localstack
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/context.py
Lines changed: 6 additions & 4 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/context.py
Lines changed: 6 additions & 4 deletions
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/gateway.py
Lines changed: 1 addition & 0 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/gateway.py
Lines changed: 1 addition & 0 deletions
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/__init__.py
Lines changed: 2 additions & 0 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/__init__.py
Lines changed: 2 additions & 0 deletions
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/gateway_exception.py
Lines changed: 23 additions & 5 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/gateway_exception.py
Lines changed: 23 additions & 5 deletions
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration.py
Lines changed: 1 addition & 1 deletion b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration_request.py
Lines changed: 95 additions & 19 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration_request.py
Lines changed: 95 additions & 19 deletions
diff --git a/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration_response.py
Lines changed: 1 addition & 22 deletions b/‎localstack-core/localstack/services/apigateway/next_gen/execute_api/handlers/integration_response.py
Lines changed: 1 addition & 22 deletions
@@ -5,7 +5,7 @@
 from rolo.gateway import RequestContext
 from werkzeug.datastructures import Headers
 
-from localstack.aws.api.apigateway import Method, Resource
+from localstack.aws.api.apigateway import Integration, Method, Resource
 from localstack.services.apigateway.models import RestApiDeployment
 
 from .variables import ContextVariables, LoggingContextVariables
@@ -72,10 +72,10 @@ class RestApiInvocationContext(RequestContext):
     This context is going to be used to pass relevant information across an API Gateway invocation.
     """
 
-    invocation_request: Optional[InvocationRequest]
-    """Contains the data relative to the invocation request"""
     deployment: Optional[RestApiDeployment]
     """Contains the invoked REST API Resources"""
+    integration: Optional[Integration]
+    """The Method Integration for the invoked request"""
     api_id: Optional[str]
     """The REST API identifier of the invoked API"""
     stage: Optional[str]
@@ -87,7 +87,7 @@ class RestApiInvocationContext(RequestContext):
     account_id: Optional[str]
     """The account the REST API is living in."""
     resource: Optional[Resource]
-    """The resource the invocation matched"""  # TODO: verify if needed through the invocation
+    """The resource the invocation matched"""
     resource_method: Optional[Method]
     """The method of the resource the invocation matched"""
     stage_variables: Optional[dict[str, str]]
@@ -96,6 +96,8 @@ class RestApiInvocationContext(RequestContext):
     """The $context used in data models, authorizers, mapping templates, and CloudWatch access logging"""
     logging_context_variables: Optional[LoggingContextVariables]
     """Additional $context variables available only for access logging, not yet implemented"""
+    invocation_request: Optional[InvocationRequest]
+    """Contains the data relative to the invocation request"""
     integration_request: Optional[IntegrationRequest]
     """Contains the data needed to construct an HTTP request to an Integration"""
     endpoint_response: Optional[EndpointResponse]
 
@@ -33,6 +33,7 @@ def __init__(self):
         )
         self.response_handlers.extend(
             [
+                handlers.response_enricher
                 # add composite response handlers?
             ]
         )
 
@@ -10,6 +10,7 @@
 from .method_response import MethodResponseHandler
 from .parse import InvocationRequestParser
 from .resource_router import InvocationRequestRouter
+from .response_enricher import InvocationResponseEnricher
 
 legacy_handler = LegacyHandler()
 parse_request = InvocationRequestParser()
@@ -22,3 +23,4 @@
 method_response_handler = MethodResponseHandler()
 gateway_exception_handler = GatewayExceptionHandler()
 api_key_validation_handler = ApiKeyValidationHandler()
+response_enricher = InvocationResponseEnricher()
@@ -2,6 +2,7 @@
 import logging
 
 from rolo import Response
+from werkzeug.datastructures import Headers
 
 from localstack.constants import APPLICATION_JSON
 from localstack.services.apigateway.next_gen.execute_api.api import (
@@ -13,6 +14,9 @@
     BaseGatewayException,
     get_gateway_response_or_default,
 )
+from localstack.services.apigateway.next_gen.execute_api.variables import (
+    GatewayResponseContextVarsError,
+)
 
 LOG = logging.getLogger(__name__)
 
