java - 如何在 AWS Lambda 函数中获取任务 token

Question

我有一个 AWS Step Function 和用 Java 实现的处理程序。
我的步骤函数定义:

definition:
  Comment: Steps for issuing a card
  StartAt: RecipientFraudChecks
  States:
    RecipientFraudChecks:
      Type: Task
      Next: SaveTaskToken
      Resource: arn:aws:lambda:eu-west-1:099720403855:RecipientFraudChecks
    SaveTaskToken:
      Type: Task
      Resource: arn:aws:lambda:eu-west-1:12345678:function:SaveTaskToken
      End: true

我有一个 Java 项目，所有的 Lambda 函数处理程序都在那里定义:

public class SaveTaskToken implements RequestHandler<Map<String,String>, String> {

   ....

   @Override
   public String handleRequest(Map<String, String> input, final Context context) {

      // do the fraud checks
      System.out.println("the context is: " + gson.toJson(context));
      System.out.println("input: " + gson.toJson(input));

}

我正在使用 AWS SAM 在本地运行 step 函数，并根据以下内容触发: https://docs.aws.amazon.com/step-functions/latest/dg/sfn-local-lambda.html#install-sam
在 context 中，我希望看到任务 token ，但我没有。日志显示:

the context is: {
  "memoryLimit": 512,
  "awsRequestId": "5065a9aa-1a4a-46fe-9b58-7dc2194f92b7",
  "logGroupName": "aws/lambda/SaveTaskToken",
  "logStreamName": "$LATEST",
  "functionName": "SaveTaskToken",
  "functionVersion": "$LATEST",
  "invokedFunctionArn": "",
  "cognitoIdentity": {
    "identityId": "",
    "poolId": ""
  },
  "logger": {}
}

事实上，它完全不像我应该期待的全局上下文 in the docs 。
我究竟做错了什么？如何获得任务 token ？
编辑
我将 Parameters 属性添加到“SaveTaskToken”并将资源更改为 arn:aws:states:::lambda:invoke.waitForTaskToken 并且知道我可以获得任务 token :

definition:
  Comment: Steps for issuing a card
  StartAt: RecipientFraudChecks
  States:
    RecipientFraudChecks:
      Type: Task
      Next: SaveTaskToken
      Resource: arn:aws:lambda:eu-west-1:099720403855:RecipientFraudChecks
    SaveTaskToken:
      Type: Task
      Resource: arn:aws:states:::lambda:invoke.waitForTaskToken
      Parameters:
        FunctionName: arn:aws:lambda:eu-west-1:12345678:function:SaveTaskToken
        Payload:
          taskToken
      End: true

在日志中，我可以看到:

the input is: {
  "taskToken": "5286"
}

它导致了另一个问题——它覆盖了状态机的输入。我传入了输入:

{"giftCode": "xxx"}

在第一个 Lambda 函数 RecipientFraudChecks 中，我可以获得输入。但是，在第二个中，由于添加了 Parameters 属性，我现在无法再获取状态机的输入，只有任务 token ...
编辑
在这里实现了答案: https://stackoverflow.com/a/66995869/1246159

{
  "Comment": "Steps for issuing a card",
  "StartAt": "RecipientFraudChecks",
  "States": {
    "RecipientFraudChecks": {
      "Type": "Task",
      "Next": "PauseCardIfNecessary",
      "ResultPath": "$.firstLambdaOutput",
      "Resource": "arn:aws:lambda:us-east-1:123456789012:function:RecipientFraudChecks"
    },
    "PauseCardIfNecessary": {
      "Type": "Task",
      "Next": "GetOrCreateClient",
      "Resource": "arn:aws:states:::lambda:invoke.waitForTaskToken",
      "Parameters": {
        "FunctionName": "arn:aws:lambda:us-east-1:123456789012:function:PauseCardIfNecessary",
        "Payload": {
          "token.$": "$$.Task.Token",
          "otherInput.$": "$"
        }
      }
    },
    "GetOrCreateClient": {
      "Type": "Task",
      "Next": "GetOrAccountClient",
      "Resource": "arn:aws:lambda:us-east-1:123456789012:function:GetOrCreateClient"
    },
    "GetOrAccountClient": {
      "Type": "Task",
      "Resource": "arn:aws:lambda:us-east-1:123456789012:function:GetOrAccountClient",
      "End": true
    }
  }
}

