是否可以将阶段变量传递给AWS API Gateway中的自定义授权者? [英] Is it possible to pass a stage variables to a custom authorizer in AWS API Gateway?

问题描述

我目前正在使用AWS API Gateway开发API.我正在向客户端发行JSON Web令牌(JWT).该JWT是使用机密签名的.我目前正在将秘密存储在阶段变量中.

I'm currently developing an API using AWS API Gateway. I'm issuing a JSON Web Token (JWT) to my client. That JWT is signed using a secret. I'm currently storing the secret in stage variables.

我想使用自定义授权者来验证JWT的签名.但是，我似乎找不到找到将包含我的机密的阶段变量传递给自定义授权者的方法.

I want to use a custom authorizer to validate the JWT's signature. However I can't seem to find a way of passing the stage variable containing my secret to my custom authorizer.

对于发布JWT的授权端点，我使用了 Lambda代理集成将秘密从stage变量传递到我的Lambda函数.但是，自定义授权者似乎没有等效功能.

For the authorisation endpoint issuing the JWT, I've used Lambda Proxy Integration to pass the secret from the stage variable to my Lambda function. However there doesn't seem to be an equivalent feature for custom authorizers.

推荐答案

当前无法从自定义授权者函数访问阶段变量.但是，我们正在考虑将其用于将来的开发.

It's not currently possible to access stage variables from your custom authorizer function. However, we are considering this for future development.

我强烈建议不要将秘密存储在阶段变量中，而是选择一个秘密管理解决方案(例如 KMS ).可以从您的自定义授权者函数中轻松调用KMS.

I would urge against storing secrets in stage variables and opt for a secret management solution (such as KMS) instead. KMS can be easily called from within your custom authorizer function.

这篇关于是否可以将阶段变量传递给AWS API Gateway中的自定义授权者?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！