@@ -40,11 +44,21 @@ def __call__(
             )
             return
 
-        LOG.debug("Error raised during invocation: %s", exception.type)
+        LOG.info("Error raised during invocation: %s", exception.type)
+        self.set_error_context(exception, context)
         error = self.create_exception_response(exception, context)
         if error:
             response.update_from(error)
 
+    @staticmethod
+    def set_error_context(exception: BaseGatewayException, context: RestApiInvocationContext):
+        context.context_variables["error"] = GatewayResponseContextVarsError(
+            message=exception.message,
+            messageString=exception.message,
+            responseType=exception.type,
+            validationErrorString="",  # TODO
+        )
+
     def create_exception_response(
         self, exception: BaseGatewayException, context: RestApiInvocationContext
     ):
@@ -60,13 +74,17 @@ def create_exception_response(
         if not status_code:
             status_code = exception.status_code or 500
 
-        return Response(response=content, headers=headers, status=status_code)
+        response = Response(response=content, headers=headers, status=status_code)
+        return response
 
-    def _build_response_content(self, exception: BaseGatewayException) -> str:
+    @staticmethod
+    def _build_response_content(exception: BaseGatewayException) -> str:
         # TODO apply responseTemplates to the content. We should also handle the default simply by managing the default
         #  template body `{"message":$context.error.messageString}`
         return json.dumps({"message": exception.message})
 
-    def _build_response_headers(self, exception: BaseGatewayException) -> dict:
+    @staticmethod
+    def _build_response_headers(exception: BaseGatewayException) -> dict:
         # TODO apply responseParameters to the headers and get content-type from the gateway_response
-        return {"content-type": APPLICATION_JSON, "x-amzn-ErrorType": exception.code}
+        headers = Headers({"Content-Type": APPLICATION_JSON, "x-amzn-ErrorType": exception.code})
+        return headers
@@ -18,7 +18,7 @@ def __call__(
         context: RestApiInvocationContext,
         response: Response,
     ):
-        integration_type = context.resource_method["methodIntegration"]["type"]
+        integration_type = context.integration["type"]
         is_proxy = "PROXY" in integration_type
 
         integration = REST_API_INTEGRATIONS.get(integration_type)
 
@@ -1,16 +1,18 @@
 import logging
+from http import HTTPMethod
 
 from werkzeug.datastructures import Headers
 
 from localstack.aws.api.apigateway import Integration, IntegrationType
 from localstack.constants import APPLICATION_JSON
-from localstack.http import Response
+from localstack.http import Request, Response
 from localstack.utils.collections import merge_recursive
-from localstack.utils.strings import to_bytes, to_str
+from localstack.utils.strings import short_uid, to_bytes, to_str
 
 from ..api import RestApiGatewayHandler, RestApiGatewayHandlerChain
 from ..context import IntegrationRequest, InvocationRequest, RestApiInvocationContext
-from ..gateway_response import UnsupportedMediaTypeError
+from ..gateway_response import InternalServerError, UnsupportedMediaTypeError
+from ..header_utils import drop_headers, set_default_headers
 from ..helpers import render_integration_uri
 from ..parameters_mapping import ParametersMapper, RequestDataMapping
 from ..template_mapping import (
@@ -23,6 +25,30 @@
 
 LOG = logging.getLogger(__name__)
 
+# Illegal headers to include in transformation
+ILLEGAL_INTEGRATION_REQUESTS_COMMON = [
+    "content-length",
+    "transfer-encoding",
+    "x-amzn-trace-id",
+    "X-Amzn-Apigateway-Api-Id",
+]
+ILLEGAL_INTEGRATION_REQUESTS_AWS = [
+    *ILLEGAL_INTEGRATION_REQUESTS_COMMON,
+    "authorization",
+    "connection",
+    "expect",
+    "proxy-authenticate",
+    "te",
+]
+
+# These are dropped after the templates override were applied. they will never make it to the requests.
+DROPPED_FROM_INTEGRATION_REQUESTS_COMMON = ["Expect", "Proxy-Authenticate", "TE"]
+DROPPED_FROM_INTEGRATION_REQUESTS_AWS = [*DROPPED_FROM_INTEGRATION_REQUESTS_COMMON, "Referer"]
+DROPPED_FROM_INTEGRATION_REQUESTS_HTTP = [*DROPPED_FROM_INTEGRATION_REQUESTS_COMMON, "Via"]
+
+# Default headers
+DEFAULT_REQUEST_HEADERS = {"Accept": APPLICATION_JSON, "Connection": "keep-alive"}
+
 
