https://serverless-stack.com/ logo
Join Slack
Powered by
has anything changed with how apig-test should wor...
# help
b
has anything changed with how apig-test should work lately? The contents of my
Copy code
event.requestContext.identity
from the lambda is all nulls, but I'm verifying that the cognito user is being verified correctly by aws-api-gateway-cli-test itself, resulting in that looks like a good accessKey, secretKey, and sessionToken from AWS.config.credentials....
s
with API Gateway, Cognito identity stuff lives in 
event.requestContext.authorizer
, no?
though you might be doing things differently. for me, I rely on the Cognito ’sub” (user ID), so I’m looking at the JWT claims
b
The tutorial book said the cognitoIdenttyId should be in event.requestContext.identity.cognitoIdentityId and that seems to be validated by printing out event.requestContext.identity upon error, which stringified to:
Copy code
{
  "cognitoIdentityPoolId": null,
  "accountId": null,
  "cognitoIdentityId": null,
  "caller": null,
  "sourceIp": "76.168.151.22",
  "principalOrgId": null,
  "accessKey": null,
  "cognitoAuthenticationType": null,
  "cognitoAuthenticationProvider": null,
  "userArn": null,
  "userAgent": "axios/0.18.1",
  "user": null
}
I'm just trying to finish page 146 of the book, because testing lambdas with user auth from the command line seems like something I'll want to do constantly.
s
I’ve never had to reference that object before. but it’s hard to say without knowing how your authorizer is set up, etc. for me though, it’s definitely in 
event.requestContext.authorizer
. log the value of that & see what you can see
b
event.requestContext.authorizer doesnt exist for me!
s
huh. are you using HTTP API or REST API?
b
http
s
and you have a JWT authorizer set up? you can tell on this page in the API Gateway
b
I dont! Now to scan backwards and see if I missed a step 😐
s
aha. are you using SST or Serverless Framework?
b
Serverless Framework I think.
ServerlessStack-v6.1.pdf
I'm using this guide.
I dont know the difference between SST or SF atm I warrant.
s
ok, that sounds like SST (Serverless Stack). so you’re in the right Slack 😄
lemme paste my code for setting up our HTTP API w/ Cognito auth
b
So here's my current config
s
ah no, that’s Serverless Framework
b
...!
s
this Slack is for Serverless Stack. but hang on.. I have code for that too
so under 
provider
, you need:
Copy code
httpApi: {
      authorizers: {
        cognitoAuthorizer: {
          identitySource: '$request.header.Authorization',
          issuerUrl:
            '<https://cognito-idp.us-east-1.amazonaws.com/${env:USER_POOL_ID}>',
          audience: [
            '${env:USER_POOL_CLIENT_ID}',
            // To satisfy a bug in serverless-offline
            'dummy',
          ],
        },
      },
it’s TypeScript in my case. so just translate it to YAML
b
s
yeah, it’s confusing. I think they used to use Serverless Framework themselves. then they switched and built their own framework on top of CDK.
sorry man 😕 this is the URL you want: https://docs.serverless-stack.com/
be wary of most of the guide, too
b
I got it from the email here.
s
ahh. yeah.. many parts of the guide are out of date
b
The Forever Problem with communities.
s
yeah. but you’re in the right place, at least! you can ask questions on #help and folks are pretty quick at getting you answers
b
Superthanks!
s
you’re welcome!
b
So what precidely is the relationship between Serverless Framework and SST? Same team, SF is being deprecated for SST and trhings are in flux?
s
not sure.. @Frank can speak more to that. I think they were building stuff on top of Serverless Framework, maybe, then switched to CDK. (which is a smart move)
t
It is a bit confusing as we're in a limbo with the direction we're going on. The Guide which Frank and Jay originally wrote was a way to help people get started building with serverless, and they used Serverless Framework since that was the best option at the time. Once AWS introduced CDK, it became clear that was the way forward. CDK is fairly low level so SST was created to build a higher level framework on it + solve other rough edges with the experience like local debugging. Going forward CDK + SST is the direction we're betting on - the guide is being rewritten to reflect that
b
@thdxr is there a full-bodied CDK tutorial akin to this deprecated one? Make a full serverless CRUD app with auth, etc?
t
That's what Jay is working on putting together but we don't have that yet
b
Alas.
f
Lemme get @Jay’s attention on this one.
j
Sorry for the confusion @Ben McGraw. I’m currently working on update the guide. The closest example we have that does auth like the setup in the guide is this one: https://serverless-stack.com/chapters/using-cognito-to-add-authentication-to-a-serverless-app.html and here’s the code for it on GitHub: https://github.com/serverless-stack/serverless-stack/tree/master/examples/react-app-auth-cognito
Just adding to what I was saying before, the SST migration of the guide is a WIP. Here’s a giant draft that I’m working through https://github.com/AnomalyInnovations/serverless-stack-com/blob/migrate-sst/_chapters/sst.md. I need to work on the frontend part tomorrow. Then make one pass of edits and making sure all the steps work. And then organize the chapters and edit the older Serverless Framework parts a bit.
Open in Slack
PreviousNext
Powered by