Giter Club home page Giter Club logo

aws-node-auth0-custom-authorizers-api's Introduction

API Gateway Custom Authorizer Function + Auth0

This is an example of how to protect API endpoints with auth0, JSON Web Tokens (jwt) and a custom authorizer lambda function.

Custom Authorizers allow you to run an AWS Lambda Function before your targeted AWS Lambda Function. This is useful for Microservice Architectures or when you simply want to do some Authorization before running your business logic.

View live demo

Use cases

  • Protect API routes for authorized users
  • Rate limiting APIs

Setup

  1. npm install json web token dependencies

  2. Setup an auth0 application.

  3. Get your Client ID (under applications->${YOUR_APP_NAME}->settings) and plugin your AUTH0_CLIENT_ID in a new file called secrets.json (based on secrets.example.json).

  4. Get your public key (under applications->${YOUR_APP_NAME}->settings->Show Advanced Settings->Certificates->DOWNLOAD CERTIFICATE). Download it as PEM format and save it as a new file called public_key

  5. Deploy the service with serverless deploy and grab the public and private endpoints.

  6. Plugin your AUTH0_CLIENT_ID, AUTH0_DOMAIN, and the PUBLIC_ENDPOINT + PRIVATE_ENDPOINT from aws in top of the frontend/app.js file.

/* frontend/app.js */
// replace these values in app.js
const AUTH0_CLIENT_ID = 'your-auth0-client-id-here';
const AUTH0_DOMAIN = 'your-auth0-domain-here.auth0.com';
const PUBLIC_ENDPOINT = 'https://your-aws-endpoint-here.amazonaws.com/dev/api/public';
const PRIVATE_ENDPOINT = 'https://your-aws-endpoint-here.us-east-1.amazonaws.com/dev/api/private';
  1. Deploy Frontend to host of your choosing and make sure to configure the Allowed Callback URL and Allowed Origins in your auth0 client in the auth0 dashboard. We used http://auth0-serverless-protected-routes-demo.surge.sh/ for our demo.

Custom authorizer functions

Custom authorizers functions are executed before a Lambda function is executed and return an Error or a Policy document.

The Custom authorizer function is passed an event object as below:

{
  "type": "TOKEN",
  "authorizationToken": "<Incoming bearer token>",
  "methodArn": "arn:aws:execute-api:<Region id>:<Account id>:<API id>/<Stage>/<Method>/<Resource path>"
}

Frontend

The frontend is a bare bones vanilla javascript implementation.

You can replace it with whatever frontend framework you like =)

If you do implement in another framework, please consider adding it our growing list of examples!

API calls are made with the browser's native fetch api.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.