Running app locally with built-in authorizers does not use specified header

[crazydevman]

As per the documentation, we are able to define a built-in authorizer using the decorator function authorizer as in this example:
@app.authorizer(ttl_seconds=600, header="CustomHeader")

However, when running locally via the chalice local command, the 'header' parameter is ignored and the app will only accept the "authorization" header. The local app should instead use the value "CustomHeader".

Steps to reproduce:

1. Follow example app from here: https://aws.github.io/chalice/topics/authorizers.html#built-in-authorizers
2. Update the annotation to change the header field to "CustomHeader".
3. Run the updated app via chalice local.
4. Hit the endpoint as per the documentation except using "CustomHeader" instead of "Authorization". Notice how the request is rejected.

It appears that deployed apps do not have this issue, only when running locally.

[looprewind]

Hi, I'm having the same issue running chalice local, haven't try it deployed on a lambda

Just trying these:

from chalice import Chalice, AuthResponse

app = Chalice(app_name="appname")


@app.authorizer(header='x-auth-token')
def my_auth(auth_request):
    # Will add some code to validate the token
    return AuthResponse(routes=['*'], principal_id='username')


@app.route('/', authorizer=my_auth)
def test():
    return {'hello': 'world'}

If I do

curl --request GET 'http://127.0.0.1:8000/' --header 'x-auth-token: my.personal.token'

returns a 401 Unauthorized {"message": "Unauthorized"}

Trying with

curl --request GET 'http://127.0.0.1:8000/' --header 'Authorization: my.personal.token'

returns a 200 OK with {'hello': 'world'}

I'm also having the same results with chalice --debug local --stage dev