Lambda.LexV2Events.csproj", "{3C6AABF5-0372-41E0-874F-DF18ECCC7FB6}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest", "test\Amazon.Lambda.RuntimeSupport.Tests\CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest\CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest.csproj", "{0BD83939-458C-4EF5-8663-7098AD1200F2}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest", "test\Amazon.Lambda.RuntimeSupport.Tests\CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest\CustomRuntimeAspNetCoreMinimalApiCustomSerializerTest.csproj", "{0BD83939-458C-4EF5-8663-7098AD1200F2}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestExecutableServerlessApp", "test\TestExecutableServerlessApp\TestExecutableServerlessApp.csproj", "{DD378063-C54A-44C7-9A6F-32A6A1AE94B3}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestServerlessApp.NET8", "test\TestServerlessApp.NET8\TestServerlessApp.NET8.csproj", "{7300983D-8FCE-42EA-9B9E-B1C5347D15D8}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SnapshotRestore.Registry", "src\SnapshotRestore.Registry\SnapshotRestore.Registry.csproj", "{7261A438-8C1D-47AD-98B0-7678F72E4382}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "SnapshotRestore.Registry", "src\SnapshotRestore.Registry\SnapshotRestore.Registry.csproj", "{7261A438-8C1D-47AD-98B0-7678F72E4382}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SnapshotRestore.Registry.Tests", "test\SnapshotRestore.Registry.Tests\SnapshotRestore.Registry.Tests.csproj", "{A699E183-D0D4-4F26-A0A7-88DA5607F455}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "SnapshotRestore.Registry.Tests", "test\SnapshotRestore.Registry.Tests\SnapshotRestore.Registry.Tests.csproj", "{A699E183-D0D4-4F26-A0A7-88DA5607F455}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Amazon.Lambda.AppSyncEvents", "src\Amazon.Lambda.AppSyncEvents\Amazon.Lambda.AppSyncEvents.csproj", "{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -369,6 +371,10 @@ Global
 		{A699E183-D0D4-4F26-A0A7-88DA5607F455}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{A699E183-D0D4-4F26-A0A7-88DA5607F455}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{A699E183-D0D4-4F26-A0A7-88DA5607F455}.Release|Any CPU.Build.0 = Release|Any CPU
+		{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -435,6 +441,7 @@ Global
 		{7300983D-8FCE-42EA-9B9E-B1C5347D15D8} = {1DE4EE60-45BA-4EF7-BE00-B9EB861E4C69}
 		{7261A438-8C1D-47AD-98B0-7678F72E4382} = {AAB54E74-20B1-42ED-BC3D-CE9F7BC7FD12}
 		{A699E183-D0D4-4F26-A0A7-88DA5607F455} = {1DE4EE60-45BA-4EF7-BE00-B9EB861E4C69}
+		{99F39E49-1FD0-4EF5-BF4B-8F2473FB8198} = {AAB54E74-20B1-42ED-BC3D-CE9F7BC7FD12}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {503678A4-B8D1-4486-8915-405A3E9CF0EB}

Libraries/src/Amazon.Lambda.AppSyncEvents/Amazon.Lambda.AppSyncEvents.csproj

@@ -0,0 +1,22 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <Import Project="..\..\..\buildtools\common.props" />
+
+  <PropertyGroup>
+    <Description>Amazon Lambda .NET support - AWS AppSync package.</Description>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
+    <AssemblyTitle>Amazon.Lambda.AppSyncEvents</AssemblyTitle>
+    <Version>0.0.1</Version>
+    <AssemblyName>Amazon.Lambda.AppSyncEvents</AssemblyName>
+    <PackageId>Amazon.Lambda.AppSyncEvents</PackageId>
+    <PackageTags>AWS;Amazon;Lambda</PackageTags>
+    <ImplicitUsings>enable</ImplicitUsings>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <WarningsAsErrors>IL2026,IL2067,IL2075,IL3050</WarningsAsErrors>
+    <IsTrimmable>true</IsTrimmable>
+    <EnableTrimAnalyzer>true</EnableTrimAnalyzer>
+  </PropertyGroup>
+
+</Project>

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncAuthorizerEvent.cs

@@ -0,0 +1,65 @@
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents an AWS AppSync authorization event that is sent to a Lambda authorizer
+/// for evaluating access permissions to the GraphQL API.
+/// </summary>
+public class AppSyncAuthorizerEvent
+{
+    /// <summary>
+    /// Gets or sets the authorization token received from the client request.
+    /// This token is used to make authorization decisions.
+    /// </summary>
+    public string AuthorizationToken { get; set; }
+
+    /// <summary>
+    /// Gets or sets the headers from the client request.
+    /// Contains key-value pairs of HTTP header names and their values.
+    /// </summary>
+    public Dictionary<string, string> RequestHeaders { get; set; }
+
+    /// <summary>
+    /// Gets or sets the context information about the AppSync request.
+    /// Contains metadata about the API and the GraphQL operation being executed.
+    /// </summary>
+    public AppSyncRequestContext RequestContext { get; set; }
+}
+
+/// <summary>
+/// Contains contextual information about the AppSync request being authorized.
+/// This class provides details about the API, account, and GraphQL operation.
+/// </summary>
+public class AppSyncRequestContext
+{
+    /// <summary>
+    /// Gets or sets the unique identifier of the AppSync API.
+    /// </summary>
+    public string ApiId { get; set; }
+
+    /// <summary>
+    /// Gets or sets the AWS account ID where the AppSync API is deployed.
+    /// </summary>
+    public string AccountId { get; set; }
+
+    /// <summary>
+    /// Gets or sets the unique identifier for this specific request.
+    /// </summary>
+    public string RequestId { get; set; }
+
+    /// <summary>
+    /// Gets or sets the GraphQL query string containing the operation to be executed.
+    /// </summary>
+    public string QueryString { get; set; }
+
+    /// <summary>
+    /// Gets or sets the name of the GraphQL operation to be executed.
+    /// This corresponds to the operation name in the GraphQL query.
+    /// </summary>
+    public string OperationName { get; set; }
+
+    /// <summary>
+    /// Gets or sets the variables passed to the GraphQL operation.
+    /// Contains key-value pairs of variable names and their values.
+    /// </summary>
+    public Dictionary<string, object> Variables { get; set; }
+}

