I am trying to authenticate api based on the response from the Lambda authorizer. So i have created following stack:
Lambda function call 'Test-Lambda' which return some value
Created an API Gateway and attached to the 'Test-Lambda'
Now created a Authorizer Lambda which validate the request header and return the policy . Attached the same with API Gateway
Now after deployed the API, i tested via post man with the following parameter's
Key: Authorization
Value:allow
But in the response i am getting following output
{
"message": null
}
Here is the Lambda Authorizer code. As i verified in the cloud watch logs, this is executing fine based on the request
module.exports.handler = async function(event, context) {
const token = event.authorizationToken.toLowerCase();
const methodArn = event.methodArn;
console.log("Lambda Invoked")
switch(token){
case 'allow':
return genertaeAuthResponse('user','Allow', methodArn);
default:
return genertaeAuthResponse('user','Deny', methodArn);
}
}
function genertaeAuthResponse(principalId, effect, methodArn) {
const policyDocument= generatePolicyDocument(effect, methodArn);
return {
principalId,
policyDocument
}
}
function generatePolicyDocument(effect, methodArn){
console.log("Lambda Invoked in the generatePolicyDocument", effect,methodArn)
if(!effect || !methodArn) return null
const policyDocument = {
Version: '2012-10-17',
Statemnet: [{
Action:'execute-api:Invoke',
Effect: effect,
Resource: methodArn
}]
};
console.log("policyDocument in the generatePolicyDocument", policyDocument)
return policyDocument
}
I seeing below response in the logs
Version: '2012-10-17',
Statemnet: [
{
Action: 'execute-api:Invoke',
Effect: 'Allow',
Resource: 'arn:aws:execute-api:ap-southeast-1:myresource'
}
]
}
But i am not understanding why post man returns 'null', which usually returns for the 'fail' value ? It looks like the api gateway not invoking the lambda based on the response from the authorizer
Appreciate if anybody can help on this?
Thanks