但是我收到另一个错误，这是日志:

arn: aws: states: eu-west-1: 123456789012: execution: HelloWorld5: cardIssue: {
  "Type": "TaskStateExited",
  "PreviousEventId": 5,
  "StateExitedEventDetails": {
    "Name": "RecipientFraudChecks",
    "Output": "{\"inputToStep\":\"xxxx\",\"firstLambdaOutput\":\"output of recipient lambda\"}"
  }
} arn: aws: states: eu-west-1: 123456789012: execution: HelloWorld5: cardIssue: {
  "Type": "TaskStateEntered",
  "PreviousEventId": 6,
  "StateEnteredEventDetails": {
    "Name": "PauseCardIfNecessary",
    "Input": "{\"inputToStep\":\"xxxx\",\"firstLambdaOutput\":\"output of recipient lambda\"}"
  }
} arn: aws: states: eu-west-1: 123456789012: execution: HelloWorld5: cardIssue: {
  "Type": "ExecutionFailed",
  "PreviousEventId": 7,
  "ExecutionFailedEventDetails": {
    "Error": "States.Runtime",
    "Cause": "An error occurred while executing the state 'PauseCardIfNecessary' (entered at the event id #7). The value for the field 'token.$' must be a valid JSONPath expression"
  }
}

Answer 1

任务 token 不会在 lambda 上下文中自动传递，它需要作为输入传递。
context这里不是 lambda 函数的上下文，而是任务的上下文并从上下文中获取详细信息，我们可以使用 $$.在阶跃函数定义中，
前任:

获取任务 token $$.Task.Token

获取开始时间 $$.Execution.StartTime

示例阶跃函数:

First Task 执行带有阶跃函数输入的 Lambda。

使用阶跃函数输入附加第一个 lambda 的输出。

第二个任务使用资源 waitForTaskToken 执行另一个 lambda ，就在这里，我们获取任务 token 并将其与上一步的输出一起作为输入传递。

Step 函数一直等到它得到 SendTaskSuccess或 SendTaskFailure

{
  "StartAt": "fist-lambda-invoke-sync",
  "States": {
    "fist-lambda-invoke-sync": {
      "Next": "second-lambda-invoke-task-token",
      "Type": "Task",
      "ResultPath": "$.firstLambdaOutput",
      "Resource": "arn:aws:lambda:us-east-1:11112223333:function:myfirstlambda"
    },
    "second-lambda-invoke-task-token": {
      "End": true,
      "Type": "Task",
      "Resource": "arn:aws:states:::lambda:invoke.waitForTaskToken",
      "Parameters": {
        "FunctionName": "arn:aws:lambda:us-east-1:11112223333:function:mysecondlambda",
        "Payload": {
          "token.$": "$$.Task.Token",
          "otherInput.$": "$"
        }
      }
    }
  }
}

阶跃函数的输入 :

{
  "inputToStep": "myValue"
}

第一个 Lambda 的输出 :假设它是一个字符串值“10”。由于 "ResultPath": "$.firstLambdaOutput"，它将被附加到输入 Json

{
  "inputToStep": "myValue",
  "firstLambdaOutput": "10"
}

第二个 Lambda 的输入 : 由于 "token.$": "$$.Task.Token"，将收到以下 json 作为输入并附加任务 token 和 "otherInput.$": "$"

{ otherInput: { inputToStep: 'myValue', firstLambdaOutput: '10' },
  token: 'This is where Task Token generated by step function will be sent' }