search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.66k stars 3.92k forks source link

apigateway.RequestAuthorizer: pass request body to authorizer function #28248

Open mdvertola opened 11 months ago

mdvertola commented 11 months ago

Describe the feature

Add the ability to pass the incoming event body into a custom authorization function.

Use Case

For certain authorization processes (e.g., some signature-based authorization mechanisms), oftentimes the request body is required (and abstracted away from a developer's control to add to headers). As a result, it is required in certain circumstances to pass this event body into a custom authorization function.

Proposed Solution

As we can currently do with the headers of a request, add the ability to do the same with the event body.

const customAuthorizerFunction = new apigateway.RequestAuthorizer(
        this,
        `${bot.namespace}CustomAuthorizerFunction`,
        {
          handler: authorizerFunction,
          identitySources: [apigateway.IdentitySource.header("X-Slack-Signature"), apigateway.IdentitySource.body],
          resultsCacheTtl: cdk.Duration.seconds(0),
        }
      )

Other Information

Not sure if this is even a possibility with the underlying apigw lambda authorizer setup or if this approach/ design makes sense in the long term but it would be awesome if in some way we can get that event body into the authorizer function!

Also, apologies if this is already possible with cdk! I did some digging in docs around this construct and some of the adjacent ones it touches/ stack overflow searching and could find anything about how to get it setup!

Acknowledgements

CDK version used

2.113.0

Environment details (OS name and version, etc.)

MacOS 14.1.2

nacho8 commented 7 months ago

Is there any news??

jonatr35 commented 7 months ago

Any update on if this is on the AWS road map at all for API Gateway?

thezeroend commented 6 months ago

Any news?

jappoman commented 5 months ago

+1

olliglorioso commented 2 months ago

+1

github-actions[bot] commented 2 months ago

This issue has received a significant amount of attention so we are automatically upgrading its priority. A member of the community will see the re-prioritization and provide an update on the issue.