3

在 AWS API 网关中,我使用自定义 lambda 授权器来验证请求标头。我需要根据验证结果更新现有标题或添加新标题。下面是 java 中的 lambda 授权逻辑,验证按预期工作。无论更新标头值,后端 lambda 中接收到的事件对象都是空的。

@Override
    public AuthPolicy handleRequest(APIGatewayProxyRequestEvent event, Context context) {
    LambdaLogger logger = context.getLogger();
    logger.log("Loading Java Lambda handler of Proxy");
    logger.log("Event Object  :  " + event.toString());

    Pattern requestIdpattern = Pattern.compile("[0-9a-f]{4}-[0-9A-Z]{3}");

    ProxyRequestContext reqContext = event.getRequestContext();
    boolean isValid = false;
    Map<String, String> headers = event.getHeaders();
    if (requestIdpattern.matcher(headers.get("x-request-id")).matches()) {
        isValid = true;
        headers.put("x-jid", UUID.randomUUID().toString());
    }
    if (isValid) {
        AuthPolicy authPolicy = new AuthPolicy("XXXX",
                PolicyDocument.getAllowPolicy("us-east-1", reqContext.getAccountId(), reqContext.getApiId(),
                        reqContext.getStage(), HttpMethod.getHttpMethod(reqContext.getHttpMethod()),
                        reqContext.getResourcePath()));
        return authPolicy;
    } else {
        AuthPolicy authPolicy = new AuthPolicy("XXXXXX",
                PolicyDocument.getDenyPolicy("us-east-1", reqContext.getAccountId(), reqContext.getApiId(),
                        reqContext.getStage(), HttpMethod.getHttpMethod(reqContext.getHttpMethod()),
                        reqContext.getResourcePath()));
        logger.log("Auth Policy Response Object  :  " + authPolicy.toString());
        return authPolicy;
    }
}

您能否告诉我如何配置授权方,以便在成功授权后将 API 网关请求的输入请求发送到集成服务。

4

0 回答 0