从自定义授权者Lambda函数访问POST请求正文 [英] Access POST Request body from Custom Authorizer Lambda Function
问题描述
我在AWS中有一个自定义的授权者lambda函数,该函数配置为一个具有POST资源的API到另一个Lambda函数.
I've got a custom authorizer lambda function in AWS configured for an API to another Lambda function with a POST resource.
授权者的设置类型为Request,而不是Token,因为我没有在Authorization标头中使用令牌,而是希望访问要发布的表单数据.
The authorizer is setup as of type Request, not Token, because I am not using tokens in the Authorization header, and instead want to access form data that is being posted.
当我检查授权程序功能的event参数的内容时,没有看到任何原始的POST请求主体(表单数据).但是,如果我将资源更改为GET,则会按预期在queryStringParameters中看到表单数据.
When I inspect the contents of the event parameter to my authorizer function, I do not see any of the original POST request body (form data). However, if I change my resource to a GET, I see the form data in the queryStringParameters as expected.
(请注意,当请求为POST时,queryStringParameters始终为空对象)
(notice below that when the request is POST, the queryStringParameters is always an empty object)
使用POST方法时,是否仍然可以从函数中的请求访问表单数据?
Is there anyway to access the form data from the request in the function, when using a POST method?
以下是使用POST时授权者函数的event参数将包含的示例:
Here's an example of what the event parameter to the authorizer function will contain when using POST:
{
type: 'REQUEST',
methodArn: 'arn:aws:execute-api:us-east-1:********:********/dev/POST/receive',
resource: '/receive',
path: '/sms/receive',
httpMethod: 'POST',
headers: {
Accept: '*/*',
'CloudFront-Viewer-Country': 'US',
'CloudFront-Forwarded-Proto': 'https',
'CloudFront-Is-Tablet-Viewer': 'false',
'CloudFront-Is-Mobile-Viewer': 'false',
'User-Agent': 'TwilioProxy/1.1',
'X-Forwarded-Proto': 'https',
'CloudFront-Is-SmartTV-Viewer': 'false',
Host: 'api.myredactedcompany.io',
'X-Forwarded-Port': '443',
'X-Amzn-Trace-Id': 'Root=**************',
Via: '1.1 ***************.cloudfront.net (CloudFront)',
'Cache-Control': 'max-age=259200',
'X-Twilio-Signature': '***************************',
'X-Amz-Cf-Id': '****************************',
'X-Forwarded-For': '[redacted IP addresses]',
'Content-Length': '492',
'CloudFront-Is-Desktop-Viewer': 'true',
'Content-Type': 'application/x-www-form-urlencoded'
},
queryStringParameters: {},
pathParameters: {},
stageVariables: {},
requestContext: {
path: '/sms/receive',
accountId: '************',
resourceId: '*****',
stage: 'dev',
requestId: '5458adda-ce2c-11e7-ba08-b7e69bc7c01c',
identity: {
cognitoIdentityPoolId: null,
accountId: null,
cognitoIdentityId: null,
caller: null,
apiKey: '',
sourceIp: '[redacted IP]',
accessKey: null,
cognitoAuthenticationType: null,
cognitoAuthenticationProvider: null,
userArn: null,
userAgent: 'TwilioProxy/1.1',
user: null
},
resourcePath: '/receive',
httpMethod: 'POST',
apiId: '*******'
}
}
推荐答案
每个此答案针对类似的问题,它似乎没有将正文提供给自定义授权者.文档此处未列出身体参数.我认为也许是因为授权者应该依赖路由和标头,而不是进入应用程序级主体数据.
Per this answer to a similar question, it does not seem the body is provided to custom authorizers. Documentation here does not list a body parameter. I think perhaps the thinking is that the authorizer should rely on the route and headers rather than getting into the application-level body data.
这篇关于从自定义授权者Lambda函数访问POST请求正文的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
