Serverless authorizers - custom REST authorizer

Marcin Piczkowski on November 05, 2017

In the series of articles I will explain basics of Servlerless authorizers in Serverless Framework: where they can be used and how to write custo... [Read Full]
markdown guide
 

I used the provided code and it works when deployed as well. Now I'm removing the "Bearer" string from the token. I've removed the code that looks for "Bearer" string from the code and removed "indentityValidationExpression" from .yaml as well. But the authorizer still only works with the "Bearer" string in the Header.

Also I'm trying to change the response from "unauthorized" to anything else in the callback. But it still comes back "unauthorized".

 

Are you sure you deployed full stack or single function only? Can you share your code on git?

 

I tried deploying just the authorizer as well as the whole stack. Still the same result. Turns out the authorizer in APIGW still have the "indentityValidationExpression" check set to Bearer (.*), even though I had removed it.

To be completely sure your app is OK you can try to delete the stack and sls tmp folder called .serverless from your project root and redeploy from fresh. If this is the case maybe it's a bug in sls. You're using latest version, right?

yep I have the latest version .. I deleted the stack via "sls remove" but I'm still confused why the APIGW authorizer didn't update.

I'm still stuck at the authorizer, it times out or returns 500 whenever I try to match the token in my database. I'm using Sequelize and AWS RDS (MySQL). I can't give you my private repo, but I'll duplicate the code in a public repo.

It would be great if you could help! Thanks

github.com/hzburki/serverless

This is code repo. It's connected to a new database. Two routes /users and /user, an authorizer is connected to /user.

Works fine on serverless-offline, but both endpoints timeout when deployed to AWS. Even if I set timeout to 30sec.

Help Please !

thx, will try to have a look at it by the end of this week..possibly sooner.

I checked your code, added a couple of logs and changes.
I tested on AWS and it works.
You can check my code here: github.com/piczmar/sls-test-author...

I'm not sure what was your problem. I can think of wrong DB connection details causing Sequilize to wait on connection. Can you make sure the correct env. variables are set on Lambda function?

image

Can you check my version and see if it helped?

I got the authorizer to work :D

The issue was with the principalId. I wanted to set the authenticated object as the principalId and add it in the request body, that way I would save an extra database query. Once I set the principalId to the token. The authorizer started working.

I have to query the authenticated user again in my controller, but I can live with that.

Thanks for your help.

code of conduct - report abuse