Skip to main content
Help improve PyPI by participating in a 5-minute user interface survey!

A python helper library for AWS API Gateway Custom Authorizers

Project Description

https://travis-ci.org/oharaandrew314/aws-lambda-pyauthlib.svg?branch=master codecov.io

A python helper library for AWS API Gateway Custom Authorizers.

Installation

pip install aws-lambda-pyauthlib

or

pipenv install aws-lambda-pyauthlib

Quickstart

'''authorizer_handler.py'''
from pyauthlib import UserInfo, AuthPolicy, HttpMethod, parse_event, raise_401
from my_auth_client import get_client

def lambda_handler(event, _context):
    '''Exchanges access token for user_info and returns the policy.
        Unauthorized users are denied all access.
        Users are allowed read access to all resources.
        Admins are allowed full access to all resources.
    '''
    event = parse_event(event)

    identity = get_client().get_identity(event.access_token)
    user_info = UserInfo(identity['user_id'], identity['grants'])
    policy = AuthPolicy(user_info)

    if not user_info:
        raise_401()
    elif 'ROLE_ADMIN' in user_info.authorities:
        policy.allow(event.arn(method=HttpMethod.ALL, resource='*'))
    else:
        policy.allow(event.arn(method=HttpMethod.GET, resource='*'))

    return policy.build()

More Information

You can also return an arbitrary authorizer context, by passing kwargs into the UserInfo. A list of authorities is always required, but nothing is stopping you from using an empty list.

Go check out the examples!

Release history Release notifications

This version
History Node

0.2.2

History Node

0.2.1

History Node

0.2.0

History Node

0.1.2

History Node

0.1.1

History Node

0.1.0

History Node

0.1.0.dev1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
aws-lambda-pyauthlib-0.2.2.tar.gz (4.6 kB) Copy SHA256 hash SHA256 Source None Nov 21, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page