Get context data from Lambda Authorizer (APi Gateway)

Question

I'm using the Aws Lambda authorizer to secure an Api gateway. The authorizer lambda function is written in python using this blueprint from aws ( https://github.com/awslabs/aws-apigateway-lambda-authorizer-blueprints/blob/master/blueprints/python/api-gateway-authorizer-python.py )

I added this code in the "blueprint"

if(event['authorizationToken'] == 'allow'):
    policy.allowAllMethods()
else:
    policy.denyAllMethods()


# Finally, build the policy
authResponse = policy.build()
 
# new! -- add additional key-value pairs associated with the authenticated principal
# these are made available by APIGW like so: $context.authorizer.<key>
# additional context is cached
context = {
    'key': 'somevalue, # $context.authorizer.key -> value
    'number' : 1,
    'bool' : True
}
# context['arr'] = ['foo'] <- this is invalid, APIGW will not accept it
# context['obj'] = {'foo':'bar'} <- also invalid
 
authResponse['context'] = context

return authResponse

However in the lambda function attached to the route i cannot find the context value from authorizer. How can i get the values from context[key] ?

Answer 1

The solution is to use Mapping Templates on Integration Request. If you look at the route pipeline you will see that before reaching the Lambda Function you have a "Integration Request" section (and also a Integration Response)

In Integration Request you have the option to edit the input into lambda function via Mapping Templates.

So, i created a new Mapping Template ( use "Where" there are no Templates defined) Content -Type use application/json and in the actual template use something like #set($inputRoot = $input.path('$'))

{
 "key":"$context.authorizer.key"
}

Attention : the above template will remove the original output. That data is found in $inputRoot and you can add it to response using this format

{
    "key":"$context.authorizer.key",
    "originalkey":$inputRoot.originalkey
}

Answer 2

With the help of accepted answer I had came up with this:

##  See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html
##  This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload
#set($inputRoot = $input.path('$'))
#set($authorizer = $context.authorizer)
#set($allParams = $input.params())
{
    #foreach($key in $inputRoot.keySet())
    "$key" : "$util.escapeJavaScript($inputRoot.get($key))"
        #if($foreach.hasNext),#end
    #end,
    "context" : {
        "params" : {
            #foreach($type in $allParams.keySet())
                #set($params = $allParams.get($type))
                "$type" : {
                    #foreach($paramName in $params.keySet())
                    "$paramName" : "$util.escapeJavaScript($params.get($paramName))"
                        #if($foreach.hasNext),#end
                    #end
                }
                #if($foreach.hasNext),#end
            #end
        },
        "stage-variables" : {
            #foreach($key in $stageVariables.keySet())
            "$key" : "$util.escapeJavaScript($stageVariables.get($key))"
                #if($foreach.hasNext),#end
            #end
        },
        #foreach($key in $context.keySet())
        "$key" : "$util.escapeJavaScript($context.get($key))"
            #if($foreach.hasNext),#end
        #end,
        "authorizer": {
            #foreach($key in $authorizer.keySet())
            "$key" : "$util.escapeJavaScript($authorizer.get($key))"
                #if($foreach.hasNext),#end
            #end
        }
    }
}