Blog

Custom Domains for AWS API Gateway Without Route 53

There’s some very good articles on using the Serverless Framework to setup custom domains for API Gateway endpoints. For my use case I wasn’t planning to use Route 53 for DNS hosting for the domain so they were missing a crucial step. This post documents that step. Configuration Follow the article linked above to setup the plugin and basic configuration. The configuration for the custom domain in theserverless.yml file is almost exactly as shown in the article with the exception of the createRoute53Record line which I changed to turn off the Route 53 DNS interaction. Setup Steps With that change [Read on…]

Compressing POST Requests in Flutter

Posting to REST endpoints from mobile applications is a very common use case. Some of those POST requests can get a little large and it can be useful to compress them before sending to save the user some data. It turns out to be very easy to do this compression in Flutter and I didn’t find resources for it when I went looking so I thought I’d record the steps I took. Code Example This is pretty much just the standard example of using POST. The two things that need to change to send compressed content is to add the [Read on…]

‘What’s My Name’ for Serverless Framework

It is frequently useful to know the name of a generated resource in the Serverless Framework when building for AWS. I had been struggling with this when I needed to refer to a generated resource in a separate CloudFormation section. After much searching I found a very useful trick that is probably already well documented but I’ll add my small bit of amplification here. Finding the Generated CloudFormation Serverless works by generating a CloudFormation template based on the serverless.yml file. This generated file is accessible in a hidden subdirectory of the directory that contains the serverless.yml file if you run [Read on…]

Handling permission requests in Android for Flutter plugins

Updated for the new plugin registration process in Flutter 1.12. While building the Android functionality for a plugin recently I had to handle a system permission request. Although all the parts of that are simple it took me a while to figure out how to put them together. In hopes of making it simpler for others looking to do this here’s all the bits in one place. Note: Code examples are Kotlin, there’s a full gist here. The gist is for pre 1.12, I’ll try to get a post 1.12 gist up in the next little while but until then [Read on…]

DST Dart and DateTime & How to Unit Test

Like all programmers I have a pretty long held grudge against daylight savings time, leap years, time zones, and just generally anything to do with dates and times. The ways in which date complexity have hurt over the years are many and varied. This year’s pain provided a good opportunity to use the excellent unit test support for time in Dart. This post is a tiny bit about date calculations and mostly about how to get control over dates in tests. What Went Wrong This Year This is the history and context part of the post. If you just want [Read on…]

Character Encoding and Go on AWS

Ah character encoding, my old friend, I have not missed you. I was visited recently by a recurring demon from my past, character encoding. Sometimes it seems like every new environment is just waiting to spring some encoding problem on me. Since pretty much all modern environments use utf-8, these are at least getting rarer. This post describes how to ensure that responses from API Gateway endpoints from Go are properly interpreted by the receiver. Lambda Proxy Response The response from a Lambda proxy integration to API Gateway in Go is usually an APIGatewayResponse object. In my case I was [Read on…]

Defensive Programming Saves the Day – Again

Every once in a while the value of a coding practice like unit testing is reinforced, yesterday was one of those days so I wanted to share with my future self in case I ever start to doubt. Also, the set of technical practices that I first learned as XP (Extreme Programming), are not as common as I used to think, so this is my small contribution to improving that. The Problem The code was using an ID received from an external source as an internal unique identifier. The identifier was assumed to be unique across objects of the same [Read on…]

Lambda Go API Gateway Integration and Parameters

As part of a recent project, I was trying to get the parameters from a REST call on AWS API Gateway in a Go Lambda. I found the documentation to be a bit scattered and hard to find so I have documented what I learned. The answer is simple so hopefully this doc helps someone else who struggled with the docs. API Gateway to Lambda Integration There are two main ways of invoking a Lambda from an API Gateway endpoint. All of my code uses proxy integration. There’s a section here that describes the differences, and as far as I [Read on…]

Google Sign In and Refresh

One of the dark corners of the OAuth experience is refresh tokens. Every time I play with OAuth based authentication, refresh bites me. Assume some level of hand waving and simplification in what follows as I’m not trying to be perfectly detailed about OAuth. OAuth and Refresh Tokens The way OAuth2 generally works is that after a successful authentication two tokens are generated, an access token and a refresh token. The access token is used to access a service. For example, to make a REST call the developer would include the access token in the header. Access tokens have an [Read on…]

AWS API Gateway & Access Tokens

AWS supports authenticating API calls using a token issued by Cognito authentication. This allows for good integration of identity into AWS APIs. Setting up the integration is relatively easy, create an authorizer of type COGNITO_USER_POOLS and attach it to the endpoint. Now provide the id token from a Cognito authorization response in a request through the Authorization header and the call will succeed. Without that header, or with an invalid value, the gateway will reject the call with a 403 error. That’s the simple path, unfortunately OAuth doesn’t have just one token and using the id token for this is [Read on…]