Package no.unit.commons.apigateway.authentication

Class RequestAuthorizer

java.lang.Object

nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

no.unit.commons.apigateway.authentication.RequestAuthorizer

All Implemented Interfaces:

com.amazonaws.services.lambda.runtime.RequestStreamHandler

public abstract class RequestAuthorizer
extends nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

Abstract class for implementing a Request Authorizer. Implementation is based on the AWS examples found in the following page : "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer .html".

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	ALL_PATHS
static java.lang.String	ALLOW_EFFECT
static java.lang.String	ANY_HTTP_METHOD
static java.lang.String	ANY_RESOURCE
static int	API_GATEWAY_IDENTIFIER_INDEX
static java.lang.String	AUTHORIZATION_HEADER
static java.lang.String	EXECUTE_API_ACTION
static java.lang.String	PATH_DELIMITER
static int	STAGE_INDEX

Fields inherited from class nva.commons.apigateway.RestRequestHandler

allowedOrigin, COMMA, EMPTY_STRING, environment, outputStream, REQUEST_ID, SPACE

Constructor Summary

Constructors

Constructor	Description
RequestAuthorizer(nva.commons.core.Environment environment)

Method Summary

Modifier and Type	Method	Description
protected AuthPolicy	createAllowAuthPolicy(java.lang.String methodArn)
protected AuthPolicy	createDenyAuthPolicy()
protected abstract java.lang.String	fetchSecret()
protected java.lang.String	formatPolicyResource(java.lang.String methodArn)	This method can be overridden to change the template of the accessed resource.
protected java.lang.Integer	getSuccessStatusCode(java.lang.Void input, AuthorizerResponse output)
protected abstract java.lang.String	principalId()
protected AuthorizerResponse	processInput(java.lang.Void input, nva.commons.apigateway.RequestInfo requestInfo, com.amazonaws.services.lambda.runtime.Context context)
protected void	secretCheck(nva.commons.apigateway.RequestInfo requestInfo)
protected void	writeExpectedFailure(java.lang.Void input, nva.commons.apigateway.exceptions.ApiGatewayException exception, java.lang.String requestId)
protected void	writeOutput(java.lang.Void input, AuthorizerResponse output, nva.commons.apigateway.RequestInfo requestInfo)
protected void	writeUnexpectedFailure(java.lang.Void input, java.lang.Exception exception, java.lang.String requestId)

Methods inherited from class nva.commons.apigateway.RestRequestHandler

calculateContentTypeHeaderReturnValue, findMediaTypeMatches, getDefaultResponseContentTypeHeaderValue, getFailureStatusCode, handleExpectedException, handleRequest, handleUnexpectedException, init, listSupportedMediaTypes, parseInput, parsingExceptionToBadRequestException

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EXECUTE_API_ACTION

public static final java.lang.String EXECUTE_API_ACTION

See Also:

Constant Field Values

ALLOW_EFFECT

public static final java.lang.String ALLOW_EFFECT

See Also:

Constant Field Values

ANY_RESOURCE

public static final java.lang.String ANY_RESOURCE

See Also:

Constant Field Values

ANY_HTTP_METHOD

public static final java.lang.String ANY_HTTP_METHOD

See Also:

Constant Field Values

ALL_PATHS

public static final java.lang.String ALL_PATHS

See Also:

Constant Field Values

PATH_DELIMITER

public static final java.lang.String PATH_DELIMITER

See Also:

Constant Field Values

API_GATEWAY_IDENTIFIER_INDEX

public static final int API_GATEWAY_IDENTIFIER_INDEX

See Also:

Constant Field Values

STAGE_INDEX

public static final int STAGE_INDEX

See Also:

Constant Field Values

AUTHORIZATION_HEADER

public static final java.lang.String AUTHORIZATION_HEADER

See Also:

Constant Field Values

Constructor Detail

RequestAuthorizer

public RequestAuthorizer(nva.commons.core.Environment environment)

Method Detail

processInput

protected AuthorizerResponse processInput(java.lang.Void input,
                                          nva.commons.apigateway.RequestInfo requestInfo,
                                          com.amazonaws.services.lambda.runtime.Context context)
                                   throws nva.commons.apigateway.exceptions.ApiGatewayException

Specified by:

processInput in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

Throws:

nva.commons.apigateway.exceptions.ApiGatewayException

getSuccessStatusCode

protected java.lang.Integer getSuccessStatusCode(java.lang.Void input,
                                                 AuthorizerResponse output)

Specified by:

getSuccessStatusCode in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

writeOutput

protected void writeOutput(java.lang.Void input,
                           AuthorizerResponse output,
                           nva.commons.apigateway.RequestInfo requestInfo)
                    throws java.io.IOException

Specified by:

writeOutput in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

Throws:

java.io.IOException

writeExpectedFailure

protected void writeExpectedFailure(java.lang.Void input,
                                    nva.commons.apigateway.exceptions.ApiGatewayException exception,
                                    java.lang.String requestId)
                             throws java.io.IOException

Specified by:

writeExpectedFailure in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

Throws:

java.io.IOException

writeUnexpectedFailure

protected void writeUnexpectedFailure(java.lang.Void input,
                                      java.lang.Exception exception,
                                      java.lang.String requestId)
                               throws java.io.IOException

Specified by:

writeUnexpectedFailure in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,AuthorizerResponse>

Throws:

java.io.IOException

formatPolicyResource

protected java.lang.String formatPolicyResource(java.lang.String methodArn)

This method can be overridden to change the template of the accessed resource. The resource that access will be allowed to. It can contain wildcards.

Example methodARN: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod/GET/some/path/to/resource Example output: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod\/*\/*

Another possible output is: "*"

Parameters:

methodArn - the method ARN as provided by the API gateway

Returns:

a resource for the policy

createAllowAuthPolicy

protected AuthPolicy createAllowAuthPolicy(java.lang.String methodArn)
                                    throws nva.commons.apigateway.exceptions.ForbiddenException

Throws:

nva.commons.apigateway.exceptions.ForbiddenException

createDenyAuthPolicy

protected AuthPolicy createDenyAuthPolicy()
                                   throws nva.commons.apigateway.exceptions.ForbiddenException

Throws:

nva.commons.apigateway.exceptions.ForbiddenException

principalId

protected abstract java.lang.String principalId()
                                         throws nva.commons.apigateway.exceptions.ForbiddenException

Throws:

nva.commons.apigateway.exceptions.ForbiddenException

fetchSecret

protected abstract java.lang.String fetchSecret()
                                         throws nva.commons.apigateway.exceptions.ForbiddenException

Throws:

nva.commons.apigateway.exceptions.ForbiddenException

secretCheck

protected void secretCheck(nva.commons.apigateway.RequestInfo requestInfo)
                    throws nva.commons.apigateway.exceptions.ForbiddenException

Throws:

nva.commons.apigateway.exceptions.ForbiddenException