Skip to content

Wrong struct for IoTCustomAuthorizerRequest #400

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rittneje opened this issue Oct 12, 2021 · 6 comments · Fixed by #401
Closed

Wrong struct for IoTCustomAuthorizerRequest #400

rittneje opened this issue Oct 12, 2021 · 6 comments · Fixed by #401

Comments

@rittneje
Copy link
Contributor

rittneje commented Oct 12, 2021
edited
Loading

#67 intended to add the request/response structs for an IoT Core custom authorizer. However, the wrong documention was referenced, so the request structure is completely wrong. The correct structure is documented here: https://docs.aws.amazon.com/iot/latest/developerguide/config-custom-auth.html

Obviously fixing this is technically a breaking change, but I would think that should be acceptable all things considered.

cc @bmoffatt

ETA: The response struct is also wrong.
@rittneje rittneje mentioned this issue Oct 13, 2021
Merged
@ynori7
Copy link
Contributor

ynori7 commented Oct 13, 2021

I have the feeling that the documentation may be completely unreliable. Is there any way to get it updated? The documentation you linked conflicts with https://docs.aws.amazon.com/iot/latest/apireference/API_TestInvokeAuthorizer.html which is what I used while testing (and it worked). If the testing tool and the real thing really do differ, how does anyone ever test their authorizors before deploying them?

@rittneje
Copy link
Contributor Author

rittneje commented Oct 13, 2021
edited
Loading

@ynori7 The documentation you linked is for the test event you can send to test your custom authorizer. It is distinct from the request your lambda actually receives from IoT Core itself. (Again, I don't know why the IoT Core team apparently decided to make two separate structs, as it is abundantly confusing.)

Really the best way to test your authorizer is to actually invoke it via normal means (by connecting to the broker). I don't understand the use of the TestInvokeAuthorizer command.

@ynori7
Copy link
Contributor

ynori7 commented Oct 13, 2021

@rittneje I can update the models then. I just wonder if it would also make sense to raise a bug for whichever code base the test invoke tool is in because it doesn't seem very useful if you need to use different models for it.

@rittneje
Copy link
Contributor Author

@ynori7 You could try to raise an issue against the SDK. https://github.com/aws/aws-sdk But really this is an issue with the TestInvokeAuthorizer feature from IoT Core, so you might want to raise a support ticket from your AWS account if possible.

ynori7 added a commit to ynori7/aws-lambda-go that referenced this issue Oct 13, 2021
@ynori7
Fix for Wrong struct for IoTCustomAuthorizerRequest aws#400
6043861
@ynori7 ynori7 mentioned this issue Oct 13, 2021
Closed
@ynori7
Copy link
Contributor

ynori7 commented Oct 13, 2021

@rittneje @bmoffatt I opened a PR to correct it. Could you take a look?

@ynori7
Copy link
Contributor

ynori7 commented Oct 13, 2021

@rittneje Sorry, I missed that you already opened a pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

redefine IoT Core custom authorizer request and response structs
2 participants
@ynori7 @rittneje