New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
httpApi custom authorizer does not work by the docs #1624
Comments
thank you for filing the issue @srodriki I tried to reproduce with your provided |
Hey @dnalborczyk thank you so much for looking into it. The problem also happens when deploying to AWS, that's why I filed the issue in the main repo, but got redirected here. This is the original issue. Anyways, I'll take the discussion over there and reference this ticket. Thank you so much! |
no problem. I added some notes in the original issue. closing this for housekeeping. if there's still an issue with |
just deployed to AWS, which appears to work. it looks like an issue with |
i'm also facing this issue, is it expected to be resolved soon? |
Hello. it seems that this configuration works when deploying to the cloud but not offline as I get the Function "auth" doesn't exist in this Service error.
while this one works for offline but I get Event references not configured authorizer 'auth-function'
So it's pretty close, but is there any way to be consistent between the two environments? |
Has anyone been able to use the option enableSimpleResponses: true? |
I also ran into this issue but I found a workaround. If you use the same name for both the authorizer and the function then it works both with serverless-offline and also when deployed to AWS For example: service: my-service
frameworkVersion: '3'
provider:
name: aws
runtime: nodejs18.x
httpApi:
authorizers:
myAuthorizer:
type: request
functionName: myAuthorizer
enableSimpleResponses: true
functions:
dataHandler:
handler: dataHandler.handler
events:
- httpApi:
path: /my-path
method: get
authorizer:
name: myAuthorizer
myAuthorizer:
handler: myAuthorizerHandler.handler |
Yes, I'm using that setting (see my previous message) and my authorizer is like this (using TypeScript): 'use strict';
import type {
APIGatewayRequestAuthorizerEventV2,
APIGatewaySimpleAuthorizerResult,
} from 'aws-lambda';
export const handler = async (
event: APIGatewayRequestAuthorizerEventV2
): Promise<APIGatewaySimpleAuthorizerResult> => {
const { headers } = event;
// serverless-offline uses capitalized headers while AWS uses all lowercase header names here
const authHeader = headers?.authorization ?? headers?.Authorization;
const isAuthorized = authHeader === `Bearer ${process.env.MY_ACCESS_TOKEN}`;
return { isAuthorized };
}; |
@Haprog Are you sure serverless isn't directly referencing your auth function now. I tried this method but api gateway doesn't seem to be using the other attributes I set in that authorizer. For example, i set type: request and resultTtlInSeconds: 0. I'm also setting the identitysource, but don't see those in reflected in api gateway |
I'm not sure. I haven't worked with serverless in over 6 month now and can't remember the details of this that well anymore so I'm probably not going to spend time checking this unless I need to get back to that project (or if I need this in the future). |
This does not work if you have authorizer configured with Cognito and not custom lambda function. |
Hello, any updates on this issue? Seeing the same error here. |
I looked into the source a bit because I was running into the same issue, and this is what I noticed as the core part of the problem. The original reported error of The good news is that I was able to hack together a solution locally which pulls configuration from both the |
Can you share your local hack please ? :) |
The linked PR #1763 contains the changes that I've been using. |
Thanks @adamldoyle , but why is no one looking at your PR ? :'( |
I think they're struggling with keeping active maintainers and at this point there's a large backlog of open PRs. My solution has been to publish a version with the fixes that I need and use that instead. |
Bug Report
Serverless doesn't allow for custom httpApi authorizers as shown in the documentation.
Current Behavior
Create a simple project using the following serverless.yml definition as found here
Run the project using serverless-offline.
Get the following error as result:
The command throws the following error:
Function "authorizerFunc" doesn't exist in this Service
Sample Code
Expected behavior/code
The expected behavior is that serverless-offline runs the local instance normally.
Environment
Running "serverless" from node_modules Framework Core: 3.25.0 (local) 3.25.0 (global) Plugin: 6.2.2 SDK: 4.3.2
The text was updated successfully, but these errors were encountered: