Merge core changes for 1.3 release

.gitignore

@@ -22,6 +22,10 @@ release.properties
 dependency-reduced-pom.xml
 buildNumber.properties
 .mvn/timing.properties
+.gradle/
+gradle/
+build/
+gradlew*
 
 # Exclude maven wrapper
 !/.mvn/wrapper/maven-wrapper.jar

.travis.yml

@@ -1,4 +1,14 @@
 language: java
+dist: trusty
 jdk:
-  - oraclejdk8
-script: mvn install
+  - openjdk8
+addons:
+  apt:
+    update: true
+before_install:
+  - wget https://services.gradle.org/distributions/gradle-5.0-bin.zip
+  - mkdir /opt/gradle
+  - unzip -d /opt/gradle gradle-5.0-bin.zip
+  - export GRADLE=/opt/gradle/gradle-5.0/bin/gradle
+install: true
+script: ./travis.sh

aws-serverless-java-container-core/pom.xml

@@ -69,9 +69,23 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpmime</artifactId>
-            <version>4.5.3</version>
+            <version>4.5.6</version>
+            <scope>compile</scope>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpclient</artifactId>
+            <version>4.5.6</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpcore</artifactId>
+            <version>4.4.10</version>
+            <scope>compile</scope>
+        </dependency>
     </dependencies>
 
     <build>
@@ -162,7 +176,7 @@
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
-                <version>3.3.2</version>
+                <version>${dependencyCheck.version}</version>
                 <configuration>
                     <skipProvidedScope>true</skipProvidedScope>
                     <suppressionFiles>

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/AwsProxyExceptionHandler.java

@@ -16,12 +16,9 @@
 import com.amazonaws.serverless.proxy.internal.LambdaContainerHandler;
 import com.amazonaws.serverless.proxy.model.AwsProxyResponse;
 import com.amazonaws.serverless.proxy.model.ErrorModel;
-import com.amazonaws.serverless.proxy.model.MultiValuedTreeMap;
+import com.amazonaws.serverless.proxy.model.Headers;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.jsonFormatVisitors.JsonValueFormat;
-import com.fasterxml.jackson.databind.ser.std.JsonValueSerializer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -30,8 +27,6 @@
 
 import java.io.IOException;
 import java.io.OutputStream;
-import java.util.HashMap;
-import java.util.Map;
 
 /**
  * Default implementation of the <code>ExceptionHandler</code> object that returns AwsProxyResponse objects.
@@ -58,7 +53,7 @@ public class AwsProxyExceptionHandler
     // Variables - Private - Static
     //-------------------------------------------------------------
 
-    private static MultiValuedTreeMap<String, String> headers = new MultiValuedTreeMap<>(String.CASE_INSENSITIVE_ORDER);
+    private static Headers headers = new Headers();
 
     //-------------------------------------------------------------
     // Constructors

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/AwsProxySecurityContextWriter.java

@@ -19,7 +19,7 @@
 import javax.ws.rs.core.SecurityContext;
 
 /**
- * Default impolementation of <code>SecurityContextWriter</code>. Creates a SecurityContext object based on an API Gateway
+ * Default implementation of <code>SecurityContextWriter</code>. Creates a SecurityContext object based on an API Gateway
  * event and the Lambda context. This returns the default <code>AwsProxySecurityContext</code> instance.
  */
 public class AwsProxySecurityContextWriter implements SecurityContextWriter<AwsProxyRequest> {

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/ExceptionHandler.java

@@ -20,7 +20,7 @@
  * handled by the client applications directly within the container and a valid HTTP response is expected. This handler
  * is used for exceptions thrown by the library while marshalling and unmarshalling requests and responses.
  *
- * The interface delcares two methods. A typed <code>handle</code> method for requests that are being proxied using a
+ * The interface declares two methods. A typed <code>handle</code> method for requests that are being proxied using a
  * request and response type <code>LambdaContainerHandler</code>, and a stream-based
  * <code>handle</code> method for <a href="http://docs.aws.amazon.com/lambda/latest/dg/java-handler-io-type-stream.html" target="_blank">
  * Lambda's <code>RequestStreamHandler</code></a>.

