Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Introduce header to override authorizer response #1328

Merged
merged 2 commits into from
Feb 3, 2022
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Change header style to kebab-case to match other headers
SLS_OFFLINE_AUTHORIZER_OVERRIDE ==> sls-offline-authorizer-override
and run prettier on readme
  • Loading branch information
ericctsf committed Feb 3, 2022
commit ce0830cdb2fc541c4b2bc22e81ce433df479200c
18 changes: 9 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
@@ -364,11 +364,11 @@ only enabled with the `--ignoreJWTSignature` flag. Make sure to only set this fl

You are able to use some custom headers in your request to gain more control over the requestContext object.

| Header | Event key | Example |
| ------------------------------- | ----------------------------------------------------------- | ------- |
| cognito-identity-id | event.requestContext.identity.cognitoIdentityId | |
| cognito-authentication-provider | event.requestContext.identity.cognitoAuthenticationProvider | |
| SLS_OFFLINE_AUTHORIZER_OVERRIDE | event.requestContext.authorizer | { "iam": {"cognitoUser": { "amr": ["unauthenticated"], "identityId": "abc123" }}} |
| Header | Event key | Example |
| ------------------------------- | ----------------------------------------------------------- | --------------------------------------------------------------------------------- |
| cognito-identity-id | event.requestContext.identity.cognitoIdentityId | |
| cognito-authentication-provider | event.requestContext.identity.cognitoAuthenticationProvider | |
| sls-offline-authorizer-override | event.requestContext.authorizer | { "iam": {"cognitoUser": { "amr": ["unauthenticated"], "identityId": "abc123" }}} |

By doing this you are now able to change those values using a custom header. This can help you with easier authentication or retrieving the userId from a `cognitoAuthenticationProvider` value.

@@ -745,10 +745,10 @@ We try to follow [Airbnb's JavaScript Style Guide](https://github.com/airbnb/jav
| :------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------------------------------------------------------------------------------------------: | :-----------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------------------------------------------------------------------------------: |
| [lteacher](https://github.com/lteacher) | [martinmicunda](https://github.com/martinmicunda) | [nori3tsu](https://github.com/nori3tsu) | [ppasmanik](https://github.com/ppasmanik) | [ryanzyy](https://github.com/ryanzyy) |

| [<img alt="m0ppers" src="https://avatars3.githubusercontent.com/u/819421?v=4&s=117" width="117">](https://github.com/m0ppers) | [<img alt="footballencarta" src="https://avatars0.githubusercontent.com/u/1312258?v=4&s=117" width="117">](https://github.com/footballencarta) | [<img alt="bryanvaz" src="https://avatars0.githubusercontent.com/u/9157498?v=4&s=117" width="117">](https://github.com/bryanvaz) | [<img alt="njyjn" src="https://avatars.githubusercontent.com/u/10694375?v=4&s=117" width="117">](https://github.com/njyjn) | |
| [<img alt="m0ppers" src="https://avatars3.githubusercontent.com/u/819421?v=4&s=117" width="117">](https://github.com/m0ppers) | [<img alt="footballencarta" src="https://avatars0.githubusercontent.com/u/1312258?v=4&s=117" width="117">](https://github.com/footballencarta) | [<img alt="bryanvaz" src="https://avatars0.githubusercontent.com/u/9157498?v=4&s=117" width="117">](https://github.com/bryanvaz) | [<img alt="njyjn" src="https://avatars.githubusercontent.com/u/10694375?v=4&s=117" width="117">](https://github.com/njyjn) | |
| :---------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------: | :------------------------------------------------------------------------------------------------------------------------------: | :------------------------------------------------------------------------------------------------------------------------: | ------------------------------------- |
| [m0ppers](https://github.com/m0ppers) | [footballencarta](https://github.com/footballencarta) | [bryanvaz](https://github.com/bryanvaz) | [njyjn](https://github.com/njyjn) | [kdybicz](https://github.com/kdybicz) |
| [m0ppers](https://github.com/m0ppers) | [footballencarta](https://github.com/footballencarta) | [bryanvaz](https://github.com/bryanvaz) | [njyjn](https://github.com/njyjn) | [kdybicz](https://github.com/kdybicz) |

