Setting Cookie in http response header from AWS lambda Node JS - node.js

I have a Lambda proxy integration enabled, and setting the response headers as part of Lambda output and API Gateway that will return them as part of the HTTP response to the client.
Sample code:
callback(null, {
"statusCode": 302,
"Location" : "https://somewebsite.com"
"headers": { "headerName": "headerValue", ... },
"body": "..."
});
I need to send out 3 cookies in the headers. I tried. But, failed:
callback(null, {
"statusCode": 302,
"Location" : "https://somewebsite.com"
"headers": { "Set-Cookie": [cookie1String, cookie2String, cookie3String] },
"body": "..."
});
[Edit]
I concatenated the cookie and passed in as the response, the client gets the cookie. But when the client calls the target in "location", the request does not have the cookie in the header.
callback(null, {
"statusCode": 302,
"Location" : "https://somewebsite.com"
"headers": { "Set-Cookie": c1=cookie1String;c2=cookie2String; c3=cookie3String] },
"body": "..."
});
Please help in sending these 3 cookies out to my client.


Use multiValueHeaders instead of headers.
const response = {
isBase64Encoded: true,
statusCode: 200,
multiValueHeaders : {"Set-Cookie": [`language=${language}`, `theme=${theme}`]},
body: JSON.stringify('User profile set successfully')
};
callback(null, response);
If you need it to be smarter, consider something like
function createHeaders(headers) {
const defaultHeaders = {
'Access-Control-Allow-Origin': '*',
};
const allHeaders = Object.assign({}, defaultHeaders, headers);
const singleValueHeaders = {};
const multiValueHeaders = {};
Object.entries(allHeaders).forEach(([key, value]) => {
const targetHeaders = Array.isArray(value) ? multiValueHeaders : singleValueHeaders;
Object.assign(targetHeaders, { [key]: value });
});
return {
headers: singleValueHeaders,
multiValueHeaders,
};
}
Then use it in the callback function.
callback(null, {
statusCode: status || 200,
body: JSON.stringify(body),
...createHeaders({ 'Set-Cookie': cookie }),
});


API gateway does not let you map the same header more than once. I got around by using different casing to set-cookie method.
callback(null, {
"statusCode": 302,
"Location" : "https://somewebsite.com"
"headers": { "Set-Cookie": cookie1, "set-Cookie": cookie2 },
"body": "..."
});


I would say that your issue is related to the fact that your response object in the callback is not formatted the way the api gateway expects.
These links reference aws documentation specifically to that.
http://docs.aws.amazon.com/apigateway/latest/developerguide/handle-errors-in-lambda-integration.html
Issue with your code...
'location' does not look like a valid property
Make sure your header key/value pairs are actual JSON objects using something like JSON.stringify
Don't forget to enable logs for both api gateway and lambda with full requests and responses. These two logs will help you debug.

Related

POST request to DeepL api through node.js not working

Can anyone spot any problems that may explain why the api client is giving me the forbidden error? I know the credentials are correct, as GET requests w the same info in the url work find.
Thank you in advance
app.get('/translate', (req, res) => {
var textToTranslate = "Hello friend"
const targetLanguage = "ES"
var link = `https://api-free.deepl.com/v2/translate`
var options =
{
method: 'POST',
headers: {
"Host": 'api-free.deepl.com',
"Content-Length": 54,
"Content-Type": 'application/x-www-form-urlencoded',
"User-Agent": "YourApp",
"Accept": "*/*",
},
body: JSON.stringify({
'auth_key': deeplAccessCode,
'text': textToTranslate,
'target_lang': targetLanguage
}),
}
return fetch(link, options)
.then((response) => {
console.log(response)
return response.json(); //Transform http body to json
})
.then((json)=> {
res.send(json) //return json to browser
})
.catch(e => {
console.log(e)
return res.sendStatus(400);
});
})

It's probably failing because you're setting your Content-Type of your body to be application/x-www-form-urlencoded (which is correct as per the DeepL API specification) but then you provide a JSON body (which would require content type to be application/json).
You need to provide a URL-encoded body instead, like the part you can also append to the URL after the ?. See also this answer on SO.

