Hi I define a custom authorizer as ```const authorizer = new Serverless Stack #help

Hi, I define a custom authorizer as: ```const au...

Fazi

02/10/2022, 11:41 AM

Hi, I define a custom authorizer as:

Copy code

const authorizer = new HttpLambdaAuthorizer({
      authorizerName: 'authorizer',
      handler: new Function(this, 'Authorizer', {
        functionName: 'AuthorizerFn',
        srcPath: "src",
        handler: 'authorizer.main',
        tracing: lambda.Tracing.DISABLED,
        timeout: 30,
        permissions: ['ssm'],
      }),
      resultsCacheTtl: Duration.seconds(0),
      responseTypes: [HttpLambdaResponseType.SIMPLE],
    });

I then want to apply it to a specific route as follows:

Copy code

const api = new Api(this, "Api", {
      // defaultAuthorizationType: ApiAuthorizationType.JWT,
      // defaultAuthorizer: new HttpUserPoolAuthorizer({
      //   userPool,
      //   userPoolClient,
      // }),
      // defaultAuthorizationType: ApiAuthorizationType.CUSTOM,
      defaultAuthorizer: authorizer,
      routes: {
        
        // some other routes go here
        
        "GET /v1/tasks/alt": {
          function: getTasksAltFunction,
          authorizationType: ApiAuthorizationType.CUSTOM,
        },
        
        // some other routes go here
      },
    });

However, when I make a call to

GET /v1/tasks/alt

I get a unauthorized error. Can someone please explain what is going wrong? I used the docs here: https://docs.serverless-stack.com/constructs/Api#adding-lambda-authorization-to-a-specific-route

Ross Coundon

02/10/2022, 11:46 AM

When I’ve done it I’ve defined a function to perform the authorisation like this:

Copy code

const basicAuthHandler = new sst.Function(this, 'basicAuthHandler', {
  handler: 'src/main/handlers/auth/basicAuthHandler.handler',    
});

Then defined the HttpLambdaAuthorizer like this - with the function being passed as the 2nd parameter

Copy code

const basicAuthoriser = new apigAuthorizers.HttpLambdaAuthorizer('basic-authorizer', basicAuthHandler, {
      authorizerName: 'lambdaBasicAuthoriser',
});

Then on the API like this:

Copy code

const api = new sst.Api(this, 'Api', {
      defaultAuthorizer: basicAuthoriser,
      defaultAuthorizationType: sst.ApiAuthorizationType.CUSTOM,

Fazi

02/10/2022, 11:57 AM

thanks @Ross Coundon, where are you importing the

apigAuthorizers

from? For the bit where you write:

Copy code

const basicAuthoriser = new apigAuthorizers.HttpLambdaAuthorizer('basic-authorizer', basicAuthHandler, {
      authorizerName: 'lambdaBasicAuthoriser',
});

Ross Coundon

02/10/2022, 11:58 AM

Copy code

import * as apigAuthorizers from '@aws-cdk/aws-apigatewayv2-authorizers-alpha';

Fazi

02/10/2022, 12:02 PM

Ah thank you, I will upgrade my version of CDK to v2 and see if that works

Ross Coundon

02/10/2022, 12:03 PM

ah yes, there were some changes to how this worked in the later versions of SST and CDK v2 is a requirement

Fazi

02/10/2022, 12:07 PM

Thanks a lot for the help

Ross Coundon

02/10/2022, 12:09 PM

No problem

Open in Slack

Previous Next