Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

How to send the token in aws appsync lambda authorizer?

0

this is my amplify app sync schema grapgql

type ClientDetails @model @auth(rules: [{ allow: custom }]) {
  id: ID!
  tenant: ID
  OrganizationName: String!
  SuperUser: String!
}

my lambda authorizer code was,

export const handler = async (event) => {
  console.log(`EVENT: ${JSON.stringify(event)}`);
  const {
    authorizationToken,
    requestContext: { apiId, accountId },
  } = event;
  const response = {
    isAuthorized: authorizationToken === 'custom-authorized',
    resolverContext: {
      userid: 'user-id',
      info: 'contextual information A',
      more_info: 'contextual information B',
    },
    deniedFields: [
      `arn:aws:appsync:${process.env.AWS_REGION}:${accountId}:apis/${apiId}/types/Event/fields/comments`,
      `Mutation.createEvent`,
    ],
    ttlOverride: 300,
  };
  console.log(`response >`, JSON.stringify(response, null, 2));
  return response;
};

Why do I only send (authorizationToken === 'custom-authorized'), I want to send the Bearer Tokens (Access, ID, and Referesh) in that authorization. but I don't know how to do that!

Themen
ServerlosFrontend-Web & MobileAnwendungsintegrationKalkulation
Tags
AWS AppSyncAWS LambdaAWS Amplify
Sprache
English
NareshKumar
gefragt vor 5 Monaten257 Aufrufe
1 Antwort
0

Hello,

From your query, I could understand that you would like to implement lambda authorizer with Appsync and understand that you are referring example code of the Lambda function from this blog [1].

Please note that, the provided example code is designed to demonstrate Appsync to Lambda authorizer integration with minimal functionality and validate a static Authorization code.

===========

const response = {

isAuthorized: authorizationToken === 'custom-authorized',

===========

Thus, you need to send static authorization code only "Authorization:custom-authorized" $ curl -XPOST -H "Content-Type:application/graphql" -H "Authorization:custom-authorized" -d '{"query": "query { listEvents { items { id } } }"}' https://YOURAPPSYNCENDPOINT/graphql

Further, to validate Bearer (JWT) Tokens in your Lambda function, you need to update the Lambda authorizer code accordingly to parse the JWT token received and validate the same as per your requirement. Additionally, I have found few third party links with examples here [2] [3]. Kindly note that, AWS does not endorse any third party link, however, this is shared only for reference purpose.

============================

Reference :

[1] https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/

[2] https://github.com/mikaelvesavuori/lambda-auth-jwt-demo/blob/main/src/controllers/AuthController.ts

[3] https://github.com/tomoima525/auth0-appsync-custom-authorizer/blob/main/functions/authorizer/index.ts

AWS
SUPPORT-TECHNIKER
rePost-User-1490882
beantwortet vor 4 Monaten
profile picture
EXPERTE
Giovanni Lauria
überprüft vor einem Monat

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt