A python helper library for AWS API Gateway Custom Authorizers
Project description
A python helper library for AWS API Gateway Custom Authorizers.
Installation
pip install aws-lambda-pyauthlib
or
pipenv install aws-lambda-pyauthlib
Quickstart
'''authorizer_handler.py'''
from pyauthlib import UserInfo, AuthPolicy, HttpMethod, parse_event, raise_401
from my_auth_client import get_client
def lambda_handler(event, _context):
'''Exchanges access token for user_info and returns the policy.
Unauthorized users are denied all access.
Users are allowed read access to all resources.
Admins are allowed full access to all resources.
'''
event = parse_event(event)
identity = get_client().get_identity(event.access_token)
user_info = UserInfo(identity['user_id'], identity['grants'])
policy = AuthPolicy(user_info)
if not user_info:
raise_401()
elif 'ROLE_ADMIN' in user_info.authorities:
policy.allow(event.arn(method=HttpMethod.ALL, resource='*'))
else:
policy.allow(event.arn(method=HttpMethod.GET, resource='*'))
return policy.build()
More Information
You can also return an arbitrary authorizer context, by passing kwargs into the UserInfo. A list of authorities is always required, but nothing is stopping you from using an empty list.
Go check out the examples!
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for aws-lambda-pyauthlib-0.2.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5787b323e519480408fd88a357b85b919ff63542ad93d37d94320a96f5caa554 |
|
MD5 | 7f7cd73cee3ec443dce3c949887f77e3 |
|
BLAKE2b-256 | 3ef7dc4d3a71d79e356da715df0e0b87bbb4e1127d6d8f5de44d2116fb23c749 |