How to access http headers in custom authorizer AWS lambda function
From API Gateway, I created a custom authorizer for my API using Lambda function in python. API Gateway hands over the incoming auth token using a header I configure(m
-
Here is a SAM template:
ApiGatewayApi: Type: AWS::Serverless::Api Properties: StageName: Prod Auth: Authorizers: MyAuthorizer: FunctionPayloadType: REQUEST FunctionArn: !GetAtt AuthLambda.Arn Identity: Headers: - X-API-KEY - X-API-ID讨论(0) -
This is now possible by using an Authoriser of type 'Request' instead of Token
Full details are here: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
Fundamentally, all headers are passed in the event object for a Request authorisation
ie headers object on event
"headers": { "X-wibble": "111", "X-wobble": "222", "x-amzn-ssl-client-hello": "*Deleted*", "Via": "1.1 .cloudfront.net (CloudFront)", "CloudFront-Is-Desktop-Viewer": "true", "CloudFront-Is-SmartTV-Viewer": "false", "CloudFront-Forwarded-Proto": "https", "X-Forwarded-For": "*Deleted*", "CloudFront-Viewer-Country": "GB", "Accept": "*/*", "User-Agent": "curl/7.55.1", "X-Amzn-Trace-Id": "Root=*Deleted*", "Host": "*Deleted*.execute-api.eu-west-1.amazonaws.com", "X-Forwarded-Proto": "https", "X-Amz-Cf-Id": "*Deleted*", "CloudFront-Is-Tablet-Viewer": "false", "X-Forwarded-Port": "443", "CloudFront-Is-Mobile-Viewer": "false" }讨论(0) -
Just following this, as we would very much like this feature. The result of only having the header to authorize on is that we can only authorize all our lambda functions based on the same logic, even though that is not what we want.
As a workaround, we have talked about solutions to include more data in the header (which isn't optimal)
Otherwise there's always the possibility of doing specific authorization in the lambda function themselves, but in that case, we really have no use for the custom API gateway authorizer.
讨论(0)
加载中...
- 热议问题