stackoom
  简体   繁体   中英

Injecting data to web application from AWS Lambda & CloudFront

 原文  2022-01-18 10:55:50       amazon-web-services/ security/ authentication/ aws-lambda/ amazon-cloudfront

Question

I am implementing an access manager for my application but have not yet been able to find an elegant solution to pass data from AWS Lambda to the client.

The user will attempt to reach https://myapplication.com/ which is pointing to the IP address of the access manager. The access manager will check if a session exists or prompt the user for a login. Once authenticated the access manager will fetch my application from CloudFront, with a Bearer token in the authorization header. On the viewer request I am validating that token with a Lambda function and if successful I return the application, otherwise I return a 401 error. Any viewer request that does not come from the access manager also returns a 401.

When validating the token I'm able to retrieve user info such as username, role, email etc. I would like to pass that data from Lambda through the viewer response to the client. What options do I have here? I have tried passing the data in headers but I don't believe that there is any way to view the initial page load headers in my application? I'm able to set the data as a cookie and access it that way but I think that is less secure. Maybe if I were to encrypt that data as a jwt, set it as a cookie and decrypt in the client?

My primary application is in Angular served from S3 via CloudFront. I also have a couple of Flask applications that I would like to hook up to the access manager afterwards.

Any pointers are appreciated.

Thanks!

2 answers

solution1
 0  2022-01-18 11:06:39

You can create another API on your access manager that returns the existing session authenticated user details. Have the Angular application call the API.

solution2
 0  2022-01-18 11:15:01

There could be multiple solutions to this. Below are some of the solutions that come to my mind.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Returning AWS CloudFront geolocation headers from a lambda Injecting information into requests returned from S3 origins in AWS CloudFront Injecting media to AWS MediaPackage from lambda function AWS - Lambda Cloudfront logs aws-cdk Associate Lambda Function with CloudFront Web Distribution I want to change the URL from AWS CloudFront with the help of AWS lambda AWS: how to send data from AWS Lambda to on-premises application Cloudfront CDN for s3 data that is accessed in AWS Lambda AWS: redirection to Lambda function doesn't work from CloudFront Distribution AWS Cloudfront error with a lambda function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM