通过 serverless 设置 API 网关的请求验证器

Question

我想通过无服务器设置 API 网关的请求验证器。我为请求验证器尝试了两种不同的设置。但是，这两种方法都失败了。我已经总结了我所做的，所以如果有什么问题，请告诉我。

1. 我在 swagger(OAS3.0) 中编写了 API 规范。因此我尝试使用OAS扩展来实现Request Validator的设置。在我sls deploy使用下面的swagger.yaml和之后serverless.yml，没有将 中描述的验证模式x-amazon-apigateway-request-validators添加到请求验证器选项中。 https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-request-validator.html

swagger.yaml 在下面：

openapi: 3.0.0

info:
  description: xxx
  version: '0.1'
  title: xxx API
x-amazon-apigateway-request-validators:
  body-only:
    validateRequestBody: true,
    validateRequestParameters: false
  except-body:
    validateRequestBody: false,
    validateRequestParameters: true
  all:
    validateRequestBody: true,
    validateRequestParameters: true
tags:
  - name: auth
    description: xxx
paths:
  /login:
    post:
      tags:
        - auth
      summary: xxx
      description: ''
      x-amazon-apigateway-request-validator: all
      responses:
        '200':
          description: success
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthResponse'
        '400':
          description: fail
          content:
            application/json
        '401':
          description: fail
          content:
            application/json
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthRequest'
        required: true
      x-amazon-apigateway-integration:
        responses:
          default:
            statusCode: "200"
        uri: "arn:aws:apigateway:ap-northeast-1:lambda:path/2015-03-31/functions/arn:aws:lambda:ap-northeast-1:xxxxxxxxxxxx:function:xxx-api-dev-login/invocations"
        passthroughBehavior: "when_no_match"
        httpMethod: "POST"
        contentHandling: "CONVERT_TO_TEXT"
        type: "aws_proxy"

我serverless.yml的如下：

resources:
  Resources:
    RestApi :
      Type : AWS::ApiGateway::RestApi
      Properties :
        Body : ${file(./swagger.yaml)}
    LoginApiToInvokeLambda:
      Type: AWS::Lambda::Permission
      DependsOn: LoginLambdaFunction
      Properties:
        FunctionName: xxx-ext-api-dev-login
        Action: lambda:InvokeFunction
        Principal: apigateway.amazonaws.com

2. 我尝试使用AWS::ApiGateway::RequestValidator. 在我sls deploy使用了 aboveswagger.yaml和 below 之后serverless.yml，中all描述RequestValidatorAll的内容severless.yml被添加到请求验证器选项中。但是Request Validator 的默认值仍然是NONE。

resources:
  Resources:
    RestApi :
      Type : AWS::ApiGateway::RestApi
      Properties :
        Body : ${file(./swagger.yaml)}
    LoginApiToInvokeLambda:
      Type: AWS::Lambda::Permission
      DependsOn: LoginLambdaFunction
      Properties:
        FunctionName: xxx-ext-api-dev-login
        Action: lambda:InvokeFunction
        Principal: apigateway.amazonaws.com
    RequestValidatorAll:
      Type: AWS::ApiGateway::RequestValidator
      Properties:
        Name: all
        RestApiId:
          Ref: RestApi
        ValidateRequestBody: true
        ValidateRequestParameters: true

Answer 1

您需要删除 YAML 中的逗号。

IE

x-amazon-apigateway-request-validators:  
 body-only:  
    validateRequestBody: true,  
    validateRequestParameters: false
  except-body:
    validateRequestBody: false,
    validateRequestParameters: true
  all:
    validateRequestBody: true,
    validateRequestParameters: true

应该

x-amazon-apigateway-request-validators:
  body-only:
    validateRequestBody: true
    validateRequestParameters: false
  except-body:
    validateRequestBody: false
    validateRequestParameters: true
  all:
    validateRequestBody: true
    validateRequestParameters: true

执行此操作后，YAML 将有效并且应该可以工作。