Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apigateway.RequestAuthorizer: pass request body to authorizer function #28248

Open
2 tasks
mdvertola opened this issue Dec 4, 2023 · 9 comments
Open
2 tasks

apigateway.RequestAuthorizer: pass request body to authorizer function #28248

mdvertola opened this issue Dec 4, 2023 · 9 comments
Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p1

Comments

@mdvertola
Copy link

Describe the feature

Add the ability to pass the incoming event body into a custom authorization function.

Use Case

For certain authorization processes (e.g., some signature-based authorization mechanisms), oftentimes the request body is required (and abstracted away from a developer's control to add to headers). As a result, it is required in certain circumstances to pass this event body into a custom authorization function.

Proposed Solution

As we can currently do with the headers of a request, add the ability to do the same with the event body.

const customAuthorizerFunction = new apigateway.RequestAuthorizer(
        this,
        `${bot.namespace}CustomAuthorizerFunction`,
        {
          handler: authorizerFunction,
          identitySources: [apigateway.IdentitySource.header("X-Slack-Signature"), apigateway.IdentitySource.body],
          resultsCacheTtl: cdk.Duration.seconds(0),
        }
      )

Other Information

Not sure if this is even a possibility with the underlying apigw lambda authorizer setup or if this approach/ design makes sense in the long term but it would be awesome if in some way we can get that event body into the authorizer function!

Also, apologies if this is already possible with cdk! I did some digging in docs around this construct and some of the adjacent ones it touches/ stack overflow searching and could find anything about how to get it setup!

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.113.0

Environment details (OS name and version, etc.)

MacOS 14.1.2
@mdvertola mdvertola added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Dec 4, 2023
@github-actions github-actions bot added the @aws-cdk/aws-apigateway Related to Amazon API Gateway label Dec 4, 2023
@khushail khushail added needs-review investigating This issue is being investigated and/or work is in progress to resolve the issue. and removed needs-triage This issue or PR still needs to be triaged. needs-review labels Dec 4, 2023
@khushail khushail added p2 effort/medium Medium work item – several days of effort and removed investigating This issue is being investigated and/or work is in progress to resolve the issue. labels Dec 20, 2023
@github-actions github-actions bot mentioned this issue Jan 1, 2024
Closed
@nacho8
Copy link

nacho8 commented Mar 28, 2024
edited
Loading

Is there any news??

@jonatr35
Copy link

jonatr35 commented Apr 2, 2024

Any update on if this is on the AWS road map at all for API Gateway?

@thezeroend
Copy link

Any news?

@jappoman
Copy link

+1

1 similar comment
@olliglorioso
Copy link

+1

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 1, 2024

This issue has received a significant amount of attention so we are automatically upgrading its priority. A member of the community will see the re-prioritization and provide an update on the issue.

@github-actions github-actions bot added p1 and removed p2 labels Sep 1, 2024
@alyssariah
Copy link

+1

@emakunin
Copy link

emakunin commented Dec 31, 2024
edited
Loading

+1

AWS uses SivV4 for its own requests, but makes it impossible to proxy request to the resources using authorizer lambda. This is a limit of the API gateway itself I guess. As it's impossible to create in AWS console/cli as well.

@ShiftyMcCool
Copy link

Amazing that something so basic is still sitting here for so long......

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@ShiftyMcCool @jonatr35 @nacho8 @jappoman @thezeroend @alyssariah @mdvertola @olliglorioso @khushail @emakunin