Bug: `APIGatewayRequestAuthorizerEventV2Schema` has invalid definition for the `identitySource` field

[hibanka]

Expected Behavior

The identitySource field in APIGatewayRequestAuthorizerEventV2 can be null when the Lambda authorizer is not configured with an identity source (see screenshot from the AWS Console below).

Current Behavior

The current definition does not account for this scenario, leading to an error:

powertools-lambda-typescript/packages/parser/src/schemas/apigwv2.ts

Line 233 in e1bc6c5

identitySource: APIGatewayStringArray,

Even the @types/aws-lambda package has invalid type definition:

https://github.com/DefinitelyTyped/DefinitelyTyped/blob/01bf6ea3ae73629f4d488d777df91781e466ba15/types/aws-lambda/trigger/api-gateway-authorizer.d.ts#L38

Code snippet

APIGatewayRequestAuthorizerEventV2Schema.parse(event);

Steps to Reproduce

When creating a Lambda authorizer, do not specify an identity source.

Possible Solution

add .nullable()

Powertools for AWS Lambda (TypeScript) version

latest

AWS Lambda function runtime

20.x

Packaging format used

npm

Execution logs

[am29d]

Hey @hibanka , thanks for opening the issue, this makes sense, the docs even says the identity source is optional:

You can optionally specify identity sources for a Lambda authorizer.

Quick fix incoming...

Дякую!

[leandrodamascena]

This is also a bug in Powertools Python - https://github.com/aws-powertools/powertools-lambda-python/blob/develop/aws_lambda_powertools/utilities/parser/models/apigwv2.py#L75.

Thanks for reporting this @hibanka.

[am29d]

I just ran a quick test in the console, I can't reproduce an event with identitySource: null on API GW V2. @hibanka how did you configure the API GW?

Here is an example event I have got:

{
    "level": "INFO",
    "sampling_rate": 0,
    "service": "service_undefined",
    "timestamp": "2025-01-17T09:53:25.550Z",
    "xray_trace_id": "1-678a2895-213d6967651dc359012d63e3",
    "version": "2.0",
    "type": "REQUEST",
    "routeArn": "arn:aws:execute-api:eu-west-1:xxx:xxx/dev/GET/",
    "routeKey": "GET /",
    "rawPath": "/dev/",
    "headers": {
        "accept": "*/*",
        "accept-encoding": "gzip, deflate",
        "content-length": "0",
        "host": "xxx.execute-api.eu-west-1.amazonaws.com",
        "user-agent": "HTTPie/3.2.3",
        "x-amzn-trace-id": "Root=1-678a2895-2366ebd0602dd62318fec21f",
        "x-forwarded-for": "188.192.53.6",
        "x-forwarded-port": "443",
        "x-forwarded-proto": "https"
    },
    "requestContext": {
        "accountId": "xxxx",
        "apiId": "8x9ewplh90",
        "domainName": "xxx.execute-api.eu-west-1.amazonaws.com",
        "domainPrefix": "xxx",
        "http": {
            "method": "GET",
            "path": "/dev/",
            "protocol": "HTTP/1.1",
            "sourceIp": "188.192.53.6",
            "userAgent": "HTTPie/3.2.3"
        },
        "requestId": "EhtHagMOjoEEMLA=",
        "routeKey": "GET /",
        "stage": "dev",
        "time": "17/Jan/2025:09:53:25 +0000",
        "timeEpoch": 1737107605402
    }
}

I called the endpoint from my terminal via public URL.

Edit: nvm, we remove null values with the logger.