A python helper library for AWS API Gateway Custom Authorizers
Project description
A python helper library for AWS API Gateway Custom Authorizers.
Installation
pip install aws-lambda-pyauthlib
or
pipenv install aws-lambda-pyauthlib
Quickstart
'''authorizer_handler.py'''
from pyauthlib import UserInfo, AuthPolicy, HttpMethod, parse_event, raise_401
from my_auth_client import get_client
def lambda_handler(event, _context):
'''Exchanges access token for user_info and returns the policy.
Unauthorized users are denied all access.
Users are allowed read access to all resources.
Admins are allowed full access to all resources.
'''
event = parse_event(event)
identity = get_client().get_identity(event.access_token)
user_info = UserInfo(identity['user_id'], identity['grants'])
policy = AuthPolicy(user_info)
if not user_info:
raise_401()
elif 'ROLE_ADMIN' in user_info.authorities:
policy.allow(event.arn(method=HttpMethod.ALL, resource='*'))
else:
policy.allow(event.arn(method=HttpMethod.GET, resource='*'))
return policy.build()
More Information
You can also return an arbitrary authorizer context, by passing kwargs into the UserInfo. A list of authorities is always required, but nothing is stopping you from using an empty list.
Go check out the examples!
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for aws-lambda-pyauthlib-0.2.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 345a88a7c7de6694da4bd1c769ed7306ac5e4e22d96d70c909a7493b9c019971 |
|
MD5 | 44bcadd5eb62adb114c88c11709c7ddb |
|
BLAKE2b-256 | 78c61ca0dcee2f154afff2ae08da9485a72254092de3284b4bb531052d290c42 |