Skip to content

fromx support for authorizers #2304

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
GarrettBeatty wants to merge 2 commits into
base: feature/auth
Choose a base branch
from
+4,193 −268
Draft

fromx support for authorizers #2304

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6e76525
fromx support for authorizers
GarrettBeatty Mar 9, 2026
0084e03
update readme
GarrettBeatty Mar 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions ...mazon.Lambda.Annotations.SourceGenerator/Amazon.Lambda.Annotations.SourceGenerator.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,14 @@
<Generator>TextTemplatingFilePreprocessor</Generator>
<LastGenOutput>ExecutableAssembly.cs</LastGenOutput>
</None>
<None Update="Templates\AuthorizerSetupParameters.tt">
<Generator>TextTemplatingFilePreprocessor</Generator>
<LastGenOutput>AuthorizerSetupParameters.cs</LastGenOutput>
</None>
<None Update="Templates\AuthorizerInvoke.tt">
<Generator>TextTemplatingFilePreprocessor</Generator>
<LastGenOutput>AuthorizerInvoke.cs</LastGenOutput>
</None>
</ItemGroup>

<ItemGroup>
Expand Down Expand Up @@ -136,6 +144,16 @@
<AutoGen>True</AutoGen>
<DependentUpon>ExecutableAssembly.tt</DependentUpon>
</Compile>
<Compile Update="Templates\AuthorizerSetupParameters.cs">
<DesignTime>True</DesignTime>
<AutoGen>True</AutoGen>
<DependentUpon>AuthorizerSetupParameters.tt</DependentUpon>
</Compile>
<Compile Update="Templates\AuthorizerInvoke.cs">
<DesignTime>True</DesignTime>
<AutoGen>True</AutoGen>
<DependentUpon>AuthorizerInvoke.tt</DependentUpon>
</Compile>
</ItemGroup>

<ItemGroup>
Expand Down
18 changes: 18 additions & 0 deletions .../src/Amazon.Lambda.Annotations.SourceGenerator/Models/Attributes/AttributeModelBuilder.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,24 @@ public static AttributeModel Build(AttributeData att, GeneratorExecutionContext
Type = TypeModelBuilder.Build(att.AttributeClass, context)
};
}
else if (att.AttributeClass.Equals(context.Compilation.GetTypeByMetadataName(TypeFullNames.HttpApiAuthorizerAttribute), SymbolEqualityComparer.Default))
{
var data = HttpApiAuthorizerAttributeBuilder.Build(att);
model = new AttributeModel<HttpApiAuthorizerAttribute>
{
Data = data,
Type = TypeModelBuilder.Build(att.AttributeClass, context)
};
}
else if (att.AttributeClass.Equals(context.Compilation.GetTypeByMetadataName(TypeFullNames.RestApiAuthorizerAttribute), SymbolEqualityComparer.Default))
{
var data = RestApiAuthorizerAttributeBuilder.Build(att);
model = new AttributeModel<RestApiAuthorizerAttribute>
{
Data = data,
Type = TypeModelBuilder.Build(att.AttributeClass, context)
};
}
else
{
model = new AttributeModel
Expand Down
3 changes: 2 additions & 1 deletion Libraries/src/Amazon.Lambda.Annotations.SourceGenerator/Models/EventType.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ public enum EventType
S3,
SQS,
DynamoDB,
Schedule
Schedule,
Authorizer
}
}
5 changes: 5 additions & 0 deletions Libraries/src/Amazon.Lambda.Annotations.SourceGenerator/Models/EventTypeBuilder.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,11 @@ public static HashSet<EventType> Build(IMethodSymbol lambdaMethodSymbol,
{
events.Add(EventType.SQS);
}
else if (attribute.AttributeClass.ToDisplayString() == TypeFullNames.HttpApiAuthorizerAttribute
|| attribute.AttributeClass.ToDisplayString() == TypeFullNames.RestApiAuthorizerAttribute)
{
events.Add(EventType.Authorizer);
}
}

return events;
Expand Down
79 changes: 77 additions & 2 deletions ...aries/src/Amazon.Lambda.Annotations.SourceGenerator/Models/GeneratedMethodModelBuilder.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ private static IList<string> BuildUsings(LambdaMethodModel lambdaMethodModel,

namespaces.Add("Amazon.Lambda.Core");

if(lambdaMethodModel.ReturnsIHttpResults)
if(lambdaMethodModel.ReturnsIHttpResults || lambdaMethodModel.ReturnsIAuthorizerResult)
{
namespaces.Add("Amazon.Lambda.Annotations.APIGateway");
}
Expand All @@ -79,6 +79,26 @@ private static TypeModel BuildResponseType(IMethodSymbol lambdaMethodSymbol,
return TypeModelBuilder.Build(typeStream, context);
}

