mirror of
https://github.com/serverless/serverless.git
synced 2026-01-18 14:58:43 +00:00
37 lines
890 B
JavaScript
37 lines
890 B
JavaScript
'use strict';
|
|
|
|
// custom authorizer
|
|
function generatePolicy(principalId, effect, resource) {
|
|
const authResponse = {};
|
|
authResponse.principalId = principalId;
|
|
|
|
if (effect && resource) {
|
|
const policyDocument = {};
|
|
policyDocument.Version = '2012-10-17';
|
|
policyDocument.Statement = [];
|
|
|
|
const statementOne = {};
|
|
statementOne.Action = 'execute-api:Invoke';
|
|
statementOne.Effect = effect;
|
|
statementOne.Resource = resource;
|
|
policyDocument.Statement[0] = statementOne;
|
|
authResponse.policyDocument = policyDocument;
|
|
}
|
|
|
|
return authResponse;
|
|
}
|
|
|
|
async function auth(event, context) {
|
|
const token = event.authorizationToken.split(' ');
|
|
|
|
if (token[0] === 'Bearer' && token[1] === 'ShouldBeAuthorized') {
|
|
return context.succeed(generatePolicy('SomeRandomId', 'Allow', '*'));
|
|
}
|
|
|
|
return context.fail('Unauthorized');
|
|
}
|
|
|
|
module.exports = {
|
|
auth,
|
|
};
|