Related Articles

13 Comments

  1. 1

    shantanu oak

    Informative article. But I could not copy-paste Authorization Lambda function. github link?

    Reply
    1. 1.1

      Onur SALK

      Hi Shantanu,

      Here is the link.

      Reply
  2. Pingback: Summary April 14, 2016 – grahn.xyz

  3. 2

    darkpenguin350

    Hey i can test my Custom Authorizer directly no problem, but even though it’s assigned using the Authorization Settings dropdown, the invoked API services don’t seem to hit it (well, $context.authorizer.principalId is “” and I don’t see anything in the logs unless I hit it directly). Just seems to ignore the authorizer. Allows the calls through no matter what credentials (disturbing as well). What do you think?

    Reply
    1. 2.1

      Onur SALK

      Did you published your api after adding the CA?

      Reply
  4. 3

    Mrinmaya Shrivastava

    Hi Onur SALK,

    Informative article. We are using this custom authorizer in our live project as well. Now, we have a requirement where we want to add any custom header into the custom authorizer and fetch that. As per the documentation and our POC, we were not able to achieve this. Is there any way to fetch the headers other than the Authorization or custom header inside the custom-authorizer Lambda function.

    Regards,
    Mrinmaya

    Reply
    1. 3.1

      Onur SALK

      Hi,

      This is currently not possible. If you don’t use custom authorizer, you can handle authentication etc and fetch the headers within the receiving Lambda function in your integration.

      Reply
  5. 4

    James Blantz

    any chance you have a link to the sample deployment .zip file that includes the code + JWT dependency?

    Reply
    1. 4.1

      Onur SALK

      Hi James,

      You can the zip file here.

      Reply
      1. 4.1.1

        James Blantz

        Thank you. What did you use to encode the payload? Did you run this in python?

        import jwt,datetime,re
        payload = {
        “UserName”:”Onur”,
        ‘exp’: datetime.datetime.utcnow()
        }

        #Encode the payload
        secret = ‘my-secret’
        encoded = jwt.encode(payload, secret, algorithm=’HS256′})

        ##Frontend – javascript request
        request ={
        “authorizationToken” : encoded
        }

        Also I tried setting the test CA up and when I run it with any payload I get

        {
        “message”: null
        }

        Which leads me to believe messed up the syntax for the context someplace…

        Reply
        1. 4.1.1.1

          Onur SALK

          Hi James,

          I used jwt(https://jwt.io/) pyhton library to encode it. You can find the documentation of it here.

          Reply
  6. 5

    James Blantz

    Thanks Onur, where is the handler method defined in this? Creating the lambda function requires the Handler method value?

    Reply
    1. 5.1

      James Blantz

      nevermind. Think I figured it out. jwtwekanban.lambda_handler

      Reply

Leave a Reply to Mrinmaya Shrivastava Cancel reply