I have configured a custom lambda authorizer of REQUEST type. I have added 4 new custom request headers as Identity source at API --> Authorizers --> Identity Sources and 1 default Authorization. So in total there are 5.
When I make a call to the API which has the above authorizer configured, the authorizer is being called twice. First time with values to all parameters in the event object second time with empty event object.
Since event object is null, my code is throwing null pointer even though first time validated claims successfully and returned Allow policy.
Initially I tried with token type authorizer but token alone itself was not enough for me to verify. Token type works just fine. I.e. there is no 2nd request made. When I moved to REQUEST type I started seeing this issue.
Below are logs from cloudwatch
2019-03-28 05:53:33 b78955e6-c072-4ada-945f-c8d34490d2ad DEBUG APIGatewayLambdaAuthorizer:92 - Sucess: Request authorized
2019-03-28 05:53:33 b78955e6-c072-4ada-945f-c8d34490d2ad TRACE APIGatewayLambdaAuthorizer:103 - Exit: Policy generated: {policyDocument={Version=2012-10-17, Statement=[{Action=execute-api:Invoke, Resource=arn:aws:execute-api:us-east-2:851424344156:67w9c9wojb/stage/GET/, Effect=Allow}]}, principalId=yC98Q4Edda9QqwYVkkhe75sUR8SS25pK@clients}
2019-03-28 05:53:33 090465d8-2c04-4869-83fb-cdcde53d33b7 TRACE APIGatewayLambdaAuthorizer:82 - Enter event:
{}
, context: lambdainternal.api.LambdaContext@4c5474f5
java.lang.NullPointerException: java.lang.NullPointerException
java.lang.NullPointerException