PUT API request returning JSON body error

Im trying to update a distribution list by sending a put request, when I run this code and test it in postman by giving it a JSON body I get this error in my node.js terminal stating SyntaxError: Unexpected end of JSON input ... any idea what I should change?
My PUT API request
app.put("/api/Dls/Add/:groupId" , (req, res) => {
const response = {
success: false
};
if (Authorized.myToken) {
response.success = true;
response.data = {};
var options = {
method: 'PUT',
url: 'https://SomeAPI.com/' + req.params.groupId,
headers:
{
Accept: 'application/json',
Authorization: 'Bearer' + ' ' + Authorized.myToken
},
body: JSON.stringify(req.body)
};
request(options, function (error, response, body){
if (error) {
console.log(error);
return;
}
const data = response.body;
const dls = JSON.parse(data)
return res.json(dls);
});
}
});
JSON body I'm passing through postman to test the API call
{
"groupId": "123456789",
"SomeField1": null,
"SomeField2": "xxxxxxxxx",
"SomeField3": true,
"SomeField4": "xxxxxxxxx",
"SomeField5": "xxxxxxxxx",
"SomeField6": [
"xxxxxxxxx"
],
"SomeField7": "xxxxxxxxx",
"SomeField8": "xxxxxxxxx",
"SomeField9": "xxxxxxxxx",
"SomeField10": "xxxxxxxxx",
"SomeField11": [],
"SomeField12": "xxxxxxxxx",
"SomeField13": null,
"SomeField14": false,
"SomeField15": ["xxxxxxxxx"]
}
Any feedback is appreciated!

If the JSON that you posted here is the real one that you pass via postman then, it is not the valid JSON as you have the same name properties. When I say valid it means you get something like this after posting to the endpoint.
{
"groupId": "123456789",
"SomeField": [
"xxxxxxxxx"
]
}
Request npm package is also deprecated so it is better to not use it and replace it with something like Axios. TBH I did not see any error in the code that causes the error that you mentioned, do you have access to the API to check the logs? Maybe something went wrong on the https://SomeAPI.com/ endpoint.

I figured out what the issue was, I needed to add the .end to the return statement
ex. return res.status(200).end()

Request must have at least one newMediaItem - Google Photos API

I'm trying to create media item using Google Photos API. Endpoint is documented here. If I copy and paste my payload to an API explorer which can be found in documentation, I get success:
Request inputed to an API Explorer and Successful response.
If I do the same in my node js program, I'm getting an error.
This is what I do:
const accessToken = "MyAccessToken";
payload = {
"newMediaItems": [
{
"description": "picture",
"simpleMediaItem": {
"uploadToken": "CAIS+QIASsyg4OQLX2Ao5hy6I734/b01mjk3Mqpom6DQ24iv7ZfAYLiXAy0WpOXCWJBNHrmBs6FE+a9Axu5CML+Ryu4VGawyf4skxM763mzC5GcjMY4rS/r6IwOekBIoE/aMJLJpRr1gW8jdhVJM89+kioTx9d+shyYeQDbVI8ezb1lXGp6irc9hZl7QA6xd+msXzbLD5nb+wc5CA6du95tP3buh5R5N/Knn+NwByebdEPCusl+X3p7DZ6ha72kLthUqdvwFsp8dpnGbNQBq8AFPVNHXB4C543iq+dYiRFYtICCxO8xi2cpONVT54Jl6l9rGh3Vnidwj5IwkbsXkyiN96HfRb9XLh0rCBw4ydV6Y9+C+OmTAqlQwIKy50I/ykHyzggroeJSbgphiQwFR2EbHwAeSKdsdIB03ItnunHtf3F2LRIitDRGI1n4VUEYE1dYjrrjR791ao24Dp8J3Hg8IRb8E3vFTeYMWyOk4mh/zQGInfNBnRY2ruHH0JA"
}
}
]
};
const response = await fetch('https://photoslibrary.googleapis.com/v1/mediaItems:batchCreate', {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": `Bearer ${accessToken}`
},
payload: JSON.stringify(payload)
});
const json = await response.json();
console.log(json);
And getting this response:
{ error:
{ code: 400,
message: 'Request must have at least one newMediaItem.',
status: 'INVALID_ARGUMENT' } }
What could go wrong here?
Any help is appreciated, thank you.

