Ok I do some reaserch and I try once more explain what I am looking for.
So my question is can I make OAuth provider server using Lambda and API gateway? I didn't found any solution like this, and I don't even know how to start so any ideas are valuable.
And then I want to use API custom authentication to validade my bearer token.
I try to be specific as I can: I have my application where I store my log users.I want to OAuth 2.0 authorization code grant flow using only Lambda and API Gateway (something like Google oAuth but my app want to be an authentication provider).I found couple solutions like this: https://www.authlete.com/documents/article/custom_authorizer/index but I want to use my own authorization server implementation, and I don't want to specific in Lambda auth impl.api_key and secret_key.So there are my questions: 1. Can I make my own authorization server using only Lambda and API gateway?(I know there is a implementation in Spring but for now I want serwerless solution) 2. If I can I will be pleased for any tips because I really stuck.There is a possibility that in my reasoning are mistakes.
In API Gateway you can create custom authorizers to be invoked before the API method is executed. Normally you can create a Lambda function to receive the authentication details and return a Policyt Document authorizing or denying the API method execution.
You can create a Lambda to make the OAuth provider authentication and generate the Policy Document, based on authentication flow. You can get more information here .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.