https://serverless-stack.com/ logo
#help
Title
# help
f

Fazi

02/10/2022, 11:41 AM
Hi, I define a custom authorizer as:
Copy code
const authorizer = new HttpLambdaAuthorizer({
      authorizerName: 'authorizer',
      handler: new Function(this, 'Authorizer', {
        functionName: 'AuthorizerFn',
        srcPath: "src",
        handler: 'authorizer.main',
        tracing: lambda.Tracing.DISABLED,
        timeout: 30,
        permissions: ['ssm'],
      }),
      resultsCacheTtl: Duration.seconds(0),
      responseTypes: [HttpLambdaResponseType.SIMPLE],
    });
I then want to apply it to a specific route as follows:
Copy code
const api = new Api(this, "Api", {
      // defaultAuthorizationType: ApiAuthorizationType.JWT,
      // defaultAuthorizer: new HttpUserPoolAuthorizer({
      //   userPool,
      //   userPoolClient,
      // }),
      // defaultAuthorizationType: ApiAuthorizationType.CUSTOM,
      defaultAuthorizer: authorizer,
      routes: {
        
        // some other routes go here
        
        "GET /v1/tasks/alt": {
          function: getTasksAltFunction,
          authorizationType: ApiAuthorizationType.CUSTOM,
        },
        
        // some other routes go here
      },
    });
However, when I make a call to
GET /v1/tasks/alt
I get a unauthorized error. Can someone please explain what is going wrong? I used the docs here: https://docs.serverless-stack.com/constructs/Api#adding-lambda-authorization-to-a-specific-route
r

Ross Coundon

02/10/2022, 11:46 AM
When I’ve done it I’ve defined a function to perform the authorisation like this:
Copy code
const basicAuthHandler = new sst.Function(this, 'basicAuthHandler', {
  handler: 'src/main/handlers/auth/basicAuthHandler.handler',    
});
Then defined the HttpLambdaAuthorizer like this - with the function being passed as the 2nd parameter
Copy code
const basicAuthoriser = new apigAuthorizers.HttpLambdaAuthorizer('basic-authorizer', basicAuthHandler, {
      authorizerName: 'lambdaBasicAuthoriser',
});
Then on the API like this:
Copy code
const api = new sst.Api(this, 'Api', {
      defaultAuthorizer: basicAuthoriser,
      defaultAuthorizationType: sst.ApiAuthorizationType.CUSTOM,
f

Fazi

02/10/2022, 11:57 AM
thanks @Ross Coundon, where are you importing the
apigAuthorizers
from? For the bit where you write:
Copy code
const basicAuthoriser = new apigAuthorizers.HttpLambdaAuthorizer('basic-authorizer', basicAuthHandler, {
      authorizerName: 'lambdaBasicAuthoriser',
});
r

Ross Coundon

02/10/2022, 11:58 AM
Copy code
import * as apigAuthorizers from '@aws-cdk/aws-apigatewayv2-authorizers-alpha';
f

Fazi

02/10/2022, 12:02 PM
Ah thank you, I will upgrade my version of CDK to v2 and see if that works
r

Ross Coundon

02/10/2022, 12:03 PM
ah yes, there were some changes to how this worked in the later versions of SST and CDK v2 is a requirement
f

Fazi

02/10/2022, 12:07 PM
Thanks a lot for the help
r

Ross Coundon

02/10/2022, 12:09 PM
No problem