api-gateway-policy-gen

A Policy Generator for API Gateway Custom Authorizers

Usage no npm install needed!

<script type="module">
  import apiGatewayPolicyGen from 'https://cdn.skypack.dev/api-gateway-policy-gen';
</script>

README

API Gateway Custom Authorizer Policy Generator

NPM version Build Status Dependency Status Coverage percentage

A Policy Generator for API Gateway Custom Authorizers

Installation

npm i api-gateway-policy-gen

Usage

const utils = require('api-gateway-policy-gen').utils;
const policyGenerator = require('api-gateway-policy-gen').policyGenerator;

module.exports.handler = function(event, context, cb) {
  // Get's the token from the header in the format 'Bearer xxjklsadf'
  const idToken = utils.getBearerToken(event.authorizationToken);

  if (!idToken) {
    return cb('No auth token supplied');
  }

  // Do something to ensure the user is authorized
  //  i.e. decode JWT
  const user = authorizeUser(idToken);
  const principalId = user.id;

  const authInfo = utils.getAuthInfo(event.methodArn);

  // optional context
  const context = {
    role: 'admin'
  };
  // allow access to all methods
  const result = policyGenerator.generatePolicy(principalId, authInfo, [{
    allow: true,
    methods: [{
      verb: '*',
      resource: '*'
    }]
  }], context);

  cb(null, result);
)

Contributions

Welcome. Please submit an issue before sending a PR.

License

MIT