diff --git a/events/apigw.go b/events/apigw.go index 7999876c..05bf02a4 100644 --- a/events/apigw.go +++ b/events/apigw.go @@ -133,19 +133,20 @@ type APIGatewayV2HTTPResponse struct { // APIGatewayRequestIdentity contains identity information for the request caller. type APIGatewayRequestIdentity struct { - CognitoIdentityPoolID string `json:"cognitoIdentityPoolId,omitempty"` - AccountID string `json:"accountId,omitempty"` - CognitoIdentityID string `json:"cognitoIdentityId,omitempty"` - Caller string `json:"caller,omitempty"` - APIKey string `json:"apiKey,omitempty"` - APIKeyID string `json:"apiKeyId,omitempty"` - AccessKey string `json:"accessKey,omitempty"` - SourceIP string `json:"sourceIp"` - CognitoAuthenticationType string `json:"cognitoAuthenticationType,omitempty"` - CognitoAuthenticationProvider string `json:"cognitoAuthenticationProvider,omitempty"` - UserArn string `json:"userArn,omitempty"` //nolint: stylecheck - UserAgent string `json:"userAgent"` - User string `json:"user,omitempty"` + CognitoIdentityPoolID string `json:"cognitoIdentityPoolId,omitempty"` + AccountID string `json:"accountId,omitempty"` + CognitoIdentityID string `json:"cognitoIdentityId,omitempty"` + Caller string `json:"caller,omitempty"` + APIKey string `json:"apiKey,omitempty"` + APIKeyID string `json:"apiKeyId,omitempty"` + AccessKey string `json:"accessKey,omitempty"` + SourceIP string `json:"sourceIp"` + CognitoAuthenticationType string `json:"cognitoAuthenticationType,omitempty"` + CognitoAuthenticationProvider string `json:"cognitoAuthenticationProvider,omitempty"` + UserArn string `json:"userArn,omitempty"` //nolint: stylecheck + UserAgent string `json:"userAgent"` + User string `json:"user,omitempty"` + ClientCert *APIGatewayCustomAuthorizerRequestTypeRequestIdentityClientCert `json:"clientCert,omitempty"` } // APIGatewayWebsocketProxyRequest contains data coming from the API Gateway proxy diff --git a/events/apigw_test.go b/events/apigw_test.go index 6aceda3c..00611c90 100644 --- a/events/apigw_test.go +++ b/events/apigw_test.go @@ -33,6 +33,16 @@ func TestApiGatewayRequestMarshaling(t *testing.T) { t.Errorf("could not extract authorizer context: %v", authContext) } + clientCert := inputEvent.RequestContext.Identity.ClientCert + if clientCert.ClientCertPem != "CERT_CONTENT" || + clientCert.SubjectDN != "www.example.com" || + clientCert.IssuerDN != "Example issuer" || + clientCert.SerialNumber != "a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1" || + clientCert.Validity.NotBefore != "May 28 12:30:02 2019 GMT" || + clientCert.Validity.NotAfter != "Aug 5 09:36:04 2021 GMT" { + t.Errorf("could not extract client certificate content: %v", clientCert) + } + // serialize to json outputJSON, err := json.Marshal(inputEvent) if err != nil { diff --git a/events/testdata/apigw-request.json b/events/testdata/apigw-request.json index f58316e9..fbd0e8cd 100644 --- a/events/testdata/apigw-request.json +++ b/events/testdata/apigw-request.json @@ -79,7 +79,17 @@ "cognitoAuthenticationProvider": "theCognitoAuthenticationProvider", "userArn": "theUserArn", "userAgent": "PostmanRuntime/2.4.5", - "user": "theUser" + "user": "theUser", + "clientCert": { + "clientCertPem": "CERT_CONTENT", + "subjectDN": "www.example.com", + "issuerDN": "Example issuer", + "serialNumber": "a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1", + "validity": { + "notBefore": "May 28 12:30:02 2019 GMT", + "notAfter": "Aug 5 09:36:04 2021 GMT" + } + } }, "authorizer": { "principalId": "admin",