问题描述
我编写了一个 lambda 授权器,它以这种格式返回响应 -
{
principalId: 123345,policyDocument: {
"Version": "2012-10-17","Statement": [
{
"Action": "execute-api:Invoke","Effect": "Allow","Resource": "arn:aws:execute-api:us-east-1:123456789012:ivdtdhp7b5/verifyToken-stage/GET/"
}
]
}
}
注意-我的授权人的名字是verifyToken
在我不同的微服务(即活动日志)serverless.yml 文件中 我是这样称呼它的 -
service: activity-logs
frameworkVersion: '2'
resources:
Resources:
GatewayResponseUnauthorized:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
gatewayresponse.header.Access-Control-Allow-Methods: "'*'"
gatewayresponse.header.Access-Control-Allow-Credentials: "'true'"
ResponseType: UNAUTHORIZED
RestApiId:
Ref: 'ApiGatewayRestApi'
provider:
name: aws
runtime: nodejs12.x
lambdaHashingVersion: 20201221
region: us-east-1
stage: ${opt:stage}
functions:
getactivitylogs:
handler: handler.getactivitylogs
environment:
NODE_ENV: ${opt:env}
timeout: 800
events:
- http:
path: /{user_id}
method: get
authorizer: arn:aws:lambda:us-east-1:123456789012:function:auth-${opt:stage}-verifyToken
cors: true
vpc:
securityGroupIds:
- sg-xxxxxxxx
- sg-xxxxxxxx
- sg-xxxxxxxx
- sg-xxxxxxxx
- sg-xxxxxxxx
subnetIds:
- subnet-xxxxxxxxxxxxxxxxx
- subnet-xxxxxxxxxxxxxxxxx
我已经单独检查了我的授权人,它正在工作并通过上述响应返回 200。同样,我的微服务在没有授权的情况下工作。但是当在 getactivitylogs 中启用授权者时,它不会让我的活动日志执行一行
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)