// For authorizer functions returning IAuthorizerResult, the generated handler returns Stream
// (the IAuthorizerResult.Serialize method produces the JSON stream)
if (lambdaMethodModel.ReturnsIAuthorizerResult)
{
var typeStream = context.Compilation.GetTypeByMetadataName(TypeFullNames.Stream);
if (lambdaMethodModel.ReturnsGenericTask)
{
var genericTask = task.Construct(typeStream);
return TypeModelBuilder.Build(genericTask, context);
}
return TypeModelBuilder.Build(typeStream, context);
}

// For authorizer functions that return raw API Gateway types (backwards compatibility),
// pass through the return type as-is
if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.HttpApiAuthorizerAttribute) ||
lambdaMethodSymbol.HasAttribute(context, TypeFullNames.RestApiAuthorizerAttribute))
{
return lambdaMethodModel.ReturnType;
}

if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.RestApiAttribute))
{
Expand Down Expand Up @@ -143,6 +163,20 @@ private static HttpApiVersion GetHttpApiVersion(IMethodSymbol lambdaMethodSymbol
return (HttpApiVersion)versionArgument.Value;
}

private static AuthorizerPayloadFormatVersion GetAuthorizerPayloadFormatVersion(AttributeData authorizerAttribute)
{
var versionArg = authorizerAttribute.NamedArguments
.FirstOrDefault(arg => arg.Key == "AuthorizerPayloadFormatVersion").Value;

if (versionArg.Type == null || versionArg.Value == null)
{
// Default is V2
return AuthorizerPayloadFormatVersion.V2;
}

return (AuthorizerPayloadFormatVersion)(int)versionArg.Value;
}

private static IList<ParameterModel> BuildParameters(IMethodSymbol lambdaMethodSymbol,
LambdaMethodModel lambdaMethodModel, GeneratorExecutionContext context)
{
Expand All @@ -158,7 +192,48 @@ private static IList<ParameterModel> BuildParameters(IMethodSymbol lambdaMethodS
Documentation = "The ILambdaContext that provides methods for logging and describing the Lambda environment."
};

if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.RestApiAttribute))
if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.HttpApiAuthorizerAttribute))
{
// For HTTP API authorizer functions, the generated handler accepts the authorizer request type
var authorizerAttribute = lambdaMethodSymbol.GetAttributeData(context, TypeFullNames.HttpApiAuthorizerAttribute);
var payloadVersion = GetAuthorizerPayloadFormatVersion(authorizerAttribute);

string requestTypeName;
if (payloadVersion == AuthorizerPayloadFormatVersion.V2)
{
requestTypeName = TypeFullNames.APIGatewayCustomAuthorizerV2Request;
}
else
{
requestTypeName = TypeFullNames.APIGatewayCustomAuthorizerRequest;
}

var symbol = context.Compilation.GetTypeByMetadataName(requestTypeName);
var type = TypeModelBuilder.Build(symbol, context);
var requestParameter = new ParameterModel
{
Name = "__request__",
Type = type,
Documentation = "The API Gateway authorizer request object that will be processed by the Lambda function handler."
};
parameters.Add(requestParameter);
parameters.Add(contextParameter);
}
else if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.RestApiAuthorizerAttribute))
{
// For REST API authorizer functions, always use APIGatewayCustomAuthorizerRequest
var symbol = context.Compilation.GetTypeByMetadataName(TypeFullNames.APIGatewayCustomAuthorizerRequest);
var type = TypeModelBuilder.Build(symbol, context);
var requestParameter = new ParameterModel
{
Name = "__request__",
Type = type,
Documentation = "The API Gateway authorizer request object that will be processed by the Lambda function handler."
};
parameters.Add(requestParameter);
parameters.Add(contextParameter);
}
else if (lambdaMethodSymbol.HasAttribute(context, TypeFullNames.RestApiAttribute))
{
var symbol = context.Compilation.GetTypeByMetadataName(TypeFullNames.APIGatewayProxyRequest);
var type = TypeModelBuilder.Build(symbol, context);
Expand Down
25 changes: 25 additions & 0 deletions Libraries/src/Amazon.Lambda.Annotations.SourceGenerator/Models/LambdaMethodModel.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,31 @@ public bool ReturnsIHttpResults
}
}

/// <summary>
/// Returns true if the Lambda function returns either IAuthorizerResult or Task&lt;IAuthorizerResult&gt;
/// </summary>
public bool ReturnsIAuthorizerResult
{
get
{
if (ReturnsVoid)
{
return false;
}

if (ReturnType.FullName == TypeFullNames.IAuthorizerResult)
{
return true;
}
if (ReturnsGenericTask && ReturnType.TypeArguments.Count == 1 && ReturnType.TypeArguments[0].FullName == TypeFullNames.IAuthorizerResult)
{
return true;
}

return false;
}
}

/// <summary>
/// Returns true if the Lambda function returns either void, Task, SQSBatchResponse or Task<SQSBatchResponse>
/// </summary>
Expand Down
Loading
Loading