Product
Introducing SSO
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
@goodgamestudios/aws-jwt-authorizer
Advanced tools
Readme
A flexible JWT Authorizer function for AWS Lambda
aws-jwt-authorizer
is heavily based Mohamed’s Authorizer and Secrets Manager and Chad’s ggs-serverless-jwt
.
This implementation adds the following:
iss
) in the JWTnpm add @goodgamestudios/aws-jwt-authorizer
Then modify your serverless.yml
to make use of this. Add the following
function
with a suitable name:
function:
...
jwt-authorizer:
handler: @goodgamestudios/aws-jwt-authorizer
name: service_stage_jwt-authorizer
Define the following environment variables,
provider:
environment:
JWT_AUTH_ISSUERS: A space or comma separated, case sensitive list of acceptable issuers
GAME_STAGE: 'live' or 'test'
# Optional
JWT_AUTH_ALGORITHMS: Defaults to 'RS256, RS384, RS512'
JWT_AUTH_CLOCK_TOLERANCE: 30
AWS_SECRET_VALUE_TTL: e.g. '10 min', '20s' etc
In your existing functions, do
function:
app:
handler: existing_handler.app
events:
- http:
path: "/path"
method: get
# This is the important bit!:
authorizer:
name: jwt-authorizer
resultTtlInSeconds: 60
identitySource: method.request.header.Authorization
identityValidationExpression: '^Bearer [-0-9a-zA-Z.+/=_]*$'
createJwtAuthorizer
is fully customizable. All arguments are optional.
const createJwtAuthorizer = require('@goodgamestudios/aws-jwt-authorizer/create')
module.exports = createJwtAuthorizer({
algorithms: 'RS256', // string or array of strings
issuer: ['myIssuer', 'myOtherIssuer'], // string or array of strings
clockTolerance: 60,
getToken(event) {…},
getPublicKey(event, decodedToken) {…},
shouldAllow(event, verifiedToken) {…}
})
getToken(event)
- get the JWT based on event
getPublicKey(event, decodedToken)
- get the public key based on event
and decodedToken
. This key will be used to verify the token’s signature.shouldAllow(event, verifiedToken)
- return true
if access to the requested resource should be allowed, based on the event
and verifiedToken
FAQs
A flexible JWT Authorizer for Serverless functions
The npm package @goodgamestudios/aws-jwt-authorizer receives a total of 2 weekly downloads. As such, @goodgamestudios/aws-jwt-authorizer popularity was classified as not popular.
We found that @goodgamestudios/aws-jwt-authorizer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 20 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.