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncAuthorizerResult.cs

@@ -0,0 +1,33 @@
+using System.Text.Json.Serialization;
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents the authorization result returned by a Lambda authorizer to AWS AppSync 
+/// containing authorization decisions and optional context for the GraphQL API.
+/// </summary>
+public class AppSyncAuthorizerResult
+{
+    /// <summary>
+    /// Indicates if the request is authorized
+    /// </summary>
+    [JsonPropertyName("isAuthorized")]
+    public bool IsAuthorized { get; set; }
+
+    /// <summary>
+    /// Custom context to pass to resolvers, only supports key-value pairs.
+    /// </summary>
+    [JsonPropertyName("resolverContext")]
+    public Dictionary<string, string> ResolverContext { get; set; }
+
+    /// <summary>
+    /// List of fields that are denied access
+    /// </summary>
+    [JsonPropertyName("deniedFields")]
+    public IEnumerable<string> DeniedFields { get; set; }
+
+    /// <summary>
+    /// The number of seconds that the response should be cached for
+    /// </summary>
+    [JsonPropertyName("ttlOverride")]
+    public int? TtlOverride { get; set; }
+}

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncCognitoIdentity.cs

@@ -0,0 +1,42 @@
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents Amazon Cognito User Pools authorization identity for AppSync
+/// </summary>
+public class AppSyncCognitoIdentity
+{
+    /// <summary>
+    /// The source IP address of the caller received by AWS AppSync
+    /// </summary>
+    public List<string> SourceIp { get; set; }
+
+    /// <summary>
+    /// The username of the authenticated user
+    /// </summary>
+    public string Username { get; set; }
+
+    /// <summary>
+    /// The UUID of the authenticated user
+    /// </summary>
+    public string Sub { get; set; }
+
+    /// <summary>
+    /// The claims that the user has
+    /// </summary>
+    public Dictionary<string, object> Claims { get; set; }
+
+    /// <summary>
+    /// The default authorization strategy for this caller (ALLOW or DENY)
+    /// </summary>
+    public string DefaultAuthStrategy { get; set; }
+
+    /// <summary>
+    /// List of OIDC groups
+    /// </summary>
+    public List<string> Groups { get; set; }
+
+    /// <summary>
+    /// The token issuer
+    /// </summary>
+    public string Issuer { get; set; }
+}

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncIamIdentity.cs

@@ -0,0 +1,47 @@
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents AWS IAM authorization identity for AppSync
+/// </summary>
+public class AppSyncIamIdentity
+{
+    /// <summary>
+    /// The source IP address of the caller received by AWS AppSync
+    /// </summary>
+    public List<string> SourceIp { get; set; }
+
+    /// <summary>
+    /// The username of the authenticated user (IAM user principal)
+    /// </summary>
+    public string Username { get; set; }
+
+    /// <summary>
+    /// The AWS account ID of the caller
+    /// </summary>
+    public string AccountId { get; set; }
+
+    /// <summary>
+    /// The Amazon Cognito identity pool ID associated with the caller
+    /// </summary>
+    public string CognitoIdentityPoolId { get; set; }
+
+    /// <summary>
+    /// The Amazon Cognito identity ID of the caller
+    /// </summary>
+    public string CognitoIdentityId { get; set; }
+
+    /// <summary>
+    /// The ARN of the IAM user
+    /// </summary>
+    public string UserArn { get; set; }
+
+    /// <summary>
+    /// Either authenticated or unauthenticated based on the identity type
+    /// </summary>
+    public string CognitoIdentityAuthType { get; set; }
+
+    /// <summary>
+    /// A comma separated list of external identity provider information used in obtaining the credentials used to sign the request
+    /// </summary>
+    public string CognitoIdentityAuthProvider { get; set; }
+}

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncLambdaIdentity.cs

@@ -0,0 +1,13 @@
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents AWS Lambda authorization identity for AppSync
+/// </summary>
+public class AppSyncLambdaIdentity
+{
+    /// <summary>
+    /// Optional context information that will be passed to subsequent resolvers
+    /// Can contain user information, claims, or any other contextual data
+    /// </summary>
+    public Dictionary<string, string> ResolverContext { get; set; }
+}

Libraries/src/Amazon.Lambda.AppSyncEvents/AppSyncOidcIdentity.cs

@@ -0,0 +1,22 @@
+namespace Amazon.Lambda.AppSyncEvents;
+
+/// <summary>
+/// Represents OpenID Connect authorization identity for AppSync
+/// </summary>
+public class AppSyncOidcIdentity
+{
+    /// <summary>
+    /// Claims from the OIDC token as key-value pairs
+    /// </summary>
+    public Dictionary<string, object> Claims { get; set; }
+
+    /// <summary>
+    /// The issuer of the OIDC token
+    /// </summary>
+    public string Issuer { get; set; }
+
+    /// <summary>
+    /// The UUID of the authenticated user
+    /// </summary>
+    public string Sub { get; set; }
+}