-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Boilerplate feels incomplete (restricted area with cognito user pool authorization needed) #29
Comments
@kidsil I've thought about it also and that would be a great feature. How far did you manage to implement it? |
Sadly not very far, I've tried over and over again to get a request through the Authorizer (following the docs) without any luck. That's how the events portion of my main/serverless.yml config file looks like:
This might be useful, couldn't get much out of it though.. |
thanks, I'll try to take some time for this soon. |
@laardee I have a rough code sample done that is able to grab the Token ID (and Refresh Token, and Access Token) JWT: https://gist.github.com/kidsil/cb0112e912960f517d88c586e333bdc3 The only thing that's still not working is getting through the API Gateway Authorize (tried to use |
Got it to work! Will update soon with a complete solution! The bug I had was somewhat unrelated: serverless/serverless#3088 |
Great! |
I'm still not sure the best way to cache the Authentication Token & Refresh
Token.
I guess I could put it in Local storage..
My gist works as is. Since I'm not sure in which way you'd like to
integrate it into the repo, I'd rather leave it as is for now.
Let me know if you need any further help with integration.
…On Jan 27, 2017 10:27, "Eetu Tuomala" ***@***.***> wrote:
Great!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#29 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAJdRs3I4zVZWV381Vw8xsCuTva6E4x6ks5rWbhpgaJpZM4LrCeM>
.
|
Is the AuthorizationToken generated here https://github.com/laardee/serverless-authentication/blob/master/lib/utils.js#L112 related to the Authorization Token that is required by AWS API Gateway (when using User Pool Authorization)? |
Hey,
I've been working with this boilerplate on and off, but it feels incomplete.
Now that API Gateway allows Authorization via Cognito User Pools, I feel like there should be an example included of a restricted zone that is only accessible via a user pool user.
Serverless.yml supports this type of authorization, but I couldn't get it to work myself (otherwise I would've sent a Pull Request..).
The text was updated successfully, but these errors were encountered: