问题
I'm following this tutorial to use Cognito to authorize the access to my lambda function through API Gateway.
I already create my user pool with a validated user, an API Gateway authorizer and a lambda function to login and get the token ID.
When I get the token ID with my lambda function and test it in AWS console, the authorizer returns 200, so I think it is working, but when I try to send the token to my lambda function it returns "401 Unauthorized"
My YML configuration:
teste:
handler: handler.teste
memorySize: 128
events:
- http:
path: teste
method: get
authorizer:
name: api-authorizer
arn: arn:aws:cognito-idp:XXXXXXXXX:XXXXXXXXXX:userpool/XXXXXXX_XXXXXXX
type: token
EDIT
I looked at AWS Console how was my lambda function and API Gateway trigger had this details:
Autorização: COGNITO_USER_POOLS
Caminho do recurso: /teste
Endpoint de API: https://XXXXXXXXX.execute-api.XXXXXXXXX.amazonaws.com/dev/teste
Estágio: dev
Método: GET
EDIT 2
I also discovery that my serverless version is 1.47 and it looks like it is the most updated although I've read some questions on Stack where they said that serverless is in 1.5
回答1:
I read this page a few times and I realize that I wasn't using the correct way, so I change my YML code to this:
functions:
teste:
handler: handler.teste
memorySize: 128
events:
- http:
path: teste
method: get
type: COGNITO_USER_POOLS
authorizer:
arn: arn:aws:cognito-idp:XXXXXXXX:XXXXXXXXX:userpool/XXXXXXXX_XXXXXXXXX
authorizerId:
Ref: api-authorizer
And I also change my authorizer source to Authorization.
来源:https://stackoverflow.com/questions/56971070/how-to-configure-my-serverless-yml-to-use-my-api-gateway-authorizer