UNPKG

@argodigital/qq-shared

Version:

Shared code for QQ projects

github.com/Argo-DigitalVentures/qq-shared-packages

Argo-DigitalVentures/qq-shared-packages

73 lines (72 loc) 2.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); var logger_1 = require("../logger"); var iopipe_1 = require("@iopipe/iopipe"); var ioPipeEnabled = 'true' !== process.env.DISABLE_IOPIPE; function authwrapper(fn) { return function (event, context, callback) { var log = logger_1.logger(context); var token = event.authorizationToken; if (ioPipeEnabled) { iopipe_1.metric('region', process.env.AWS_REGION); iopipe_1.metric('revision', process.env.REVISION); iopipe_1.metric('stage', process.env.STAGE); } function valid(jwt) { if (ioPipeEnabled) { iopipe_1.label('valid'); } var policy = generatePolicy(jwt); return callback(null, policy); } function invalid(message) { log.info('Invalid', message); if (ioPipeEnabled) { iopipe_1.label('invalid'); iopipe_1.metric('invalid', message); } return callback('Unauthorized'); } function error(error) { error = error instanceof Error ? error.toString() : error; log.error('Error', error, event); if (ioPipeEnabled) { iopipe_1.label('error'); } var body = JSON.stringify({ event: event, error: error }); return callback(body); } var props = { token: token, event: event, valid: valid, invalid: invalid, error: error, log: log }; fn(props); }; } exports.authwrapper = authwrapper; function generatePolicy(jwt) { var claims = jwt.claims; var groups = claims.groups ? JSON.stringify(claims.groups) : ''; var context = { userId: claims.uid ? claims.uid : 'test-user-id', firstName: claims.firstName ? claims.firstName : 'testFirstName', lastName: claims.lastName ? claims.lastName : 'testLastName', sub: claims.sub ? claims.sub : 'testuseremail@argolimited.com', email: claims.email ? claims.email : 'testuseremail@argolimited.com', role: claims.role ? claims.role : 'testRole', brokerType: claims.broker_type, agencyCode: claims.agencyCode ? claims.agencyCode : '00001', groups: groups }; return { principalId: claims.sub ? claims.sub : 'testuseremail@argolimited.com', policyDocument: { Version: '2012-10-17', Statement: [ { Action: 'execute-api:Invoke', Effect: 'Allow', Resource: 'arn:aws:execute-api:**' } ] }, context: context }; }