Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(aws-apigateway): Allow for custom authorizer context in StepFunctionsIntegration #18891

Closed
1 of 2 tasks
rogerchi opened this issue Feb 9, 2022 · 1 comment
Closed
1 of 2 tasks
Assignees
Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.

Comments

@rogerchi
Copy link
Contributor

rogerchi commented Feb 9, 2022

Description

Currently there's no option to output custom authorizer context values into the express step function integration. The only available option is to include the single authorizerPrincipalId field in requestContext. A possible change would be to add authorizer: boolean into StepFunctionsRestApiProps which would output the full $context.authorizer object in a authorizer: {} object in the input to the state machine.

Use Case

A common use case for custom authorizers is to set custom context values and use them downstream in the integration. This change would allow them to be used in a step functions integration.

Proposed Solution

Add authorizer: boolean to StepFunctionsExecutionIntegrationOptions
Add const includeAuthorizer = options.authorizer ?? false; and templateStr = templateStr.replace("%INCLUDE_AUTHORIZER%", String(includeAuthorizer)); to templateString() in stepfunctions.ts
Add

#set($includeAuthorizer = %INCLUDE_AUTHORIZER%)

and

    #if ($includeAuthorizer)
        #set($inputString = "$inputString, @@authorizer@@:{")
        #foreach($paramName in $context.authorizer.keySet())
            #set($inputString = "$inputString @@$paramName@@: @@$util.escapeJavaScript($context.authorizer.get($paramName))@@")
            #if($foreach.hasNext)
                #set($inputString = "$inputString,")
            #end
        #end
        #set($inputString = "$inputString }")
    #end

to stepfunctions.vtl template.

Other information

No response

Acknowledge

  • I may be able to implement this feature request
  • This feature might incur a breaking change
@rogerchi rogerchi added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Feb 9, 2022
@github-actions github-actions bot added the @aws-cdk/aws-apigateway Related to Amazon API Gateway label Feb 9, 2022
mergify bot pushed a commit that referenced this issue Mar 4, 2022
…igw sfn integration (#18892)

Implements #18891 

This PR adds the ability to include custom authorizer context in the Step Functions API Gateway integration.  This is useful if the custom authorizer sets custom context values, which can then be used downstream in the step function.  This adds a `authorizer: { ... }` key to the state input.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

github-actions bot commented Mar 7, 2022

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

TheRealAmazonKendra pushed a commit to TheRealAmazonKendra/aws-cdk that referenced this issue Mar 11, 2022
…igw sfn integration (aws#18892)

Implements aws#18891 

This PR adds the ability to include custom authorizer context in the Step Functions API Gateway integration.  This is useful if the custom authorizer sets custom context values, which can then be used downstream in the step function.  This adds a `authorizer: { ... }` key to the state input.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Development

No branches or pull requests

2 participants