feat: add lambda proxy authorizer enhancedAuthContext

dherault · Aug 11, 2019 · abcc0fd · abcc0fd
1 parent c6e3e1b
commit abcc0fd
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 0 deletions.
diff --git a/src/config/offline-default.req.vm b/src/config/offline-default.req.vm
@@ -17,6 +17,8 @@
   "query": $loop,
   #set( $map = $input.params().path )
   "path": $loop,
+  #set( $map = $context.enhancedAuthContext )
+  "enhancedAuthContext": $loop,
   #set( $map = $context.identity )
   "identity": $loop,
   #set( $map = $stageVariables )

diff --git a/src/createAuthScheme.js b/src/createAuthScheme.js
@@ -132,6 +132,8 @@ module.exports = function createAuthScheme(
 
       event.methodArn = `arn:aws:execute-api:${options.region}:${accountId}:${apiId}/${options.stage}/${httpMethod}${resourcePath}`
 
+      event.enhancedAuthContext = {}
+
       event.requestContext = {
         accountId,
         apiId,
@@ -204,13 +206,20 @@ module.exports = function createAuthScheme(
               `Authorization function returned a successful response: (λ: ${authFunName})`,
             )
 
+            const enhancedAuthContext = {
+              principalId: policy.principalId,
+              integrationLatency: '42',
+              ...policy.context,
+            }
+
             // Set the credentials for the rest of the pipeline
             return resolve(
               h.authenticated({
                 credentials: {
                   context: policy.context,
                   usageIdentifierKey: policy.usageIdentifierKey,
                   user: policy.principalId,
+                  enhancedAuthContext,
                 },
               }),
             )

diff --git a/src/createVelocityContext.js b/src/createVelocityContext.js
@@ -39,6 +39,10 @@ module.exports = function createVelocityContext(request, options, payload) {
   const path = (x) => jsonPath(payload || {}, x)
   const authPrincipalId =
     request.auth && request.auth.credentials && request.auth.credentials.user
+  const enhancedAuthContext =
+    request.auth &&
+    request.auth.credentials &&
+    request.auth.credentials.enhancedAuthContext
   const headers = request.unprocessedHeaders
 
   let token = headers && (headers.Authorization || headers.authorization)
@@ -67,6 +71,7 @@ module.exports = function createVelocityContext(request, options, payload) {
           process.env.PRINCIPAL_ID ||
           'offlineContext_authorizer_principalId', // See #24
       },
+      enhancedAuthContext: enhancedAuthContext || {},
       httpMethod: request.method.toUpperCase(),
       identity: {
         accountId: 'offlineContext_accountId',