问题描述
我今天大部分时间都在尝试让授权者工作,我检查了多个示例,它们似乎都在做我的代码所做的事情。
我使用无服务器框架,这是授权代码:
exports.handler = function (event: APIGatewayTokenAuthorizerEvent): APIGatewayAuthorizerResult {
const authorizer = new Authorizer();
try {
if (!event.authorizationToken) throw new Error("No token");
const token = event.authorizationToken.split(" ")[1];
const decodedData = authorizer.verifyToken(token) as unkNown as User;
const policy = generatePolicy(token,event.methodArn);
return {
...policy,context: {
user: JSON.stringify(decodedData),},};
} catch (err) {
console.log(err);
throw "Unauthorized";
}
};
const generatePolicy = (principalId: string,methodArn: string) => {
return {
principalId,policyDocument: {
Version: "2012-10-17",Statement: [
{
Action: "execute-api:Invoke",Effect: "Allow",Resource: methodArn,],};
};
这里是无服务器配置
const serverlessConfiguration: AWS = {
service: "user-crud",frameworkVersion: "2",custom: {
webpack: {
webpackConfig: "./webpack.config.js",includeModules: true,plugins: ["serverless-webpack"],provider: {
name: "aws",runtime: "nodejs14.x",region: "eu-west-1",apiGateway: {
minimumCompressionSize: 1024,shouldStartNameWithService: true,environment: {
AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1",lambdaHashingVersion: "20201221",functions: {
jwtAuthorizer: {
handler: "src/api/authorizer.handler",name: "jwtAuthorizer",get: {
name: "get",handler: "src/api/get.handler",role: "arn:aws:iam::109394173706:role/dynamodb_cloudwatch_full",events: [
{
http: {
path: "get",method: "get",cors: true,authorizer: "jwtAuthorizer",}...
当令牌正确并返回对象时,我总是得到 500 响应,所以我猜返回对象有问题?
如果令牌不正确并且我抛出“未授权”,那么我会得到正确的 401 响应。
解决方法
显然,处理程序需要是异步的,否则,它需要一个回调......时间花得很好:|