问题
API gateway has in-built functionality to perform authorization.
But the examples provided by awslabs have lambda hooked to API gateway, where lambda is authorizing as per this code for a below API gateway:
MyApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Auth:
DefaultAuthorizer: MyLambdaRequestAuthorizer
Authorizers:
MyLambdaRequestAuthorizer:
FunctionPayloadType: REQUEST
FunctionArn: !GetAtt MyAuthFunction.Arn
So, auth token provided by client is received by lambda and then authorised:
exports.handler = async function (event) {
const token = event.queryStringParameters.auth.toLowerCase()
....
switch (token) {
case 'allow':
return generateAuthResponse('user', 'Allow', methodArn)
case 'deny':
return generateAuthResponse('user', 'Deny', methodArn)
default:
return Promise.reject('Error: Invalid token') // Returns 500 Internal Server Error
}
}
but this is not in-built authentication provided by API gateway.
How does API gateway provide in-built authentication?
来源:https://stackoverflow.com/questions/57485799/inbuilt-authentication-mechanism-api-gateway