Closed djelusic closed 2 years ago
So after trying a bunch of things I realized the problem was that we are storing user claims as a JSON string in the authorizer response context. For some reason this only works when the response is not cached. I fixed it by base64-encoding the claims and re-enabled caching.
In the process I also switched the authorizer payload version to v2 and enabled simple responses. So now the authorizer returns something like this instead of a policy:
{
"isAuthorized":true,
"context": {
"mantilUserClaims": "<b64 encoded claims>"
}
}
This works for us since we aren't performing any authorization on the authorizer beyond just checking the validity of the JWT token.
Whenever a request uses a cached lambda authorizer response this results in a 500 error being returned from the API gateway. I did some digging and found this in the access logs:
This is strange since the original authorizer response didn't cause any errors.