@goodgamestudios/aws-jwt-authorizer
Advanced tools
A flexible JWT Authorizer function for AWS Lambda
aws-jwt-authorizer is heavily based Mohamed’s Authorizer and Secrets Manager and Chad’s ggs-serverless-jwt.
This implementation adds the following:
iss) in the JWTnpm add @goodgamestudios/aws-jwt-authorizer
Then modify your serverless.yml to make use of this. Add the following
function with a suitable name:
function:
...
jwt-authorizer:
handler: @goodgamestudios/aws-jwt-authorizer
name: service_stage_jwt-authorizer
Define the following environment variables,
provider:
environment:
JWT_AUTH_ISSUERS: A space or comma separated, case sensitive list of acceptable issuers
GAME_STAGE: 'live' or 'test'
# Optional
JWT_AUTH_ALGORITHMS: Defaults to 'RS256, RS384, RS512'
JWT_AUTH_CLOCK_TOLERANCE: 30
AWS_SECRET_VALUE_TTL: e.g. '10 min', '20s' etc
In your existing functions, do
function:
app:
handler: existing_handler.app
events:
- http:
path: "/path"
method: get
# This is the important bit!:
authorizer:
name: jwt-authorizer
resultTtlInSeconds: 60
identitySource: method.request.header.Authorization
identityValidationExpression: '^Bearer [-0-9a-zA-Z.+/=_]*$'
createJwtAuthorizer is fully customizable. All arguments are optional.
const createJwtAuthorizer = require('@goodgamestudios/aws-jwt-authorizer/create')
module.exports = createJwtAuthorizer({
algorithms: 'RS256', // string or array of strings
issuer: ['myIssuer', 'myOtherIssuer'], // string or array of strings
clockTolerance: 60,
getToken(event) {…},
getPublicKey(event, decodedToken) {…},
shouldAllow(event, verifiedToken) {…}
})
getToken(event) - get the JWT based on eventgetPublicKey(event, decodedToken) - get the public key based on event and decodedToken. This key will be used to verify the token’s signature.shouldAllow(event, verifiedToken) - return true if access to the requested resource should be allowed, based on the event and verifiedTokenFAQs
A flexible JWT Authorizer for Serverless functions
The npm package @goodgamestudios/aws-jwt-authorizer receives a total of 2 weekly downloads. As such, @goodgamestudios/aws-jwt-authorizer popularity was classified as not popular.
We found that @goodgamestudios/aws-jwt-authorizer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 20 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
Security News
React's CRA deprecation announcement sparked community criticism over framework recommendations, leading to quick updates acknowledging build tools like Vite as valid alternatives.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.