forked from tom-smith-okta/node-lambda-oauth2-jwt-authorizer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ws-handler.js
41 lines (37 loc) · 1.47 KB
/
ws-handler.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
const VerifyToken = require("./verify-token.js");
exports.wshandler = function(event, context) {
console.log('Received event:', JSON.stringify(event, null, 2));
const queryStringParameters = event.queryStringParameters;
var accessToken = queryStringParameters.AuthToken
if(!accessToken){
console.log(' AuthToken not fund:', JSON.stringify(event, null, 2));
const arr = event.headers.Authorization.split(" ");
var accessToken = arr[1];
}
console.log("Access token: " + accessToken);
return VerifyToken.verifyAccessToken(accessToken, event, context,wsAllowAccess);
}
const generatePolicy = function(event, effect, email) {
var authResponse = {};
const resource = event.methodArn;
authResponse.principalId = email;
if (effect) {
var policyDocument = {};
policyDocument.Version = '2012-10-17'; // default version
policyDocument.Statement = [];
var statementOne = {};
statementOne.Action = 'execute-api:Invoke'; // default action
statementOne.Effect = effect;
statementOne.Resource = resource;
policyDocument.Statement[0] = statementOne;
authResponse.policyDocument = policyDocument;
}
authResponse.build = function(context={}){
authResponse.context=context;
return authResponse;
};
return authResponse;
}
const wsAllowAccess = function(event, email) {
return generatePolicy(event, 'Allow', VerifyToken.transpileToComEmail(email));
}