https://serverless-stack.com/ logo
#help
Title
# help
k

Karmo Rosental

06/01/2022, 11:54 PM
Hi serverless people! 👋 I'm trying to add a lambda authorizer but I get
{"message":"Unauthorized"}
before authorizer is even run. I can't see what I am doing differently from the official example.
Copy code
authorizers: {
            lambda: {
                type: "lambda",
                responseTypes: ["simple"],
                function: new Function(stack, "Authorizer", {
                    handler: `functions/authorizer.main`,
                }),
            },
        },
Copy code
defaults: {
            authorizer: "lambda",
        },
If I try to access protected endpoint then nothing at all is printed to terminal like it is for public endpoint. `functions/authorizer.ts`:
Copy code
export const main = async (event) => {
    console.log("Inside authorizer");
};
Where it can get blocked?
o

outaTiME

06/02/2022, 12:34 AM
Hi @Karmo Rosental, so you say (I suspect) that it could be the
ttl
that the authorizer handles by default (which is 5 minutes), maybe you were doing some tests and it was saved in the cache, you can force it using
resultsCacheTtl
in 0, for another side I remind you that it is always necessary for the authorizer to return some value for everything to work correctly
k

Karmo Rosental

06/02/2022, 10:18 AM
I set
resultsCacheTtl: "0 seconds",
and return this:
Copy code
export const main = async (event) => {
    console.log("Inside authorizer");
    return {
        isAuthorized: true,
        context: {
            username: "123",
        },
    };
};
Still nothing is printed out and it gives 401 Unauthorized.
o

outaTiME

06/02/2022, 12:33 PM
Are you using simple response type?
k

Karmo Rosental

06/02/2022, 7:28 PM
Yes
o

outaTiME

06/02/2022, 7:40 PM
mmm, wired … could you share the complete code of your Api construct?
k

Karmo Rosental

06/02/2022, 9:33 PM
Copy code
const api = new Api(stack, "Api", {
    authorizers: {
        lambda: {
            type: "lambda",
            responseTypes: ["simple"],
            function: new Function(stack, "Authorizer", {
                handler: `functions/authorizer.main`,
            }),
        },
    },
    defaults: {
        authorizer: "lambda",
        function: {
            environment: {
                DATABASE: SERVICE,
                CLUSTER_ARN: rds.clusterArn,
                SECRET_ARN: rds.secretArn,
            },
            permissions: [rds],
        },
    },
    routes: {
        "GET /one": "functions/one.main",
        "GET /two": {
            authorizer: "none",
            function: "functions/two.main",
        },
    },
});
o

outaTiME

06/02/2022, 9:44 PM
Everything seems fine, I don’t see what could be the problem 😪
just in case, did you try to use some other name for the authorizer like
myAuthorizer
instead of
lambda
k

Karmo Rosental

06/02/2022, 9:51 PM
Yes I've tried that as well.
o

outaTiME

06/02/2022, 9:52 PM
🤦‍♂️
which version of SST ?
k

Karmo Rosental

06/02/2022, 9:57 PM
1.2.11
o

outaTiME

06/02/2022, 9:58 PM
@Frank @thdxr 🤔
k

Karmo Rosental

06/02/2022, 10:09 PM
II only found a single line of vendedlog in CloudWatch that status 401 was returned. Nothing under lambda logs about these 401s.
f

Frank

06/03/2022, 7:01 PM
Just gave this a try.. so the way lambda authorizer checks for the
Authorization
header, and then calls the Lambda authorizer.
@Karmo Rosental i’m guessing u r not passing in the header. (Yes, you’d need to pass in the header even if ur authorizer always returns
true
)
You can test by setting the header like this in SST Console
k

Karmo Rosental

06/04/2022, 7:46 AM
@Frank that was exactly my issue 😀 Thank you for helping to figure it out.