En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

How to send the token in aws appsync lambda authorizer?

0

this is my amplify app sync schema grapgql

type ClientDetails @model @auth(rules: [{ allow: custom }]) {
  id: ID!
  tenant: ID
  OrganizationName: String!
  SuperUser: String!
}

my lambda authorizer code was,

export const handler = async (event) => {
  console.log(`EVENT: ${JSON.stringify(event)}`);
  const {
    authorizationToken,
    requestContext: { apiId, accountId },
  } = event;
  const response = {
    isAuthorized: authorizationToken === 'custom-authorized',
    resolverContext: {
      userid: 'user-id',
      info: 'contextual information A',
      more_info: 'contextual information B',
    },
    deniedFields: [
      `arn:aws:appsync:${process.env.AWS_REGION}:${accountId}:apis/${apiId}/types/Event/fields/comments`,
      `Mutation.createEvent`,
    ],
    ttlOverride: 300,
  };
  console.log(`response >`, JSON.stringify(response, null, 2));
  return response;
};

Why do I only send (authorizationToken === 'custom-authorized'), I want to send the Bearer Tokens (Access, ID, and Referesh) in that authorization. but I don't know how to do that!

Sujets
Sans serveurWeb et mobile front-endIntégration d'applicationsCalcul
Balises
AWS AppSyncAWS LambdaAWS Amplify
Langue
English
NareshKumar
demandé il y a 5 mois257 vues
1 réponse
0

Hello,

From your query, I could understand that you would like to implement lambda authorizer with Appsync and understand that you are referring example code of the Lambda function from this blog [1].

Please note that, the provided example code is designed to demonstrate Appsync to Lambda authorizer integration with minimal functionality and validate a static Authorization code.

===========

const response = {

isAuthorized: authorizationToken === 'custom-authorized',

===========

Thus, you need to send static authorization code only "Authorization:custom-authorized" $ curl -XPOST -H "Content-Type:application/graphql" -H "Authorization:custom-authorized" -d '{"query": "query { listEvents { items { id } } }"}' https://YOURAPPSYNCENDPOINT/graphql

Further, to validate Bearer (JWT) Tokens in your Lambda function, you need to update the Lambda authorizer code accordingly to parse the JWT token received and validate the same as per your requirement. Additionally, I have found few third party links with examples here [2] [3]. Kindly note that, AWS does not endorse any third party link, however, this is shared only for reference purpose.

============================

Reference :

[1] https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/

[2] https://github.com/mikaelvesavuori/lambda-auth-jwt-demo/blob/main/src/controllers/AuthController.ts

[3] https://github.com/tomoima525/auth0-appsync-custom-authorizer/blob/main/functions/authorizer/index.ts

AWS
INGÉNIEUR EN ASSISTANCE TECHNIQUE
rePost-User-1490882
répondu il y a 4 mois
profile picture
EXPERT
Giovanni Lauria
vérifié il y a un mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents