I use this issue instead of PR to collect everything about this task and all referenced PR are merged already.
I use single monorepo with both BE and FE for a good reason: FE build uses outputs of BE stacks. Organizers have confirmed that it is acceptable.
Check #3, #18, #22, #27, #33 and commit history if you want to learn more about setup and reasoning. Issues, PRs and each commit messages contain lot of details.
Please provide your evaluation in comments and fill in the form.
Task 7 Artifacts (Pull Request #34)
Task 7.1
:heavy_check_mark: create a new service called authorization-service
:heavy_check_mark: create a lambda function called basicAuthorizer in the Authorization Service.
:heavy_check_mark: lambda has an environment variable with the following credentials: USER_GURIA=TEST_PASSWORD
:heavy_check_mark: basicAuthorizer lambda takes Basic Authorization token, decodes it and checks that credentials provided by token exist in the lambda environment variable.
:heavy_check_mark: lambda returns 403 HTTP status if access is denied for this user (invalid authorization_token) and 401 HTTP status if Authorization header is not provided.
:heavy_check_mark: credentials are not stored under VCS and provided to environment from repository encrypted secrets
Task 7.2
:heavy_check_mark: basicAuthorizer lambda is set to /import path of the API Gateway as lambda authorizer.
Task 7.3
:heavy_check_mark: request from the client application to the /import path has Basic Authorization header Authorization: Basic {authorization_token}
:heavy_check_mark: {authorization_token} is a base64-encoded GURIA:TEST_PASSWORD
:heavy_check_mark: client gets authorization_token value from browser localStorage
Additional tasks:
:heavy_plus_sign: client application should display alerts for the responses in 401 and 403 HTTP statuses.
Links to deployment
All PRs are merged. So app is deployed from main branch.
Web App deployed to Cloudfront and available at following addresses:
VladOstk
commented
2 years ago
Task 7 assignment
Note for reviewers
Task 7 Artifacts (Pull Request #34)
Task 7.1
:heavy_check_mark: create a new service called
authorization-service:heavy_check_mark: create a lambda function calledbasicAuthorizerin the Authorization Service. :heavy_check_mark: lambda has an environment variable with the following credentials:USER_GURIA=TEST_PASSWORD:heavy_check_mark:basicAuthorizerlambda takes Basic Authorization token, decodes it and checks that credentials provided by token exist in the lambda environment variable. :heavy_check_mark: lambda returns 403 HTTP status if access is denied for this user (invalid authorization_token) and 401 HTTP status if Authorization header is not provided. :heavy_check_mark: credentials are not stored under VCS and provided to environment from repository encrypted secretsTask 7.2
:heavy_check_mark:
basicAuthorizerlambda is set to/importpath of the API Gateway as lambda authorizer.Task 7.3
:heavy_check_mark: request from the client application to the
/importpath has Basic Authorization headerAuthorization: Basic {authorization_token}:heavy_check_mark: {authorization_token} is a base64-encodedGURIA:TEST_PASSWORD:heavy_check_mark: client gets authorization_token value from browser localStorageAdditional tasks: :heavy_plus_sign: client application should display alerts for the responses in 401 and 403 HTTP statuses.
Links to deployment
All PRs are merged. So app is deployed from
mainbranch.Web App deployed to Cloudfront and available at following addresses: