您的位置: 首页  >  技术问答  >  如何在自定义授权者AWS Lambda函数中访问HTTP标头

如何在自定义授权者AWS Lambda函数中访问HTTP标头

分类: 技术问答 2022-05-23 11:56:11
问题描述:

我从API网关创建了自定义授权者用于在python中使用Lambda函数的API. API网关使用我配置的标头(method.request.header.Authorization)移交传入的身份验证令牌.但是,我还需要在lambda函数中使用原始http请求的其他标头.如何访问它们?我没有在输入到lambda函数的event对象上看到标题.

From API Gateway, I created a custom authorizer for my API using Lambda function in python. API Gateway hands over the incoming auth token using a header I configure(method.request.header.Authorization). However I also need the other headers of the original http request inside my lambda function. How do I access them? I did not see the headers on event object input to my lambda function.

请注意,这不是

Note that this is not a duplicate of How to access HTTP headers for request to AWS API Gateway using Lambda?. The question is about custom authorizer lambda function. I do not see any configuration option to pass the incoming http headers to authorizer lambda function.

按照

As per AWS Documentation, API Gateway calls Custom Authorizer with below input. Base on the the below, I assume my ask is not possible. But want to check if there is a workaround.



{
    "type":"TOKEN",
    "authorizationToken":"",
    "methodArn":"arn:aws:execute-api:<regionId>:<accountId>:<apiId>/<stage>/<method>/<resourcePath>"
}

现在可以通过使用类型为请求"的授权者而不是令牌来实现

This is now possible by using an Authoriser of type 'Request' instead of Token

详细信息在这里: https://docs.aws.amazon. com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html

从根本上说,所有标头都在事件对象中传递以获得请求授权

Fundamentally, all headers are passed in the event object for a Request authorisation

ie事件中的标头对象

ie headers object on event 


    "headers": {
        "X-wibble": "111",
        "X-wobble": "222",
        "x-amzn-ssl-client-hello": "*Deleted*",
        "Via": "1.1 .cloudfront.net (CloudFront)",
        "CloudFront-Is-Desktop-Viewer": "true",
        "CloudFront-Is-SmartTV-Viewer": "false",
        "CloudFront-Forwarded-Proto": "https",
        "X-Forwarded-For": "*Deleted*",
        "CloudFront-Viewer-Country": "GB",
        "Accept": "*/*",
        "User-Agent": "curl/7.55.1",
        "X-Amzn-Trace-Id": "Root=*Deleted*",
        "Host": "*Deleted*.execute-api.eu-west-1.amazonaws.com",
        "X-Forwarded-Proto": "https",
        "X-Amz-Cf-Id": "*Deleted*",
        "CloudFront-Is-Tablet-Viewer": "false",
        "X-Forwarded-Port": "443",
        "CloudFront-Is-Mobile-Viewer": "false"
    }

相关推荐