Package no.unit.commons.apigateway.authentication

Class RequestAuthorizer

  • All Implemented Interfaces:
    com.amazonaws.services.lambda.runtime.RequestStreamHandler
    Direct Known Subclasses:
    DefaultRequestAuthorizer
    public abstract class RequestAuthorizer
extends nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>
    Abstract class for implementing a Request Authorizer. Implementation is based on the AWS examples found in the following page : "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer .html".

    • Constructor Summary

      Constructors 
      Constructor Description
      RequestAuthorizer​(nva.commons.core.Environment environment)  

    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      protected AuthPolicy createAllowAuthPolicy​(java.lang.String methodArn)  
      protected AuthPolicy createDenyAuthPolicy()  
      protected abstract java.lang.String fetchSecret()  
      protected java.lang.String formatPolicyResource​(java.lang.String methodArn)
      This method can be overridden to change the template of the accessed resource.
      protected java.lang.Integer getSuccessStatusCode​(java.lang.Void input, AuthorizerResponse output)  
      protected abstract java.lang.String principalId()  
      protected AuthorizerResponse processInput​(java.lang.Void input, nva.commons.apigateway.RequestInfo requestInfo, com.amazonaws.services.lambda.runtime.Context context)  
      protected void secretCheck​(nva.commons.apigateway.RequestInfo requestInfo)  
      protected void writeExpectedFailure​(java.lang.Void input, nva.commons.apigateway.exceptions.ApiGatewayException exception, java.lang.String requestId)  
      protected void writeOutput​(java.lang.Void input, AuthorizerResponse output, nva.commons.apigateway.RequestInfo requestInfo)  
      protected void writeUnexpectedFailure​(java.lang.Void input, java.lang.Exception exception, java.lang.String requestId)  

      • Methods inherited from class nva.commons.apigateway.RestRequestHandler

        calculateContentTypeHeaderReturnValue, findMediaTypeMatches, getDefaultResponseContentTypeHeaderValue, getFailureStatusCode, handleExpectedException, handleRequest, handleUnexpectedException, init, listSupportedMediaTypes, parseInput, parsingExceptionToBadRequestException

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • RequestAuthorizer

        public RequestAuthorizer​(nva.commons.core.Environment environment)

    • Method Detail

      • processInput

        protected AuthorizerResponse processInput​(java.lang.Void input,
                                          nva.commons.apigateway.RequestInfo requestInfo,
                                          com.amazonaws.services.lambda.runtime.Context context)
                                   throws nva.commons.apigateway.exceptions.ApiGatewayException
        Specified by:
        processInput in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>
        Throws:
        nva.commons.apigateway.exceptions.ApiGatewayException

      • getSuccessStatusCode

        protected java.lang.Integer getSuccessStatusCode​(java.lang.Void input,
                                                 AuthorizerResponse output)
        Specified by:
        getSuccessStatusCode in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>

      • writeOutput

        protected void writeOutput​(java.lang.Void input,
                           AuthorizerResponse output,
                           nva.commons.apigateway.RequestInfo requestInfo)
                    throws java.io.IOException
        Specified by:
        writeOutput in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>
        Throws:
        java.io.IOException

      • writeExpectedFailure

        protected void writeExpectedFailure​(java.lang.Void input,
                                    nva.commons.apigateway.exceptions.ApiGatewayException exception,
                                    java.lang.String requestId)
                             throws java.io.IOException
        Specified by:
        writeExpectedFailure in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>
        Throws:
        java.io.IOException

      • writeUnexpectedFailure

        protected void writeUnexpectedFailure​(java.lang.Void input,
                                      java.lang.Exception exception,
                                      java.lang.String requestId)
                               throws java.io.IOException
        Specified by:
        writeUnexpectedFailure in class nva.commons.apigateway.RestRequestHandler<java.lang.Void,​AuthorizerResponse>
        Throws:
        java.io.IOException

      • formatPolicyResource

        protected java.lang.String formatPolicyResource​(java.lang.String methodArn)
        This method can be overridden to change the template of the accessed resource. The resource that access will be allowed to. It can contain wildcards.

        Example methodARN: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod/GET/some/path/to/resource Example output: arn:aws:execute-api:eu-west-1:884807050265:2lcqynkwke/Prod\/*\/*

        Another possible output is: "*"

        Parameters:
        methodArn - the method ARN as provided by the API gateway
        Returns:
        a resource for the policy

      • createAllowAuthPolicy

        protected AuthPolicy createAllowAuthPolicy​(java.lang.String methodArn)
                                    throws nva.commons.apigateway.exceptions.ForbiddenException
        Throws:
        nva.commons.apigateway.exceptions.ForbiddenException

      • createDenyAuthPolicy

        protected AuthPolicy createDenyAuthPolicy()
                                   throws nva.commons.apigateway.exceptions.ForbiddenException
        Throws:
        nva.commons.apigateway.exceptions.ForbiddenException

      • principalId

        protected abstract java.lang.String principalId()
                                         throws nva.commons.apigateway.exceptions.ForbiddenException
        Throws:
        nva.commons.apigateway.exceptions.ForbiddenException

      • fetchSecret

        protected abstract java.lang.String fetchSecret()
                                         throws nva.commons.apigateway.exceptions.ForbiddenException
        Throws:
        nva.commons.apigateway.exceptions.ForbiddenException

      • secretCheck

        protected void secretCheck​(nva.commons.apigateway.RequestInfo requestInfo)
                    throws nva.commons.apigateway.exceptions.ForbiddenException
        Throws:
        nva.commons.apigateway.exceptions.ForbiddenException