我今天花了大部分时间试图让授权者工作,我检查了多个示例,它们似乎都在做与我的代码所做的相同的事情。
我使用无服务器框架,这是授权代码:
exports.handler = function (event: APIGatewayTokenAuthorizerEvent): APIGatewayAuthorizerResult {
const authorizer = new Authorizer();
try {
if (!event.authorizationToken) throw new Error("No token");
const token = event.authorizationToken.split(" ")[1];
const decodedData = authorizer.verifyToken(token) as unknown as User;
const policy = generatePolicy(token, event.methodArn);
return {
...policy,
context: {
user: JSON.stringify(decodedData),
},
};
} catch (err) {
console.log(err);
throw "Unauthorized";
}
};
const generatePolicy = (principalId: string, methodArn: string) => {
return {
principalId,
policyDocument: {
Version: "2012-10-17",
Statement: [
{
Action: "execute-api:Invoke",
Effect: …javascript amazon-web-services node.js lambda-authorizer aws-jwt-authorizer