enhancement request: Add support for validating requests on the API Gateway before proceeding with the integration

[robertlcx]

Is there an existing issue for this?

• I have searched the existing issues

Enhancement description

On AWS, you can configure API Gateway to perform basic validation of an API request before proceeding with the integration request.

When the validation fails, API Gateway immediately fails the request, returns a 400 error response to the caller, and publishes the validation results in CloudWatch Logs. Exporting the results to CloudWatch isn't strictly required for a first revision of this ticket.

API Gateway can perform the basic request validation, so that you can focus on app-specific validation in the backend. For validation, API Gateway verifies either or both of the following conditions:

1. The required request parameters in the URI, query string, and headers of an incoming request are included and not blank.
   The applicable request payload adheres to the configured JSON schema request of the method.
2. To turn on validation, you specify validation rules in a request validator, add the validator to the API's map of request validators, and assign the validator to individual API methods.

This reduces unnecessary calls to the backend. More importantly, it lets you focus on the validation efforts specific to your application. You can validate a request body by verifying that required request parameters are valid and non-null or by specifying a model schema for more complicated data validation.

🧑‍💻 Implementation

No response

Anything else?

This is a user-requested feature.

[localstack-bot]

Welcome to LocalStack! Thanks for reporting your first issue and our team will be working towards fixing the issue for you or reach out for more background information. We recommend joining our Slack Community for real-time help and drop a message to LocalStack Pro Support if you are a Pro user! If you are willing to contribute towards fixing this issue, please have a look at our contributing guidelines and our contributing guide.

[bentsku]

Just a note, we currently support request validators for the request Body, validating the JSON Schema.

localstack/localstack/services/apigateway/invocations.py

Lines 95 to 132 in 8ab4114

	def validate_body(self, resource):
	# if there's no model to validate the body, use the Empty model
	# https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-apigateway.EmptyModel.html
	if not (request_models := resource.get("requestModels")):
	model_name = EMPTY_MODEL
	else:
	model_name = request_models.get(APPLICATION_JSON, EMPTY_MODEL)
	model_resolver = ModelResolver(
	rest_api_container=self.rest_api_container,
	model_name=model_name,
	)
	# try to get the resolved model first
	resolved_schema = model_resolver.get_resolved_model()
	if not resolved_schema:
	LOG.exception(
	"An exception occurred while trying to validate the request: could not find the model"
	)
	return False
	try:
	# if the body is empty, replace it with an empty JSON body
	validate(
	instance=json.loads(self.context.data or "{}"),
	schema=resolved_schema,
	)
	return True
	except ValidationError as e:
	LOG.warning("failed to validate request body %s", e)
	return False
	except json.JSONDecodeError as e:
	LOG.warning("failed to validate request body, request data is not valid JSON %s", e)
	return False
	# TODO implement parameters and headers
	def validate_parameters_and_headers(self, resource):
	return True

We are however still missing validating URI, query string, and headers.