Set up initial Lambda sturucture with Cognito

Create demo Lambda/Gateway pair with Cognito integration

.gitignore

@@ -44,6 +44,7 @@ captures/
 .idea/assetWizardSettings.xml
 .idea/dictionaries
 .idea/libraries
+*.idea*
 # Android Studio 3 in .gitignore file.
 .idea/caches
 .idea/modules.xml

Lambdas/Lists/pom.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>groupId</groupId>
+    <artifactId>Lists</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-lambda-java-core</artifactId>
+            <version>1.2.1</version>
+        </dependency>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-lambda-java-events</artifactId>
+            <version>3.1.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-lambda-java-log4j2</artifactId>
+            <version>1.2.0</version>
+        </dependency>
+    </dependencies>
+</project>

Lambdas/Lists/src/main/java/ListAdd.java

@@ -0,0 +1,22 @@
+import java.util.Map;
+
+import com.amazonaws.services.lambda.runtime.Context;
+import com.amazonaws.services.lambda.runtime.RequestHandler;
+
+public class ListAdd implements RequestHandler<Map<String,Object>, String>{
+
+
+    public String handleRequest(Map<String, Object> inputMap, Context unfilled) {
+        System.out.println(inputMap.keySet());
+        System.out.println(inputMap.entrySet());
+        Map<String, Object> contextMap;
+        if ((inputMap.get("context") != null) && (inputMap.get("context") instanceof Map<?, ?>)) {
+            contextMap = ((Map<String, Object>) inputMap.get("context"));
+        } else {
+            throw new IllegalArgumentException("The key \"Context\" must exist and be a map");
+        }
+        System.out.println(inputMap.get("context"));
+        System.out.println(contextMap.get("sub"));
+        return null;
+    }
+}

Listify/Pipfile

@@ -0,0 +1,11 @@
+[[source]]
+name = "pypi"
+url = "https://pypi.org/simple"
+verify_ssl = true
+
+[dev-packages]
+
+[packages]
+
+[requires]
+python_version = "3.8"

Listify/amplify/backend/auth/listifyf4fad454/listifyf4fad454-cloudformation-template.yml

@@ -94,7 +94,7 @@ Parameters:
                       
   userPoolGroupList:
     Type: CommaDelimitedList
-                  
+      
   serviceName:
     Type: String
                     

Listify/amplify/backend/auth/listifyf4fad454/parameters.json

@@ -1,6 +1,6 @@
 {
     "identityPoolName": "listifyf4fad454_identitypool_f4fad454",
-    "allowUnauthenticatedIdentities": false,
+    "allowUnauthenticatedIdentities": true,
     "resourceNameTruncated": "listiff4fad454",
     "userPoolName": "listifyf4fad454_userpool_f4fad454",
     "autoVerifiedAttributes": [

Listify/amplify/backend/backend-config.json

@@ -6,5 +6,7 @@
       "dependsOn": [],
       "customAuth": false
     }
-  }
+  },
+  "function": {},
+  "api": {}
 }

Listify/app/src/main/java/com/example/listify/AuthManager.java

@@ -1,15 +1,15 @@
 package com.example.listify;
 
-import android.util.Log;
 import com.amplifyframework.auth.AuthException;
 import com.amplifyframework.auth.AuthSession;
+import com.amplifyframework.auth.cognito.AWSCognitoAuthSession;
 import com.amplifyframework.auth.options.AuthSignUpOptions;
 import com.amplifyframework.auth.result.AuthSignInResult;
 import com.amplifyframework.auth.result.AuthSignUpResult;
 import com.amplifyframework.core.Amplify;
 
 public class AuthManager {
-    AuthSession authSession = null;
+    AWSCognitoAuthSession authSession = null;
     AuthSignUpResult authSignUpResult = null;
     AuthSignInResult authSignInResult = null;
     AuthException authError = null;
@@ -27,14 +27,21 @@ public class AuthManager {
         throwIfAuthError();
     }
 
-    public AuthSession getAuthSession() throws AuthException {
+    public AWSCognitoAuthSession getAuthSession() throws AuthException {
-        fetchAuthSession();
+        if (authSession == null) {
+            fetchAuthSession();
+        }
+
         return authSession;
     }
 