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/RequestReader.java

@@ -27,7 +27,7 @@
  * object that supports requests for the AWS_PROXY integration.
  *
  * @param <RequestType> The type for the AWS Lambda event
- * @param <ContainerRequestType> The type for the undelying container request object
+ * @param <ContainerRequestType> The type for the underlying container request object
  */
 public abstract class RequestReader<RequestType, ContainerRequestType> {
 
@@ -45,6 +45,11 @@ public abstract class RequestReader<RequestType, ContainerRequestType> {
      */
     public static final String API_GATEWAY_STAGE_VARS_PROPERTY = "com.amazonaws.apigateway.stage.variables";
 
+    /**
+     * The key for the <strong>ALB context</strong> property in the PropertiesDelegate object
+     */
+    public static final String ALB_CONTEXT_PROPERTY = "com.amazonaws.alb.request.context";
+
     /**
      * The key to store the entire API Gateway event
      */

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/ResponseWriter.java

@@ -25,7 +25,7 @@
  * or a <code>ResponseReader</code> implementation. For example, the Jersey library passes the response reader object to
  * the default implementation of this class.
  *
- * @param <ContainerResponseType> The response object expceted from the underlying container
+ * @param <ContainerResponseType> The response object expected from the underlying container
  * @param <ResponseType> The type for the Lambda function return value
  */
 public abstract class ResponseWriter<ContainerResponseType, ResponseType> {

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/SecurityUtils.java

@@ -7,9 +7,7 @@
 
 import java.io.File;
 import java.io.IOException;
-import java.util.ArrayList;
 import java.util.HashSet;
-import java.util.List;
 import java.util.Locale;
 import java.util.Set;
 

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/jaxrs/AwsProxySecurityContext.java

@@ -12,12 +12,23 @@
  */
 package com.amazonaws.serverless.proxy.internal.jaxrs;
 
+import com.amazonaws.serverless.proxy.internal.LambdaContainerHandler;
 import com.amazonaws.serverless.proxy.model.AwsProxyRequest;
 import com.amazonaws.serverless.proxy.model.CognitoAuthorizerClaims;
 import com.amazonaws.services.lambda.runtime.Context;
 
+import com.fasterxml.jackson.core.type.TypeReference;
+
 import javax.ws.rs.core.SecurityContext;
+
+import java.io.IOException;
 import java.security.Principal;
+import java.util.Base64;
+import java.util.Map;
+
+import static com.amazonaws.serverless.proxy.model.AwsProxyRequest.*;
+import static com.amazonaws.serverless.proxy.model.AwsProxyRequest.RequestSource.API_GATEWAY;
+
 
 /**
  * default implementation of the <code>SecurityContext</code> object. This class supports 3 API Gateway's authorization methods:
@@ -31,12 +42,15 @@ public class AwsProxySecurityContext
         implements SecurityContext {
 
     //-------------------------------------------------------------
-    // Constants - Private
+    // Constants - Package
     //-------------------------------------------------------------
 
-    private static final String AUTH_SCHEME_CUSTOM = "CUSTOM_AUTHORIZER";
-    private static final String AUTH_SCHEME_COGNITO_POOL = "COGNITO_USER_POOL";
-    private static final String AUTH_SCHEME_AWS_IAM = "AWS_IAM";
+    static final String AUTH_SCHEME_CUSTOM = "CUSTOM_AUTHORIZER";
+    static final String AUTH_SCHEME_COGNITO_POOL = "COGNITO_USER_POOL";
+    static final String AUTH_SCHEME_AWS_IAM = "AWS_IAM";
+
+    static final String ALB_ACESS_TOKEN_HEADER = "x-amzn-oidc-accesstoken";
+    static final String ALB_IDENTITY_HEADER = "x-amzn-oidc-identity";
 