 class PassthroughBehavior(str):
     # TODO maybe this class should be moved where it can also be used for validation in
@@ -48,7 +74,7 @@ def __call__(
         context: RestApiInvocationContext,
         response: Response,
     ):
-        integration: Integration = context.resource_method["methodIntegration"]
+        integration: Integration = context.integration
         integration_type = integration["type"]
 
         integration_request_parameters = integration["requestParameters"] or {}
@@ -59,7 +85,8 @@ def __call__(
 
         if integration_type in (IntegrationType.AWS_PROXY, IntegrationType.HTTP_PROXY):
             # `PROXY` types cannot use integration mapping templates, they pass most of the data straight
-            headers = context.invocation_request["headers"]
+            # We make a copy to avoid modifying the invocation headers and keep a cleaner history
+            headers = context.invocation_request["headers"].copy()
             query_string_parameters: dict[str, list[str]] = context.invocation_request[
                 "multi_value_query_string_parameters"
             ]
@@ -68,31 +95,22 @@ def __call__(
             # HTTP_PROXY still make uses of the request data mappings, and merges it with the invocation request
             # this is undocumented but validated behavior
             if integration_type == IntegrationType.HTTP_PROXY:
-                headers = headers.copy()
-                to_merge = {
-                    k: v
-                    for k, v in request_data_mapping["header"].items()
-                    if k not in ("Content-Type", "Accept")
-                }
-                headers.update(to_merge)
+                # These headers won't be passed through by default from the invocation.
+                # They can however be added through request mappings.
+                drop_headers(headers, ["Host", "Content-Encoding"])
+                headers.update(request_data_mapping["header"])
 
                 query_string_parameters = self._merge_http_proxy_query_string(
                     query_string_parameters, request_data_mapping["querystring"]
                 )
 
             else:
+                self._set_proxy_headers(headers, context.request)
                 # AWS_PROXY does not allow URI path rendering
                 # TODO: verify this
                 path_parameters = {}
 
         else:
-            # default values, can be overridden with right casing
-            default_headers = {
-                "Content-Type": APPLICATION_JSON,
-                "Accept": APPLICATION_JSON,
-            }
-            request_data_mapping["header"] = default_headers | request_data_mapping["header"]
-
             # find request template to raise UnsupportedMediaTypeError early
             request_template = self.get_request_template(
                 integration=integration, request=context.invocation_request
@@ -107,6 +125,13 @@ def __call__(
             headers = Headers(request_data_mapping["header"])
             query_string_parameters = request_data_mapping["querystring"]
 
+        # Some headers can't be modified by parameter mappings or mapping templates.
+        # Aws will raise in those were present. Even for AWS_PROXY, where it is not applying them.
+        if header_mappings := request_data_mapping["header"]:
+            self._validate_headers_mapping(header_mappings, integration_type)
+
+        self._apply_header_transforms(headers, integration_type, context)
+
         # looks like the stageVariables rendering part is done in the Integration part in AWS
         # but we can avoid duplication by doing it here for now
         # TODO: if the integration if of AWS Lambda type and the Lambda is in another account, we cannot render
@@ -223,3 +248,54 @@ def _merge_http_proxy_query_string(
                 new_query_string_parameters[param] = value
 
