带有代理设置的AWS API Gateway自定义授权者-向请求添加自定义标头 [英] AWS API Gateway Custom Authorizer with Proxy setup - Add Custom Headers to Request
问题描述
我所拥有的:
- 将AWS API网关设置为代理(/{proxy +})
- 自定义Auth函数,用于授权此代理设置的传入请求.
-
自定义auth函数通过上下文"对象将我想传递的其他信息传递给请求,例如:
- AWS API gateway setup as a proxy (/{proxy+})
- A custom Auth function which authorizes the incoming request for this proxy setup.
The custom auth function is passing the additional information I want to pass along to the request via the "context" object, like so:
{ "principalId":"yyyyyyyy", "policyDocument":{ "Version":"2012-10-17", 陈述": [ { "Action":"execute-api:Invoke", 效果":允许|拒绝", 资源":一些arn" } ] }, 语境": { "customInfo1":你好", "customInfo2":世界" } }
{ "principalId": "yyyyyyyy", "policyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": "execute-api:Invoke", "Effect": "Allow|Deny", "Resource": "some arn" } ] }, "context": { "customInfo1": "hello", "customInfo2": "world" } }
我需要什么:
- 我需要将上面上下文对象中传递的自定义信息传递到自定义标头中,然后传递给目标函数.
我所知道的:
- 如果这不是代理,我本可以使用映射模板来获得所需的结果.
推荐答案
解决了这个问题,当配置为代理时,AWS将其传递给Lambda:
Figured it out, AWS passes this to Lambda when configured as a proxy:
{
"resource": "/{proxy+}",
"path": "/echo",
"httpMethod": "POST",
"headers": {
"Accept-Type": "application/json",
"Authorization": "Bearer xxx",
"CloudFront-Forwarded-Proto": "https",
"CloudFront-Is-Desktop-Viewer": "true",
"CloudFront-Is-Mobile-Viewer": "false",
"CloudFront-Is-SmartTV-Viewer": "false",
"CloudFront-Is-Tablet-Viewer": "false",
"CloudFront-Viewer-Country": "IN",
"Content-Type": "application/json",
"Host": "yyy.execute-api.us-east-1.amazonaws.com",
"User-Agent": "Fiddler",
"Via": "1.1 aaa.cloudfront.net (CloudFront)",
"X-Amz-Cf-Id": "uuu",
"X-Amzn-Trace-Id": "Root=1-58e5w17a-58ff31a846954e0f2aa7cd2c",
"X-Forwarded-For": "115.112.36.246, 54.182.242.113",
"X-Forwarded-Port": "443",
"X-Forwarded-Proto": "https"
},
"queryStringParameters": null,
"pathParameters": {
"proxy": "echo"
},
"stageVariables": null,
"requestContext": {
"accountId": "1234567890",
"resourceId": "1t2w8a",
"stage": "dev",
"authorizer": {
"customKey": "1",
"eee": "1",
"principalId": "2",
"otherkey": "hello",
"somekey": "1,2"
},
"requestId": "qqq",
"identity": {
"cognitoIdentityPoolId": null,
"accountId": null,
"cognitoIdentityId": null,
"caller": null,
"apiKey": null,
"sourceIp": "aaa.bbb.qq.www",
"accessKey": null,
"cognitoAuthenticationType": null,
"cognitoAuthenticationProvider": null,
"userArn": null,
"userAgent": "Fiddler",
"user": null
},
"resourcePath": "/{proxy+}",
"httpMethod": "POST",
"apiId": "123"
},
"body": "{\"ola\": \"\"}",
"isBase64Encoded": false
}
在上面的requestContext
部分中,我已经通过我的自定义授权者传递的所有键都已经存在.
In the requestContext
section above, all the keys that I passed via my custom authorizer is already present.
这篇关于带有代理设置的AWS API Gateway自定义授权者-向请求添加自定义标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!