feat: add lambda proxy authorizer enhancedAuthContext

dherault · Aug 11, 2019 · 5b0bea0 · 5b0bea0
1 parent 891dfba
commit 5b0bea0
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 6 deletions.
diff --git a/src/config/offline-default.req.vm b/src/config/offline-default.req.vm
@@ -17,6 +17,8 @@
   "query": $loop,
   #set( $map = $input.params().path )
   "path": $loop,
+  #set( $map = $context.enhancedAuthContext )
+  "enhancedAuthContext": $loop,
   #set( $map = $context.identity )
   "identity": $loop,
   #set( $map = $stageVariables )

diff --git a/src/createAuthScheme.js b/src/createAuthScheme.js
@@ -132,6 +132,8 @@ module.exports = function createAuthScheme(
 
       event.methodArn = `arn:aws:execute-api:${options.region}:${accountId}:${apiId}/${options.stage}/${httpMethod}${resourcePath}`;
 
+      event.enhancedAuthContext = {};
+
       event.requestContext = {
         accountId,
         apiId,
@@ -217,7 +219,13 @@ module.exports = function createAuthScheme(
 
               serverlessLog(
                 `Authorization function returned a successful response: (λ: ${authFunName})`,
-              )
+              );
+
+              const enhancedAuthContext = {
+                principalId: policy.principalId,
+                integrationLatency: '42',
+                ...policy.context,
+              };
 
               // Set the credentials for the rest of the pipeline
               return resolve(
@@ -226,9 +234,10 @@ module.exports = function createAuthScheme(
                     context: policy.context,
                     usageIdentifierKey: policy.usageIdentifierKey,
                     user: policy.principalId,
+                    enhancedAuthContext,
                   },
                 }),
-              )
+              );
             };
 
             if (result && typeof result.then === 'function') {

diff --git a/src/createVelocityContext.js b/src/createVelocityContext.js
@@ -28,6 +28,10 @@ module.exports = function createVelocityContext(request, options, payload) {
   const path = (x) => jsonPath(payload || {}, x);
   const authPrincipalId =
     request.auth && request.auth.credentials && request.auth.credentials.user;
+  const enhancedAuthContext =
+    request.auth &&
+    request.auth.credentials &&
+    request.auth.credentials.enhancedAuthContext;
   const headers = request.unprocessedHeaders;
 
   let token = headers && (headers.Authorization || headers.authorization);
@@ -56,6 +60,7 @@ module.exports = function createVelocityContext(request, options, payload) {
           'offlineContext_authorizer_principalId', // See #24
         claims,
       },
+      enhancedAuthContext: enhancedAuthContext || {},
       httpMethod: request.method.toUpperCase(),
       identity: {
         accountId: 'offlineContext_accountId',
@@ -82,10 +87,10 @@ module.exports = function createVelocityContext(request, options, payload) {
         typeof x === 'string'
           ? request.params[x] || request.query[x] || headers[x]
           : {
-              header: headers,
-              path: Object.assign({}, request.params),
-              querystring: Object.assign({}, request.query),
-            },
+            header: headers,
+            path: Object.assign({}, request.params),
+            querystring: Object.assign({}, request.query),
+          },
     },
     stageVariables: options.stageVariables,
     util: {