如何解决Apigateway aws 服务的授权方请求问题
我正在尝试使用 Lambda (node.js) 为 websocket 创建一个简单的请求授权器,但我不断收到错误 500。我使用的代码是 aws 文档中提供的演示。我调用的 url wss://*****/production?QueryString1=queryValue1
我已经在 apigateway 上创建了一个请求授权器并遵循了 aws apigateway 文档中的所有说明,但仍然得到未经授权的响应或 500?
exports.handler = function(event,context,callback) {
console.log('Received event:',JSON.stringify(event,null,2));
// A simple request-based authorizer example to demonstrate how to use request
// parameters to allow or deny a request. In this example,a request is
// authorized if the client-supplied headerauth1 header,QueryString1
// query parameter,and stage variable of StageVar1 all match
// specified values of 'headerValue1','queryValue1',and 'stageValue1',// respectively.
// Retrieve request parameters from the Lambda function input:
var headers = event.headers;
var queryStringParameters = event.queryStringParameters;
var pathParameters = event.pathParameters;
var stageVariables = event.stageVariables;
// Parse the input for the parameter values
var tmp = event.methodArn.split(':');
var apiGatewayArnTmp = tmp[5].split('/');
var awsAccountId = tmp[4];
var region = tmp[3];
var restApiId = apiGatewayArnTmp[0];
var stage = apiGatewayArnTmp[1];
var method = apiGatewayArnTmp[2];
var resource = '/'; // root resource
if (apiGatewayArnTmp[3]) {
resource += apiGatewayArnTmp[3];
}
// Perform authorization to return the Allow policy for correct parameters and
// the 'Unauthorized' error,otherwise.
var authResponse = {};
var condition = {};
condition.IpAddress = {};
if (//headers.headerauth1 === "headerValue1"
queryStringParameters.QueryString1 === "queryValue1"
//&& stageVariables.StageVar1 === "stageValue1"
){
callback(null,generateAllow('me',event.methodArn));
} else {
callback("Unauthorized");
}
}
// Help function to generate an IAM policy
var generatePolicy = function(principalId,effect,resource) {
// Required output:
var authResponse = {};
authResponse.principalId = principalId;
if (effect && resource) {
var policyDocument = {};
policyDocument.Version = '2012-10-17'; // default version
policyDocument.Statement = [];
var statementOne = {};
statementOne.Action = 'execute-api:Invoke'; // default action
statementOne.Effect = effect;
statementOne.Resource = resource;
policyDocument.Statement[0] = statementOne;
authResponse.policyDocument = policyDocument;
}
// Optional output with custom properties of the String,Number or Boolean type.
authResponse.context = {
"stringKey": "stringval","numberKey": 123,"booleanKey": true
};
return authResponse;
}
var generateAllow = function(principalId,resource) {
return generatePolicy(principalId,'Allow',resource);
}
var generateDeny = function(principalId,'Deny',resource);
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。