| [<img alt="ericctsf" src="https://avatars.githubusercontent.com/u/42775388?s=400&v=4" width="117">](https://github.com/ericctsf) | | | | |
| :------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------------------------------------------------------------------------------------------: | :-----------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------------------------------------------------------------------------------: |
| [ericctsf](https://github.com/erictsf) | | | | |
| :------------------------------------------------------------------------------------------------------------------------------: | :-: | :-: | :-: | :-: |
| [ericctsf](https://github.com/erictsf) | | | | |
8 changes: 4 additions & 4 deletions src/events/http/lambda-events/LambdaProxyIntegrationEvent.js
Original file line number Diff line number Diff line change
@@ -75,17 +75,17 @@ export default class LambdaProxyIntegrationEvent {
// NOTE FIXME request.raw.req.rawHeaders can only be null for testing (hapi shot inject())
const headers = parseHeaders(rawHeaders || []) || {}

if (headers.SLS_OFFLINE_AUTHORIZER_OVERRIDE) {
if (headers['sls-offline-authorizer-override']) {
try {
authAuthorizer = parse(headers.SLS_OFFLINE_AUTHORIZER_OVERRIDE)
authAuthorizer = parse(headers['sls-offline-authorizer-override'])
} catch (error) {
if (this.log) {
this.log.error(
'Could not parse header SLS_OFFLINE_AUTHORIZER_OVERRIDE, make sure it is correct JSON',
'Could not parse header sls-offline-authorizer-override, make sure it is correct JSON',
)
} else {
console.error(
'Serverless-offline: Could not parse header SLS_OFFLINE_AUTHORIZER_OVERRIDE make sure it is correct JSON.',
'Serverless-offline: Could not parse header sls-offline-authorizer-override make sure it is correct JSON.',
)
}
}
Original file line number Diff line number Diff line change
@@ -63,17 +63,17 @@ export default class LambdaProxyIntegrationEventV2 {
// NOTE FIXME request.raw.req.rawHeaders can only be null for testing (hapi shot inject())
const headers = parseHeaders(rawHeaders || []) || {}

if (headers.SLS_OFFLINE_AUTHORIZER_OVERRIDE) {
if (headers['sls-offline-authorizer-override']) {
try {
authAuthorizer = parse(headers.SLS_OFFLINE_AUTHORIZER_OVERRIDE)
authAuthorizer = parse(headers['sls-offline-authorizer-override'])
} catch (error) {
if (this.log) {
this.log.error(
'Could not parse header SLS_OFFLINE_AUTHORIZER_OVERRIDE, make sure it is correct JSON',
'Could not parse header sls-offline-authorizer-override, make sure it is correct JSON',
)
} else {
console.error(
'Serverless-offline: Could not parse header SLS_OFFLINE_AUTHORIZER_OVERRIDE make sure it is correct JSON.',
'Serverless-offline: Could not parse header sls-offline-authorizer-override make sure it is correct JSON.',
)
}
}
Original file line number Diff line number Diff line change
@@ -66,7 +66,7 @@ describe('override authorizer tests', () => {
req: {
path: '/gateway_v2_http_api',
headers: {
SLS_OFFLINE_AUTHORIZER_OVERRIDE: JSON.stringify(headerAuthorizer),
'sls-offline-authorizer-override': JSON.stringify(headerAuthorizer),
},
},
res: {
@@ -79,7 +79,7 @@ describe('override authorizer tests', () => {
req: {
path: '/dev/gateway_v1_rest_api',
headers: {
SLS_OFFLINE_AUTHORIZER_OVERRIDE: JSON.stringify(headerAuthorizer),
'sls-offline-authorizer-override': JSON.stringify(headerAuthorizer),
},
},
res: {