问题描述
我正在尝试为用 Go 编写的 Lambda 函数启用 CORS
,下面是我的配置和代码。
这是我的 SAM 配置...
AuthBindApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Cors:
AllowOrigin: "'*'"
AllowMethods: "'POST,OPTIONS'"
AllowHeaders: "'X-Amz-Date,X-Api-Key,X-Amz-Security-Token,X-Requested-With,X-Auth-Token,Referer,User-Agent,Origin,Content-Type,Authorization,Accept,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Allow-Headers'"
Auth:
DefaultAuthorizer: CognitoAuthorizer
Authorizers:
CognitoAuthorizer:
UserPoolArn: !GetAtt CognitoUserPool.Arn
AuthBindFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: functions/auth/bind
Handler: bind
Runtime: go1.x
Tracing: Active
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref AuthInfoTable
- Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "cognito-identity:GetopenIdTokenForDeveloperIdentity"
Resource: "*"
Events:
ApiEvent:
Type: Api
Properties:
Path: /auth/bind
Method: POST
RestApiId: !Ref AuthBindApi
Auth:
Authorizer: CognitoAuthorizer
Options:
Type: Api
Properties:
Path: /auth/bind
Method: OPTIONS
RestApiId: !Ref AuthBindApi
...这是我的 lambda:
func handler(ctx context.Context,req events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse,error) {
...
return events.APIGatewayProxyResponse{
Headers: map[string]string{
"Access-Control-Allow-Origin": "*","Access-Control-Allow-Methods": "POST,OPTIONS","Access-Control-Allow-Headers": "X-Amz-Date,Access-Control-Allow-Headers",},StatusCode: http.StatusOK,nil
}
我还尝试指定所有可能的 HTTP 方法...但我总是收到以下错误消息:
Access to XMLHttpRequest at 'https://lc5zxsnfg5.execute-api.eu-west-1.amazonaws.com/Prod/bind' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我已经挣扎了 2 天了,任何提示都将不胜感激。
解决方法
这是工作配置:
AuthBindApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Cors:
AllowOrigin: "'*'"
AllowMethods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
AllowHeaders: "'X-Amz-Date,X-Api-Key,X-Amz-Security-Token,X-Requested-With,X-Auth-Token,Referer,User-Agent,Origin,Content-Type,Authorization,Accept,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Allow-Headers'"
Auth:
DefaultAuthorizer: CognitoAuthorizer
Authorizers:
CognitoAuthorizer:
UserPoolArn: !GetAtt CognitoUserPool.Arn
AuthBindFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: functions/auth/bind
Handler: bind
Runtime: go1.x
Tracing: Active
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref AuthInfoTable
- Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "cognito-identity:GetOpenIdTokenForDeveloperIdentity"
Resource: "*"
Events:
ApiEvent:
Type: Api
Properties:
Path: /auth/bind
Method: POST
RestApiId: !Ref AuthBindApi
Auth:
Authorizer: CognitoAuthorizer
不要问我为什么...但是把所有的 http 方法放在 AllowMethods
中就可以了:
AllowMethods: "'DELETE,PUT'"