diff --git a/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift b/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift index b47baf5..fab1679 100644 --- a/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift +++ b/Sources/AWSLambdaEvents/APIGatewayLambdaAuthorizers.swift @@ -81,11 +81,19 @@ public struct APIGatewayLambdaAuthorizerPolicyResponse: Codable, Sendable { case deny = "Deny" } - public let action: String + public let action: [String] public let effect: Effect - public let resource: String + public let resource: [String] public init(action: String, effect: Effect, resource: String) { + self.init( + action: [action], + effect: effect, + resource: [resource] + ) + } + + public init(action: [String], effect: Effect, resource: [String]) { self.action = action self.effect = effect self.resource = resource diff --git a/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift b/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift index ea4dcc6..c141c57 100644 --- a/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift +++ b/Tests/AWSLambdaEventsTests/APIGatewayLambdaAuthorizerTest.swift @@ -171,7 +171,7 @@ class APIGatewayLambdaAuthorizerTests: XCTestCase { XCTAssertNoThrow(data = try JSONEncoder().encode(resp)) var stringData: String? - XCTAssertNoThrow(stringData = String(data: try XCTUnwrap(data), encoding: .utf8)) + XCTAssertNoThrow(stringData = try String(data: XCTUnwrap(data), encoding: .utf8)) data = stringData?.data(using: .utf8) XCTAssertNoThrow(resp = try JSONDecoder().decode(APIGatewayLambdaAuthorizerSimpleResponse.self, from: XCTUnwrap(data))) @@ -194,14 +194,46 @@ class APIGatewayLambdaAuthorizerTests: XCTestCase { XCTAssertNoThrow(data = try JSONEncoder().encode(resp)) var stringData: String? - XCTAssertNoThrow(stringData = String(data: try XCTUnwrap(data), encoding: .utf8)) + XCTAssertNoThrow(stringData = try String(data: XCTUnwrap(data), encoding: .utf8)) data = stringData?.data(using: .utf8) XCTAssertNoThrow(resp = try JSONDecoder().decode(APIGatewayLambdaAuthorizerPolicyResponse.self, from: XCTUnwrap(data))) XCTAssertEqual(resp.principalId, "John Appleseed") XCTAssertEqual(resp.policyDocument.statement.count, 1) - XCTAssertEqual(resp.policyDocument.statement[0].action, "s3:getObject") + XCTAssertEqual(resp.policyDocument.statement[0].action, ["s3:getObject"]) + XCTAssertEqual(resp.context?.count, 2) + XCTAssertEqual(resp.context?["abc1"], "xyz1") + } + + func testDecodingLambdaAuthorizerPolicyResponseWithMultipleResources() { + let statement = APIGatewayLambdaAuthorizerPolicyResponse.PolicyDocument.Statement(action: ["execute-api:Invoke"], + effect: .allow, + resource: [ + "arn:aws:execute-api:*:*:*/*/GET/v1/user/0123", + "arn:aws:execute-api:*:*:*/*/POST/v1/user", + ]) + let policy = APIGatewayLambdaAuthorizerPolicyResponse.PolicyDocument(statement: [statement]) + var resp = APIGatewayLambdaAuthorizerPolicyResponse(principalId: "John Appleseed", + policyDocument: policy, + context: ["abc1": "xyz1", "abc2": "xyz2"]) + + var data: Data? + XCTAssertNoThrow(data = try JSONEncoder().encode(resp)) + + var stringData: String? + XCTAssertNoThrow(stringData = try String(data: XCTUnwrap(data), encoding: .utf8)) + + data = stringData?.data(using: .utf8) + XCTAssertNoThrow(resp = try JSONDecoder().decode(APIGatewayLambdaAuthorizerPolicyResponse.self, from: XCTUnwrap(data))) + + XCTAssertEqual(resp.principalId, "John Appleseed") + XCTAssertEqual(resp.policyDocument.statement.count, 1) + XCTAssertEqual(resp.policyDocument.statement[0].action, ["execute-api:Invoke"]) + XCTAssertEqual(resp.policyDocument.statement[0].resource, [ + "arn:aws:execute-api:*:*:*/*/GET/v1/user/0123", + "arn:aws:execute-api:*:*:*/*/POST/v1/user", + ]) XCTAssertEqual(resp.context?.count, 2) XCTAssertEqual(resp.context?["abc1"], "xyz1") }