[英]Passing OAUTH2.0 access token in API gateway get request
I have an AWS API gateway setup right now and I am able to hit my endpoint successfully with a GET request. 我现在有一个AWS API网关设置,并且能够通过GET请求成功命中我的终端节点。 I am not able to retrieve any information from the endpoint because I am not sure how to pass the required OAUTH2.0 access token to the enpoint for authorization.
我无法从端点检索任何信息,因为我不确定如何将所需的OAUTH2.0访问令牌传递给授权点。 I looked through aws documentation but could not find what I am looking for.
我浏览了aws文档,但找不到我想要的东西。 Any help would be appreciated, thanks.
任何帮助,将不胜感激,谢谢。
There are two options you can go for: 您可以选择两个选项:
Handling authentication on your endpoint (which I understand from your question is what you want to do): for this to work, see the following SO answer [1] which describes how to trap the Authorization
header. 在端点上处理身份验证(我从您的问题中了解到您要执行的操作):要使其正常工作,请参见以下SO解答[1],其中描述了如何捕获
Authorization
标头。
Handling authentication on the Gateway itself using API Gateway Lambda Authorizers : read the AWS documentation which describes the authorization workflow . 使用API Gateway Lambda Authorizers在Gateway本身上处理身份验证:阅读描述授权工作流程的AWS文档。 [2] If there is no reason why you have to handle authorization on your endpoint, I would outsource it to Lambda authorizers.
[2]如果没有理由必须在端点上处理授权,我会将其外包给Lambda授权者。
For the big picture see [3]. 有关大图,请参见[3]。 Moreover, you can integrate Cognito if you want to further outsource user management / security to AWS services.
此外,如果您想进一步将用户管理/安全性外包给AWS服务,则可以集成Cognito。 [4]
[4]
[1] https://stackoverflow.com/a/31375476/10473469 [1] https://stackoverflow.com/a/31375476/10473469
[2] https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html [2] https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
[3] https://medium.com/@chrisconcannon/nodejs-lambda-authorizer-for-json-web-tokens-334fbd6d3228 [3] https://medium.com/@chrisconcannon/nodejs-lambda-authorizer-for-json-web-tokens-334fbd6d3228
[4] https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html [4] https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.