IoTCoreCustomAuthorizerResponse create invalid payalod

[flobz]

It seems that IoTCoreCustomAuthorizerResponse can create a payload not accepted by AWS IOT broker.

The following attributes: pub policy_documents: Vec<Option<IamPolicyDocument>> allow a Vec that contains None but AWS IOT broker raise an AUTHORIZATION_FAILURE error in that case.

The corresponding json value is:

   "policyDocuments": [                                                                                                                                                                                                            
      null                                                                                                                                                                                                                        
    ]

Should policy_documents type be: Vec<IamPolicyDocument>> instead ?

[jlizen]

A non-breaking fix would be to keep Vec<Option<IamPolicyDocument>> and add a custom serializer that filters out None elements before writing the array. Since skip_serializing_if operates at the field level (not per-element), this would need a small custom serialize function, e.g.:

fn serialize_non_null<S, T: Serialize>(values: &[Option<T>], serializer: S) -> Result<S::Ok, S::Error>
where
    S: Serializer,
{
    values.iter().flatten().collect::<Vec<_>>().serialize(serializer)
}

This would live in lambda-events/src/custom_serde/mod.rs alongside the other custom serde helpers, and be applied as #[serde(serialize_with = "serialize_non_null")] on the policy_documents field. The field should also get a doc comment noting that None elements are dropped during serialization since the IoT broker rejects them.

Ideally the type would be Vec<IamPolicyDocument> since the broker never accepts null elements, but that would be a breaking change. The custom serializer is a good workaround that can ship without a major version bump.

Glad to review a PR on this :)