Can this package also be used with an API Gateway Authorizer? How does it know to only validate the access token for API Gateway routes and not redirect? How would I configure that?
Would I just set the path for "parseAuthPath" like this in the API Gateway Lambda Authorizer?
const authenticator = new Authenticator({
// Replace these parameter values with those of your own environment
region: 'us-east-1', // user pool region
userPoolId: 'us-east-1_tyo1a1FHH', // user pool ID
userPoolAppId: '63gcbm2jmskokurt5ku9fhejc6', // user pool app client ID
userPoolDomain: 'domain.auth.us-east-1.amazoncognito.com', // user pool domain
// Just add this one?
parseAuthPath: 'api.my-domain.com'
});
FYI, I tried for many days to battle cloudfront LambdaEdge using various blogs about it, including AWS blogs and it was extremely painful. I plugged in this package and it does everything I wanted. I'm not sure why I kept getting various redirects but I did. I'll have to pull apart this code to better understand it all. Thank you so much for creating it.
I did note that the viewer request lambda has a 5 second time limit. Will this package always work within that time frame?
I ask because one of the blogs I was using noted to use the origin request lambda to set the cookie and check auth due to the longer time limits of the origin lambdas.
Can this package also be used with an API Gateway Authorizer? How does it know to only validate the access token for API Gateway routes and not redirect? How would I configure that?
Would I just set the path for "parseAuthPath" like this in the API Gateway Lambda Authorizer?
const authenticator = new Authenticator({ // Replace these parameter values with those of your own environment region: 'us-east-1', // user pool region userPoolId: 'us-east-1_tyo1a1FHH', // user pool ID userPoolAppId: '63gcbm2jmskokurt5ku9fhejc6', // user pool app client ID userPoolDomain: 'domain.auth.us-east-1.amazoncognito.com', // user pool domain
// Just add this one? parseAuthPath: 'api.my-domain.com' });
FYI, I tried for many days to battle cloudfront LambdaEdge using various blogs about it, including AWS blogs and it was extremely painful. I plugged in this package and it does everything I wanted. I'm not sure why I kept getting various redirects but I did. I'll have to pull apart this code to better understand it all. Thank you so much for creating it.
I did note that the viewer request lambda has a 5 second time limit. Will this package always work within that time frame?
I ask because one of the blogs I was using noted to use the origin request lambda to set the cookie and check auth due to the longer time limits of the origin lambdas.
https://cloudonaut.io/authentication-at-the-edge-with-lambda-edge-cognito/