+    public String getUserToken() {
+        return authSession.getUserPoolTokens().getValue().getIdToken();
+    }
+
 
     public void setAuthSession(AuthSession toSet) {
-        authSession = toSet;
+        authSession = (AWSCognitoAuthSession) toSet;
         waiting = false;
     }
 

Listify/app/src/main/java/com/example/listify/MainActivity.java

@@ -35,6 +35,7 @@ public class MainActivity extends AppCompatActivity {
         try {
             authManager.signIn("merzn@purdue.edu", "Password123");
             Log.i("Authentication", authManager.getAuthSession().toString());
+            Log.i("Token", authManager.getAuthSession().getUserPoolTokens().getValue().getIdToken());
         } catch (AuthException e) {
             Log.i("Authentication", "Login failed. User probably needs to register. Exact error: " + e.getMessage());
             try {

Tooling/EndpointSetup.sh

@@ -0,0 +1,42 @@
+#Base script from: https://github.com/NMerz/DoctorsNote/blob/master/AWS%20Setup/Lambda-GatewayInitialization.sh
+
+#NOTE: This has been tested and works; however, the apigateway does not properly show as a trigger in AWS's web UI
+#NOTE2: This assumes that the root Gateway and Lambda role have been set up previously (one-time setup) and their values are store in the constants below
+
+#constants
+APIID=datoh7woc9 #rest-api-id is tied to the apigateway while resource-id seems tied to the specific url extension
+ROOTRESOURCEID=6xrzhzidxh #gateway root should have a consistent resource id which will serve as parent for many apis
+LAMBDAROLE=arn:aws:iam::569815541706:role/LambdaBasic
+LANGUAGE=java11
+DEPLOYSTAGE=Development
+
+DEBUGFILE=/dev/null
+
+echo -n "Please enter function name: "
+read functionName
+echo -n "Please enter path to zip of function code: "
+read functionPath
+echo -n "Please enter url extension: "
+read partName
+
+LAMBDAARN=$(aws lambda create-function --function-name ${functionName} --zip-file fileb://${functionPath} --runtime ${LANGUAGE} --role ${LAMBDAROLE} --handler ${functionName}.lambda_handler | head -n 3 | tail -n 1 | cut -d \" -f 4)
+
+echo ${LAMBDAARN} > ${DEBUGFILE}
+
+RESOURCEID=$(aws apigateway create-resource --rest-api-id ${APIID} --parent-id ${ROOTRESOURCEID} --path-part ${partName} | head -n 2 | tail -n 1 | cut -d \" -f 4)
+
+echo ${RESOURCEID} > ${DEBUGFILE}
+
+aws apigateway put-method --rest-api-id ${APIID} --resource-id ${RESOURCEID} --http-method POST --authorization-type COGNITO_USER_POOLS --authorizer-id awt4cs --api-key-required > ${DEBUGFILE}
+
+aws apigateway put-integration --rest-api-id ${APIID} --resource-id ${RESOURCEID} --http-method POST --type AWS --integration-http-method POST --uri arn:aws:apigateway:us-east-2:lambda:path/2015-03-31/functions/${LAMBDAARN}/invocations > ${DEBUGFILE}
+
+aws lambda add-permission --function-name ${functionName} --statement-id ${functionName}API --action lambda:InvokeFunction --principal apigateway.amazonaws.com > ${DEBUGFILE}
+
+aws apigateway put-method-response  --rest-api-id ${APIID} --resource-id ${RESOURCEID} --http-method POST --status-code 200 > ${DEBUGFILE}
+
+aws apigateway put-integration-response  --rest-api-id ${APIID} --resource-id ${RESOURCEID} --http-method POST --status-code 200 --selection-pattern "" > ${DEBUGFILE}
+
+aws apigateway create-deployment --rest-api-id ${APIID} --stage-name ${DEPLOYSTAGE} --description "Deployment by creation script for function ${functionName}" > ${DEBUGFILE}
+
+

Tooling/aws_method_request_passthrough.json

@@ -0,0 +1,7 @@
+{
+	"body": $input.json('$'),
+	"context" : {
+		"sub" : "$context.authorizer.claims.sub",
+		"email" : "$context.authorizer.claims.email"
+	}
+}