Class RequestAuthorizer
java.lang.Object
no.unit.commons.apigateway.authentication.RequestAuthorizer
- All Implemented Interfaces:
com.amazonaws.services.lambda.runtime.RequestHandler<com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent,AuthorizerResponse>
- Direct Known Subclasses:
DefaultRequestAuthorizer
public abstract class RequestAuthorizer
extends Object
implements com.amazonaws.services.lambda.runtime.RequestHandler<com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent,AuthorizerResponse>
Abstract class for implementing a Request Authorizer. Implementation is based on the AWS examples found in the
following page : "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer
.html".
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleancallerIsAllowedToPerformAction(com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent requestInfo) protected AuthPolicycreateAllowAuthPolicy(String methodArn) protected AuthPolicyprotected abstract Stringprotected StringformatPolicyResource(String methodArn) This method can be overridden to change the template of the accessed resource.handleRequest(com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent input, com.amazonaws.services.lambda.runtime.Context context) protected abstract String
-
Field Details
-
EXECUTE_API_ACTION
- See Also:
-
ALLOW_EFFECT
- See Also:
-
ANY_RESOURCE
- See Also:
-
ANY_HTTP_METHOD
- See Also:
-
ALL_PATHS
- See Also:
-
PATH_DELIMITER
- See Also:
-
API_GATEWAY_IDENTIFIER_INDEX
public static final int API_GATEWAY_IDENTIFIER_INDEX- See Also:
-
STAGE_INDEX
public static final int STAGE_INDEX- See Also:
-
AUTHORIZATION_HEADER
- See Also:
-
COULD_NOT_READ_PRINCIPAL_ID_ERROR
- See Also:
-
-
Constructor Details
-
RequestAuthorizer
protected RequestAuthorizer()
-
-
Method Details
-
handleRequest
public AuthorizerResponse handleRequest(com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent input, com.amazonaws.services.lambda.runtime.Context context) - Specified by:
handleRequestin interfacecom.amazonaws.services.lambda.runtime.RequestHandler<com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent,AuthorizerResponse>
-
formatPolicyResource
This method can be overridden to change the template of the accessed resource. The resource that access will be allowed to. It can contain wildcards.Example methodARN: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod/GET/some/path/to/resource Example output: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod\/*\/*
Another possible output is: "*"
- Parameters:
methodArn- the method ARN as provided by the API gateway- Returns:
- a resource for the policy
-
createAllowAuthPolicy
-
createDenyAuthPolicy
-
principalId
-
fetchSecret
- Throws:
ForbiddenException
-
callerIsAllowedToPerformAction
protected boolean callerIsAllowedToPerformAction(com.amazonaws.services.lambda.runtime.events.APIGatewayCustomAuthorizerEvent requestInfo) throws ForbiddenException - Throws:
ForbiddenException
-