Feature request: Documented Example of Local Authorizer Usage

aws / aws-sam-cli

CLI tool to build, test, debug, and deploy Serverless applications using AWS SAM

https://aws.amazon.com/serverless/sam/

Apache License 2.0

6.48k stars 1.16k forks source link

Feature request: Documented Example of Local Authorizer Usage #5172

Open ChronosMasterOfAllTime opened 1 year ago

ChronosMasterOfAllTime commented 1 year ago

Describe your idea/feature/enhancement

@lucashuy love the new feature for local authorizers in 1.80.0+, can we get documentation or a working example of how to set up an authorizer with sam local start-api?

Proposal

Add a sample local_authorizer_template.yml or LOCAL_AUTHORIZER_EXAMPLE.md file that bootstraps the authorizer correctly

Things to consider:

Will this require any updates to the SAM Spec - No

Additional Details

Please provide documentation and examples on how to use a local Authorizer defined within the template.

sriram-mv commented 1 year ago

sam local docs opens up this page: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-start-api.html

We will add this as an area for us to look into.

ChronosMasterOfAllTime commented 1 year ago

sam local docs opens up this page: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-start-api.html

We will add this as an area for us to look into.

Thanks, I am talking about the new feature introduced in 1.80+ to use local authorizer for testing. How do you define the authorizer differently as FunctionArn is not the way to go as SAM local doesnt support !GetAtt?

I am looking for examples of how to rope in our Authorizer for local testing.

brandon-burciaga commented 1 year ago

I am also looking to know this. I keep getting messages about skip parsing unsupported authorizer. I also was trying to use !GetAtt

@ChronosMasterOfAllTime did you figure this out?

ChronosMasterOfAllTime commented 1 year ago

I am also looking to know this. I keep getting messages about skip parsing unsupported authorizer. I also was trying to use !GetAtt

@ChronosMasterOfAllTime did you figure this out?

If you start with the --debug flag you will see !GetAtt is not a supported function. From what I gathered you need to define the authorizer as a parameter and override the reference for local. Not ideal IMHO. We ended up pulling out the authorizer from API gateway and chaining it as part of the handler proxy middlewares. (We're using golang chi router plus the serverless proxy).

Hopefully someone gets this documented with a working example!

Willis0826 commented 1 year ago

Hey, after I traced the source code and followed your findings, I managed to make it works! Here is a demo : https://github.com/Willis0826/sam-local-authorizer-example Please feel free to take a look, cheers!

kPOWz commented 5 months ago

Does the feature (released in 1.80.0) work with SAM local for CDK ? https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-cdk-testing.html

I'm using the basic "AWS::ApiGatewayV2::Authorizer", "AuthorizerType": "JWT", and not seeing any auth happen on the latest version of SAM CLI