From f01ca2dbf7c2b3c9f2ff830c3f9b9cb10f68498d Mon Sep 17 00:00:00 2001 From: John Ferlito Date: Sun, 25 Jun 2017 19:15:21 +1000 Subject: [PATCH] Update docs to indicate you can use cognito pool authoriser and claims with lambda-proxy --- docs/providers/aws/events/apigateway.md | 9 ++++++--- .../package/compile/events/apiGateway/lib/validate.js | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/providers/aws/events/apigateway.md b/docs/providers/aws/events/apigateway.md index d299fc7f3..0841a2785 100644 --- a/docs/providers/aws/events/apigateway.md +++ b/docs/providers/aws/events/apigateway.md @@ -265,7 +265,12 @@ functions: arn: arn:aws:cognito-idp:us-east-1:xxx:userpool/us-east-1_ZZZ ``` -By default the `sub` claim will be exposed in `events.cognitoPoolClaims`, you can add extra claims like so: +If you are using the default `lambda-proxy` integration, your attributes will be +exposed at `event.requestContext.authorizer.claims`. + +If you want control more control over which attributes are exposed as claims you +can switch to `integration: lambda` and add the following configuration. The +claims will be exposed at `events.cognitoPoolClaims`. ```yml functions: @@ -283,8 +288,6 @@ functions: - nickname ``` -Note: Since claims must be explicitly listed to be exposed, you must use `integration: lambda` integration type to access any claims. - ### Catching Exceptions In Your Lambda Function In case an exception is thrown in your lambda function AWS will send an error message with `Process exited before completing request`. This will be caught by the regular expression for the 500 HTTP status and the 500 status will be returned. diff --git a/lib/plugins/aws/package/compile/events/apiGateway/lib/validate.js b/lib/plugins/aws/package/compile/events/apiGateway/lib/validate.js index 97f99637f..ad64560b6 100644 --- a/lib/plugins/aws/package/compile/events/apiGateway/lib/validate.js +++ b/lib/plugins/aws/package/compile/events/apiGateway/lib/validate.js @@ -247,7 +247,7 @@ module.exports = { if (integration === 'AWS_PROXY' && typeof arn === 'string' && arn.match(/^arn:aws:cognito-idp/) && authorizer.claims) { const errorMessage = [ - 'Cognito claims can\'t be retrieved when using lambda-proxy as the integration type', + 'Cognito claims can only be filtered when using the lambda integration type', ]; throw new this.serverless.classes.Error(errorMessage); }