It looks like you are setting the JSON payload in the wrong parameter in your call to fetch. It should be set in the parameter body (and not in payload). The JSON itself looks okay.
This snippet should work:
const response = await fetch('https://photoslibrary.googleapis.com/v1/mediaItems:batchCreate', {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": `Bearer ${accessToken}`
},
body: JSON.stringify(payload)
});
Source: node-fetch 'Post with JSON' example

AWS lambda api gateway error "Malformed Lambda proxy response"

I am trying to set up a hello world example with AWS lambda and serving it through api gateway. I clicked the "Create a Lambda Function", which set up the api gatway and selected the Blank Function option. I added the lambda function found on AWS gateway getting started guide:
exports.handler = function(event, context, callback) {
callback(null, {"Hello":"World"}); // SUCCESS with message
};
The issue is that when I make a GET request to it, it's returning back a 502 response { "message": "Internal server error" }. And the logs say "Execution failed due to configuration error: Malformed Lambda proxy response".

Usually, when you see Malformed Lambda proxy response, it means your response from your Lambda function doesn't match the format API Gateway is expecting, like this
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
If you are not using Lambda proxy integration, you can login to API Gateway console and uncheck the Lambda proxy integration checkbox.
Also, if you are seeing intermittent Malformed Lambda proxy response, it might mean the request to your Lambda function has been throttled by Lambda, and you need to request a concurrent execution limit increase on the Lambda function.

If lambda is used as a proxy then the response format should be
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
Note : The body should be stringified

Yeah so I think this is because you're not actually returning a proper http response there which is why you're getting the error.
personally I use a set of functions like so:
module.exports = {
success: (result) => {
return {
statusCode: 200,
headers: {
"Access-Control-Allow-Origin" : "*", // Required for CORS support to work
"Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS
},
body: JSON.stringify(result),
}
},
internalServerError: (msg) => {
return {
statusCode: 500,
headers: {
"Access-Control-Allow-Origin" : "*", // Required for CORS support to work
"Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS
},
body: JSON.stringify({
statusCode: 500,
error: 'Internal Server Error',
internalError: JSON.stringify(msg),
}),
}
}
} // add more responses here.
Then you simply do:
var responder = require('responder')
// some code
callback(null, responder.success({ message: 'hello world'}))

For Python3:
import json
def lambda_handler(event, context):
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': json.dumps({
'success': True
}),
"isBase64Encoded": False
}
Note the body isn't required to be set, it can just be empty:
'body': ''

I had this issue, which originated from an invalid handler code which looks completely fine:
exports.handler = (event, context) => {
return {
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
};
}
I got the hint from examining the somewhat confusing API Gateway response logs:
> Endpoint response body before transformations: null
The way to fix it would be to either
Add the async keyword (async function implicitly returns a Promise):
exports.handler = async (event, context) => {
return {
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
};
}
Return a Promise:
exports.handler = (event, context) => {
return new Promise((resolve) => resolve({
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
}));
}
Use the callback:
exports.handler = (event, context, callback) => {
callback({
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
});
}
My handler was previously declared async without ever using await, so I removed the async keyword to reduce complexity of the code, without realizing that Lambda expects either using async/await/Promise or callback return method.

From the AWS docs
In a Lambda function in Node.js, To return a successful response, call
callback(null, {"statusCode": 200, "body": "results"}). To throw an
exception, call callback(new Error('internal server error')). For a
client-side error, e.g., a required parameter is missing, you can call
callback(null, {"statusCode": 400, "body": "Missing parameters of
..."}) to return the error without throwing an exception.