 
     //-------------------------------------------------------------
@@ -78,7 +92,12 @@ public Principal getUserPrincipal() {
         if (getAuthenticationScheme().equals(AUTH_SCHEME_CUSTOM) || getAuthenticationScheme().equals(AUTH_SCHEME_AWS_IAM)) {
             return () -> {
                 if (getAuthenticationScheme().equals(AUTH_SCHEME_CUSTOM)) {
-                    return event.getRequestContext().getAuthorizer().getPrincipalId();
+                    switch (event.getRequestSource()) {
+                    case API_GATEWAY:
+                        return event.getRequestContext().getAuthorizer().getPrincipalId();
+                    case ALB:
+                        return event.getMultiValueHeaders().getFirst(ALB_IDENTITY_HEADER);
+                    }
                 } else if (getAuthenticationScheme().equals(AUTH_SCHEME_AWS_IAM)) {
                     // if we received credentials from Cognito Federated Identities then we return the identity id
                     if (event.getRequestContext().getIdentity().getCognitoIdentityId() != null) {
@@ -112,15 +131,24 @@ public boolean isSecure() {
 
 
     public String getAuthenticationScheme() {
-        if (event.getRequestContext().getAuthorizer() != null && event.getRequestContext().getAuthorizer().getClaims() != null && event.getRequestContext().getAuthorizer().getClaims().getSubject() != null) {
-            return AUTH_SCHEME_COGNITO_POOL;
-        } else if (event.getRequestContext().getAuthorizer() != null) {
-            return AUTH_SCHEME_CUSTOM;
-        } else if (event.getRequestContext().getIdentity().getAccessKey() != null) {
-            return AUTH_SCHEME_AWS_IAM;
-        } else {
-            return null;
+        switch (event.getRequestSource()) {
+        case API_GATEWAY:
+            if (event.getRequestContext().getAuthorizer() != null && event.getRequestContext().getAuthorizer().getClaims() != null
+                && event.getRequestContext().getAuthorizer().getClaims().getSubject() != null) {
+                return AUTH_SCHEME_COGNITO_POOL;
+            } else if (event.getRequestContext().getAuthorizer() != null) {
+                return AUTH_SCHEME_CUSTOM;
+            } else if (event.getRequestContext().getIdentity().getAccessKey() != null) {
+                return AUTH_SCHEME_AWS_IAM;
+            } else {
+                return null;
+            }
+        case ALB:
+            if (event.getMultiValueHeaders().containsKey(ALB_ACESS_TOKEN_HEADER)) {
+                return AUTH_SCHEME_CUSTOM;
+            }
         }
+        return null;
     }
 
 

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/ApacheCombinedServletLogFormatter.java

@@ -2,7 +2,8 @@
 
 
 import com.amazonaws.serverless.proxy.LogFormatter;
-import com.amazonaws.serverless.proxy.model.ApiGatewayRequestContext;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequest;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequestContext;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 
@@ -19,6 +20,7 @@
 import java.util.Locale;
 
 import static com.amazonaws.serverless.proxy.RequestReader.API_GATEWAY_CONTEXT_PROPERTY;
+import static com.amazonaws.serverless.proxy.RequestReader.API_GATEWAY_EVENT_PROPERTY;
 import static java.time.temporal.ChronoField.DAY_OF_MONTH;
 import static java.time.temporal.ChronoField.HOUR_OF_DAY;
 import static java.time.temporal.ChronoField.MINUTE_OF_HOUR;
@@ -64,14 +66,15 @@ public ApacheCombinedServletLogFormatter() {
     public String format(ContainerRequestType servletRequest, ContainerResponseType servletResponse, SecurityContext ctx) {
         //LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
         StringBuilder logLineBuilder = new StringBuilder();
-        ApiGatewayRequestContext gatewayContext = (ApiGatewayRequestContext)servletRequest.getAttribute(API_GATEWAY_CONTEXT_PROPERTY);
+        AwsProxyRequest req = (AwsProxyRequest)servletRequest.getAttribute(API_GATEWAY_EVENT_PROPERTY);
+        AwsProxyRequestContext gatewayContext = req.getRequestContext();
 
         // %h
         logLineBuilder.append(servletRequest.getRemoteAddr());
         logLineBuilder.append(" ");
 
