如何配置我的无服务器YML以使用我的API网关授权器? [英] How to configure my Serverless YML to use my API Gateway Authorizer?
问题描述
我正在关注此教程,以使用Cognito授权通过API网关访问我的lambda函数.
I'm following this tutorial to use Cognito to authorize the access to my lambda function through API Gateway.
我已经用一个经过验证的用户,一个API网关授权者和一个lambda函数来创建我的用户池,以登录并获取令牌ID.
I already create my user pool with a validated user, an API Gateway authorizer and a lambda function to login and get the token ID.
当我使用lambda函数获取令牌ID并在AWS控制台中对其进行测试时,授权者返回200,因此我认为它正在运行,但是当我尝试将令牌发送至lambda函数时,它将返回"401 Unauthorized"
When I get the token ID with my lambda function and test it in AWS console, the authorizer returns 200, so I think it is working, but when I try to send the token to my lambda function it returns "401 Unauthorized"
我的YML配置:
teste:
handler: handler.teste
memorySize: 128
events:
- http:
path: teste
method: get
authorizer:
name: api-authorizer
arn: arn:aws:cognito-idp:XXXXXXXXX:XXXXXXXXXX:userpool/XXXXXXX_XXXXXXX
type: token
编辑
我查看了AWS Console,我的lambda函数和API Gateway触发器的详细信息如何:
I looked at AWS Console how was my lambda function and API Gateway trigger had this details:
Autorização: COGNITO_USER_POOLS
Caminho do recurso: /teste
Endpoint de API: https://XXXXXXXXX.execute-api.XXXXXXXXX.amazonaws.com/dev/teste
Estágio: dev
Método: GET
编辑2
我还发现我的无服务器版本为1.47,并且看起来是最新的,尽管我在Stack上读了一些问题,他们说无服务器版本为1.5
I also discovery that my serverless version is 1.47 and it looks like it is the most updated although I've read some questions on Stack where they said that serverless is in 1.5
推荐答案
I read this page a few times and I realize that I wasn't using the correct way, so I change my YML code to this:
functions:
teste:
handler: handler.teste
memorySize: 128
events:
- http:
path: teste
method: get
type: COGNITO_USER_POOLS
authorizer:
arn: arn:aws:cognito-idp:XXXXXXXX:XXXXXXXXX:userpool/XXXXXXXX_XXXXXXXXX
authorizerId:
Ref: api-authorizer
我还将我的授权者来源更改为授权".
And I also change my authorizer source to Authorization.
这篇关于如何配置我的无服务器YML以使用我的API网关授权器?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!