-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
55 lines (45 loc) · 1.47 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package main
import (
"context"
"errors"
"github.com/aws/aws-lambda-go/events"
"github.com/aws/aws-lambda-go/lambda"
)
// Help function to generate an IAM policy
func generatePolicy(principalId, effect, resource string, custommessage string) events.APIGatewayCustomAuthorizerResponse {
authResponse := events.APIGatewayCustomAuthorizerResponse{PrincipalID: principalId}
if effect != "" && resource != "" {
authResponse.PolicyDocument = events.APIGatewayCustomAuthorizerPolicy{
Version: "2012-10-17",
Statement: []events.IAMPolicyStatement{
{
Action: []string{"execute-api:Invoke"},
Effect: effect,
Resource: []string{resource},
},
},
}
}
// Optional output with custom properties of the String, Number or Boolean type.
authResponse.Context = map[string]interface{}{
"stringKey": custommessage,
"numberKey": 123,
"booleanKey": true,
}
return authResponse
}
func handleRequest(ctx context.Context, event events.APIGatewayCustomAuthorizerRequest) (events.APIGatewayCustomAuthorizerResponse, error) {
token := event.AuthorizationToken
if len(token) == 0 {
return events.APIGatewayCustomAuthorizerResponse{}, errors.New("Unauthorized") // Return a 401 Unauthorized response}
}
switch token {
case "token_a_validar_tipo_key":
return generatePolicy("user", "Allow", event.MethodArn, ""), nil
default:
return generatePolicy("user", "Deny", event.MethodArn, "Error: Invalid token"), nil
}
}
func main() {
lambda.Start(handleRequest)
}