         // %l
-        if (gatewayContext != null) {
+        if (gatewayContext != null && req.getRequestSource() == AwsProxyRequest.RequestSource.API_GATEWAY) {
             if (gatewayContext.getIdentity().getUserArn() != null) {
                 logLineBuilder.append(gatewayContext.getIdentity().getUserArn());
             } else {

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java

@@ -14,12 +14,11 @@
 
 import com.amazonaws.serverless.proxy.RequestReader;
 import com.amazonaws.serverless.proxy.internal.SecurityUtils;
-import com.amazonaws.serverless.proxy.model.ApiGatewayRequestContext;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequestContext;
 import com.amazonaws.serverless.proxy.model.ContainerConfig;
 import com.amazonaws.serverless.proxy.model.MultiValuedTreeMap;
 import com.amazonaws.services.lambda.runtime.Context;
 
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -34,16 +33,13 @@
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
 import java.time.format.DateTimeFormatter;
-import java.util.AbstractMap;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.stream.Collectors;
 
 
 /**
@@ -92,7 +88,7 @@ public abstract class AwsHttpServletRequest implements HttpServletRequest {
     //-------------------------------------------------------------
 
     /**
-     * Protected constructors for implemnenting classes. This should be called first with the context received from
+     * Protected constructors for implementing classes. This should be called first with the context received from
      * AWS Lambda
      * @param lambdaContext The Lambda function context. This object is used for utility methods such as log
      */
@@ -116,7 +112,7 @@ public String getRequestedSessionId() {
     public HttpSession getSession(boolean b) {
         log.debug("Trying to access session. Lambda functions are stateless and should not rely on the session");
         if (b && null == this.session) {
-            ApiGatewayRequestContext requestContext = (ApiGatewayRequestContext) getAttribute(RequestReader.API_GATEWAY_CONTEXT_PROPERTY);
+            AwsProxyRequestContext requestContext = (AwsProxyRequestContext) getAttribute(RequestReader.API_GATEWAY_CONTEXT_PROPERTY);
             this.session = new AwsHttpSession(requestContext.getRequestId());
         }
         return this.session;

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletResponse.java

@@ -13,7 +13,8 @@
 package com.amazonaws.serverless.proxy.internal.servlet;
 
 import com.amazonaws.serverless.proxy.internal.SecurityUtils;
-import com.amazonaws.serverless.proxy.model.MultiValuedTreeMap;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequest;
+import com.amazonaws.serverless.proxy.model.Headers;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import org.slf4j.Logger;
@@ -33,6 +34,9 @@
 import java.util.*;
 import java.util.concurrent.CountDownLatch;
 
+import static com.amazonaws.serverless.proxy.RequestReader.API_GATEWAY_EVENT_PROPERTY;
+
+
 /**
  * Basic implementation of the <code>HttpServletResponse</code> object. This is used by the <code>AwsProxyHttpServletResponseWriter</code>
  * to generate an <code>AwsProxyResponse</code> object. We have an additional <code>getAwsResponseHeaders()</code> method
@@ -52,7 +56,7 @@ public class AwsHttpServletResponse
     // Variables - Private
     //-------------------------------------------------------------
 
-    private MultiValuedTreeMap<String, String> headers = new MultiValuedTreeMap<>(String.CASE_INSENSITIVE_ORDER);
+    private Headers headers = new Headers();
     private int statusCode;
     private String statusMessage;
     private String responseBody;
@@ -404,7 +408,7 @@ public boolean isCommitted() {
 
     @Override
     public void reset() {
-        headers = new MultiValuedTreeMap<>();
+        headers = new Headers();
         responseBody = null;
         writer = null;
         bodyOutputStream = new ByteArrayOutputStream();
@@ -439,10 +443,14 @@ byte[] getAwsResponseBodyBytes() {
     }
 
 
-    MultiValuedTreeMap<String, String> getAwsResponseHeaders() {
+    Headers getAwsResponseHeaders() {
         return headers;
     }
 
+    AwsProxyRequest getAwsProxyRequest() {
+        return (AwsProxyRequest)request.getAttribute(API_GATEWAY_EVENT_PROPERTY);
+    }
+
 
     //-------------------------------------------------------------
     // Methods - Private