UNPKG

@teamsight/flight

Version:

Lambda life cycles

82 lines 3.78 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); const inversify_1 = require("inversify"); const uuid = require("uuid"); const authorizer_handler_1 = require("./authorizer-handler"); let Authorizer = class Authorizer extends authorizer_handler_1.AuthorizerHandler { constructor(jwtHelper) { super(); this.jwtHelper = jwtHelper; } run(event, context) { return __awaiter(this, void 0, void 0, function* () { try { console.log("methodArn", event.methodArn); const token = event.headers.Authorization.split("Bearer ")[1]; console.log("event", event); console.log("token", token); const decoded = yield this.jwtHelper.process(token, this.audience); console.log("decoded", decoded); const customContext = yield this.createAuthorizerContext(decoded); yield this.doAuthorization(event, decoded, customContext); console.log("allow"); console.log("customContext", customContext); return this.createResult("Allow", event.methodArn, customContext, decoded.sub); } catch (err) { console.log("deny"); return this.createResult("Deny", event.methodArn); } }); } createResult(effect, arn, customContext, principalId) { principalId = principalId || uuid.v4().toString(); customContext = customContext || { sub: null }; const policyDocument = this.buildPolicy(effect, arn); const result = { principalId, policyDocument, context: Object.keys(customContext).reduce((x, key) => { x[key] = JSON.stringify(customContext[key]); return x; }, {}) }; return result; } buildPolicy(effect, resource) { const doc = { Version: "2012-10-17", Statement: [ { Action: "execute-api:Invoke", Effect: effect, Resource: resource } ] }; return doc; } }; Authorizer = __decorate([ inversify_1.injectable(), __metadata("design:paramtypes", [Object]) ], Authorizer); exports.Authorizer = Authorizer; //# sourceMappingURL=authorizer.js.map