Just a piece of code for .net core and C# :
using Amazon.Lambda.APIGatewayEvents;
...
var response = new APIGatewayProxyResponse
{
StatusCode = (int)HttpStatusCode.OK,
Body = JsonConvert.SerializeObject(new { msg = "Welcome to Belarus! :)" }),
Headers = new Dictionary<string, string> { { "Content-Type", "application/json" } }
};
return response;
Response from lambda will be :
{"statusCode":200,"headers":{"Content-Type":"application/json"},"multiValueHeaders":null,"body":"{\"msg\":\"Welcome to Belarus! :)\"}","isBase64Encoded":false}
Response from api gateway will be :
{"msg":"Welcome to Belarus! :)"}

I've tried all of above suggestion but it doesn't work while body value is not String
return {
statusCode: 200,
headers: {
"Content-Type": "application/json",
"Access-Control-Allow-Origin": "*"
},
body: JSON.stringify({
success: true
}),
isBase64Encoded: false
};

A very very special case, if you pass the headers directly there is a chance you have this header:
"set-cookie": [ "........" ]
But Amazon needs this:
"set-cookie": "[ \\"........\\" ]"

For anyone else who struggles when the response appears valid. This does not work:
callback(null,JSON.stringify( {
isBase64Encoded: false,
statusCode: 200,
headers: { 'headerName': 'headerValue' },
body: 'hello world'
})
but this does:
callback(null,JSON.stringify( {
'isBase64Encoded': false,
'statusCode': 200,
'headers': { 'headerName': 'headerValue' },
'body': 'hello world'
})
Also, it appears that no extra keys are allowed to be present on the response object.

If you're using Go with https://github.com/aws/aws-lambda-go, you have to use events.APIGatewayProxyResponse.
func hello(ctx context.Context, event ImageEditorEvent) (events.APIGatewayProxyResponse, error) {
return events.APIGatewayProxyResponse{
IsBase64Encoded: false,
StatusCode: 200,
Headers: headers,
Body: body,
}, nil
}

I had this error because I accidentally removed the variable ServerlessExpressLambdaFunctionName from the CloudFormation AWS::Serverless::Api resource. The context here is https://github.com/awslabs/aws-serverless-express "Run serverless applications and REST APIs using your existing Node.js application framework, on top of AWS Lambda and Amazon API Gateway"

Most likely your returning body is in JSON format, but only STRING format is allowed for Lambda proxy integration with API Gateway.
So wrap your old response body with JSON.stringify().

In case the above doesn't work for anyone, I ran into this error despite setting the response variable correctly.
I was making a call to an RDS database in my function. It turned out that what was causing the problem was the security group rules (inbound) on that database.
You'll probably want to restrict the IP addresses that can access the API, but if you want to get it working quick / dirty to test out if that change fixes it you can set it to accept all like so (you can also set the range on the ports to accept all ports too, but I didn't do that in this example):

A common cause of the "Malformed Lambda proxy response" error is headers that are not {String: String, ...} key/values pairs.
Since set-cookie headers can and do appear in multiples, they are represented
in http.request.callback.response as the set-cookie key having an Array of
Strings value instead of a single String. While this works for developers, AWS
API Gateway doesn't understand it and throws a "Malformed Lambda proxy response"
error.
My solution is to do something like this:
function createHeaders(headers) {
const singleValueHeaders = {}
const multiValueHeaders = {}
Object.entries(headers).forEach(([key, value]) => {
const targetHeaders = Array.isArray(value) ? multiValueHeaders : singleValueHeaders
Object.assign(targetHeaders, { [key]: value })
})
return {
headers: singleValueHeaders,
multiValueHeaders,
}
}
var output = {
...{
"statusCode": response.statusCode,
"body": responseString
},
...createHeaders(response.headers)
}
Note that the ... above does not mean Yada Yada Yada. It's the ES6 spread operator.

Here's another approach. Configure the mapping template in your API gateway integration request and response. Go to IntegrationRequest -> MappingTemplate -> select "When there are no templates defined" -> type application/json for content-type. Then you don't have to explicitly send a json. Even the response you get at your client can be a plain string.

