swift-server · sebsto · May 29, 2024 · May 28, 2024 · May 28, 2024 · May 28, 2024
diff --git a/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift b/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift
@@ -81,11 +81,17 @@ public struct APIGatewayLambdaAuthorizerPolicyResponse: Codable {
                 case deny = "Deny"
             }
 
-            public let action: String
+            public let action: [String]
             public let effect: Effect
-            public let resource: String
+            public let resource: [String]
 
             public init(action: String, effect: Effect, resource: String) {
+                self.action = [action]
+                self.effect = effect
+                self.resource = [resource]
+            }
+
+            public init(action: [String], effect: Effect, resource: [String]) {
                 self.action = action
                 self.effect = effect
                 self.resource = resource

diff --git a/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift b/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift
@@ -201,7 +201,39 @@ class APIGatewayLambdaAuthorizerTests: XCTestCase {
 
         XCTAssertEqual(resp.principalId, "John Appleseed")
         XCTAssertEqual(resp.policyDocument.statement.count, 1)
-        XCTAssertEqual(resp.policyDocument.statement[0].action, "s3:getObject")
+        XCTAssertEqual(resp.policyDocument.statement[0].action, ["s3:getObject"])
+        XCTAssertEqual(resp.context?.count, 2)
+        XCTAssertEqual(resp.context?["abc1"], "xyz1")
+    }
+
+    func testDecodingLambdaAuthorizerPolicyResponseWithMultipleResources() {
+        let statement = APIGatewayLambdaAuthorizerPolicyResponse.PolicyDocument.Statement(action: ["execute-api:Invoke"],
+                                                                                          effect: .allow,
+                                                                                          resource: [
+                                                                                            "arn:aws:execute-api:*:*:*/*/GET/v1/user/0123",
+                                                                                            "arn:aws:execute-api:*:*:*/*/POST/v1/user",
+                                                                                          ])
+        let policy = APIGatewayLambdaAuthorizerPolicyResponse.PolicyDocument(statement: [statement])
+        var resp = APIGatewayLambdaAuthorizerPolicyResponse(principalId: "John Appleseed",
+                                                            policyDocument: policy,
+                                                            context: ["abc1": "xyz1", "abc2": "xyz2"])
+
+        var data: Data?
+        XCTAssertNoThrow(data = try JSONEncoder().encode(resp))
+
+        var stringData: String?
+        XCTAssertNoThrow(stringData = String(data: try XCTUnwrap(data), encoding: .utf8))
+
+        data = stringData?.data(using: .utf8)
+        XCTAssertNoThrow(resp = try JSONDecoder().decode(APIGatewayLambdaAuthorizerPolicyResponse.self, from: XCTUnwrap(data)))
+
+        XCTAssertEqual(resp.principalId, "John Appleseed")
+        XCTAssertEqual(resp.policyDocument.statement.count, 1)
+        XCTAssertEqual(resp.policyDocument.statement[0].action, ["execute-api:Invoke"])
+        XCTAssertEqual(resp.policyDocument.statement[0].resource, [
+            "arn:aws:execute-api:*:*:*/*/GET/v1/user/0123",
+            "arn:aws:execute-api:*:*:*/*/POST/v1/user",
+            ])
         XCTAssertEqual(resp.context?.count, 2)
         XCTAssertEqual(resp.context?["abc1"], "xyz1")
     }