Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

HTTP API Gateway JWT Authorizer to take identity source from cookie

I am working with HTTP API Gateway with JWT Authorizer. I have got it to work with placing the JWT in the Authorization header with the request. However, due to a requirement, I need to be able to place the JWT in the Cookie header instead. I am not able to get the API Gateway to pick a particular cookie inside the Cookie header. I tried the following identity source expressions:

  1. $request.header.Cookie.[myCookieName]
  2. $request.header.Cookie.myCookieName

None of them worked and I am not sure what else could be done. Does HTTP API version of API gateway supports this? If it does, any suggestions?

The alternate solution would be to use the REST version with a custom authorizer lambda but I do not want to go that route because of another problem not mentioned here.

like image 314
Ashish Goel Avatar asked Mar 26 '20 05:03

Ashish Goel


People also ask

How does API gateway authorizer caching work?

API Gateway uses the specified identity sources as the request authorizer caching key. When caching is enabled, API Gateway calls the authorizer's Lambda function only after successfully verifying that all the specified identity sources are present at runtime.

What should be returned from an API gateway authorizer?

If the API uses a usage plan (the apiKeySource is set to AUTHORIZER ), the Lambda authorizer function must return one of the usage plan's API keys as the usageIdentifierKey property value.

How do you authenticate using JWT tokens?

To authenticate a user, a client application must send a JSON Web Token (JWT) in the authorization header of the HTTP request to your backend API. API Gateway validates the token on behalf of your API, so you don't have to add any code in your API to process the authentication.


1 Answers

Accessing cookies is currently not possible.

Such a feature request has been posted on AWS Forums and is in the backlog.

like image 171
tomasz Avatar answered Nov 10 '22 11:11

tomasz