-
Notifications
You must be signed in to change notification settings - Fork 2
/
authorizer.js
51 lines (42 loc) · 1.58 KB
/
authorizer.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
'use strict';
const admin = require('./firebase-admin');
const AuthPolicy = require('./lib/utils');
module.exports.auth = (event, context, callback) => {
if (!event.authorizationToken) {
callback('Unauthorized');
}
const tokenParts = event.authorizationToken.split(' ');
const tokenValue = tokenParts[1];
if (!(tokenParts[0].toLowerCase() === 'bearer' && tokenValue)) {
// no auth token!
callback('Unauthorized');
}
admin.auth().verifyIdToken(tokenValue)
.then(function(decodedToken) {
console.log('decoded yea');
console.log(decodedToken);
console.log(event.methodArn);
const principalId = decodedToken.uid;
var apiOptions = {};
var tmp = event.methodArn.split(':');
var apiGatewayArnTmp = tmp[5].split('/');
var awsAccountId = tmp[4];
apiOptions.region = tmp[3];
apiOptions.restApiId = apiGatewayArnTmp[0];
apiOptions.stage = apiGatewayArnTmp[1];
var method = apiGatewayArnTmp[2];
var resource = '/'; // root resource
if (apiGatewayArnTmp[3]) {
resource += apiGatewayArnTmp.slice(3, apiGatewayArnTmp.length).join('/');
}
var policy = new AuthPolicy(principalId, awsAccountId, apiOptions);
policy.allowAllMethods();
var authResponse = policy.build();
context.succeed(policy.build());
//callback(null, generatePolicy('user', 'Allow', '*'));
}).catch(function(error) {
// Handle error
console.log(error);
callback('Unauthorized');
});
};