         return new_query_string_parameters
+
+    @staticmethod
+    def _set_proxy_headers(headers: Headers, request: Request):
+        headers.set("X-Forwarded-For", request.remote_addr)
+        headers.set("X-Forwarded-Port", request.environ.get("SERVER_PORT"))
+        headers.set(
+            "X-Forwarded-Proto",
+            request.environ.get("SERVER_PROTOCOL", "").split("/")[0],
+        )
+
+    @staticmethod
+    def _apply_header_transforms(
+        headers: Headers, integration_type: IntegrationType, context: RestApiInvocationContext
+    ):
+        # Dropping matching headers for the provided integration type
+        match integration_type:
+            case IntegrationType.AWS:
+                drop_headers(headers, DROPPED_FROM_INTEGRATION_REQUESTS_AWS)
+            case IntegrationType.HTTP | IntegrationType.HTTP_PROXY:
+                drop_headers(headers, DROPPED_FROM_INTEGRATION_REQUESTS_HTTP)
+            case _:
+                drop_headers(headers, DROPPED_FROM_INTEGRATION_REQUESTS_COMMON)
+
+        # Adding default headers to the requests headers
+        default_headers = {
+            **DEFAULT_REQUEST_HEADERS,
+            "User-Agent": f"AmazonAPIGateway_{context.api_id}",
+        }
+        if (
+            content_type := context.request.headers.get("Content-Type")
+        ) and context.request.method not in {HTTPMethod.OPTIONS, HTTPMethod.GET, HTTPMethod.HEAD}:
+            default_headers["Content-Type"] = content_type
+
+        set_default_headers(headers, default_headers)
+        headers.set("X-Amzn-Trace-Id", short_uid())  # TODO
+        if integration_type not in (IntegrationType.AWS_PROXY, IntegrationType.AWS):
+            headers.set("X-Amzn-Apigateway-Api-Id", context.api_id)
+
+    @staticmethod
+    def _validate_headers_mapping(headers: dict[str, str], integration_type: IntegrationType):
+        """Validates and raises an error when attempting to set an illegal header"""
+        to_validate = ILLEGAL_INTEGRATION_REQUESTS_COMMON
+        if integration_type in {IntegrationType.AWS, IntegrationType.AWS_PROXY}:
+            to_validate = ILLEGAL_INTEGRATION_REQUESTS_AWS
+
+        for header in headers.keys():
+            if header.lower() in to_validate:
+                LOG.debug(
+                    "Execution failed due to configuration error: %s header already present", header
+                )
+                raise InternalServerError("Internal server error")
@@ -47,7 +47,7 @@ def __call__(
     ):
         # TODO: we should log the response coming in from the Integration, either in Integration or here.
         #  before modification / after?
-        integration: Integration = context.resource_method["methodIntegration"]
+        integration: Integration = context.integration
         integration_type = integration["type"]
 
         if integration_type in (IntegrationType.AWS_PROXY, IntegrationType.HTTP_PROXY):
@@ -58,7 +58,6 @@ def __call__(
         endpoint_response: EndpointResponse = context.endpoint_response
         status_code = endpoint_response["status_code"]
         body = endpoint_response["body"]
-        headers = endpoint_response["headers"]
 
         # we first need to find the right IntegrationResponse based on their selection template, linked to the status
         # code of the Response
@@ -104,26 +103,6 @@ def __call__(
             LOG.debug("Response header overrides: %s", header_override)
             response_headers.update(header_override)
 
-        # setting up default content-type
-        if not response_headers.get("content-type"):
-            response_headers.set("Content-Type", APPLICATION_JSON)
-
-        # TODO : refactor the following into method response using table from
-        #  https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-known-issues.html#api-gateway-known-issues-rest-apis
-        # When trying to override certain headers, they will instead be remapped
-        # There may be other headers, but these have been confirmed on aws
-        remapped_headers = ("connection", "content-length", "date", "x-amzn-requestid")
-        for header in remapped_headers:
-            if value := response_headers.get(header):
-                response_headers[f"x-amzn-remapped-{header}"] = value
-                response_headers.remove(header)
-
-        # Those headers are passed through from the response headers, there might be more?
-        passthrough_headers = ["connection"]
-        for header in passthrough_headers:
-            if values := headers.getlist(header):
-                response_headers.setlist(header, values)
-
         LOG.debug("Method response body after transformations: %s", body)
         context.invocation_response = InvocationResponse(
             body=body,
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,7 @@ def __init__(self):`
`33`	`33`	`)`
`34`	`34`	`self.response_handlers.extend(`
`35`	`35`	`[`
	`36`	`+ handlers.response_enricher`
`36`	`37`	`# add composite response handlers?`
`37`	`38`	`]`
`38`	`39`	`)`