The format of your function response is the source of this error. For API Gateway to handle a Lambda function's response, the response must be JSON in this format:
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
Here's an example function in Node.js with the response correctly formatted:
exports.handler = (event, context, callback) => {
var responseBody = {
"key3": "value3",
"key2": "value2",
"key1": "value1"
};
var response = {
"statusCode": 200,
"headers": {
"my_header": "my_value"
},
"body": JSON.stringify(responseBody),
"isBase64Encoded": false
};
callback(null, response);
};
Ref: https://aws.amazon.com/premiumsupport/knowledge-center/malformed-502-api-gateway/

Python 3.7
Before
{
"isBase64Encoded": False,
"statusCode": response.status_code,
"headers": {
"Content-Type": "application/json",
},
"body": response.json()
}
After
{
"isBase64Encoded": False,
"statusCode": response.status_code,
"headers": {
"Content-Type": "application/json",
},
"body": str(response.json()) //body must be of string type
}

If you're just new to AWS and just want your URL working,
If you haven't created a trigger for your Lambda Function, navigate to the function in Lambda Functions app and create trigger choosing API Gateway.
Navigate to API Gateway App -> Choose your Particular Lambda's API Gateway (Method execution) -> Click on INTEGRATION Request -> Uncheck "Use Lambda Proxy integration" (check box).
Then click on "<-Method Execution" & click on Test Client section. Provide the options and click test button. You should see a success response.
If you are still unable to get a success response, create an alias for the correct version (if you have multiple versions in the Lambda Function)
Pick the URL from the logs and use your POST/GET Tool (Postman) and choose authentication as AWS Signature - provide your authentication keys(AccessKey & SecretKey) in the postman request with AWS Region & Service Name as lambda.
P.S : This may only help beginners and may be irrelevant to others.

google maps tracks api - send request using node js

In order to access the google maps tracks API, i have access token sent by Google’s OAuth 2.0 Authorization Server. Now i need to send this access token with every http request i made to google map tracks API. Where should i put this access token in http request ?. I tried to put in headers as 'X-Access-Token' : 'myaccesstoken', but am getting response from api as below.
body: '{\n "error": {\n "errors": [\n {\n "domain": "global",\n "reason": "required",\n "message": "Login Required",\n "locationType": "header",\n "location": "Authorization"\n }\n ],\n "code": 401,\n "message": "Login Required"\n }\n}\n' }
I referred google map tracks API official documentation https://developers.google.com/maps/documentation/tracks/auth, but unable to solve this error.
below is the code am using to authenticate with Google’s OAuth 2.0 Authorization Server, and code to send request to google map tracks API.
var jwt = new googleapis.auth.JWT(client_email, keyFile, null, scopes, null);
jwt.authorize(function(jwtErr, tokens){
if(jwtErr){
return;
}
else{
headers = {
'content-type' : 'application/json',
'X-Access-Token' : tokens.access_token
};
options = {
url : 'https://www.googleapis.com/tracks/v1/geofences/list',
headers : headers,
method : 'POST',
};
request(options, function(error, response, body){
if(error){
return;
}
console.log(response);
});
}
});

Found the solution, access token should be put in
header : { 'Authorization' : 'myaccesstoken' },
so after changes, code will look like below.
var jwt = new googleapis.auth.JWT(client_email, keyFile, null, scopes, null);
jwt.authorize(function(jwtErr, tokens){
if(jwtErr){
return;
}
else{
headers = {
'content-type' : 'application/json;charset=utf-8',
'content-length': Buffer.byteLength(data),
**'Authorization' : tokens.access_token**
};
options = {
host: 'www.googleapis.com',
path: '/tracks/v1/entities/create',
headers : headers,
method : 'POST',
};
var post_req = https.request(options, function(res){
res.setEncoding('utf8');
res.on('data', function (chunk) {
console.log('Response: ' + chunk);
});
});
post_req.on('error', function(error_msg){
console.log(error_msg);
});
post_req.write(data);
post_req.end();
}
});

Resources