3

I'm using AWS lambda serverless WEB API application. My controller having one method that simply returns some string value. I want to add an authentication layer which authenticates the requester. The requester should pass "Authorizer" key to the header to authenticate.

This article help me to do so. I used this example.

I created one Custom Authorizer lambda which authenticates the user passed in the header of API request. Buth my Custom Authorizer is not calling when I hit API URL. Below is my Custom Authorizer lambda function code

public APIGatewayCustomAuthorizerResponse FunctionHandler(APIGatewayCustomAuthorizerRequest apigAuthRequest, ILambdaContext context)
    {


        Console.WriteLine("1");

        bool ok = false;

        if (apigAuthRequest.Headers["Authorization"] == "test")
        {
            ok = true;
            Console.WriteLine("2");
        }
        return new APIGatewayCustomAuthorizerResponse
        {
            PrincipalID = "test",
            PolicyDocument = new APIGatewayCustomAuthorizerPolicy
            {
                Version = "2012-10-17",
                Statement = new List<APIGatewayCustomAuthorizerPolicy.IAMPolicyStatement>() {
                  new APIGatewayCustomAuthorizerPolicy.IAMPolicyStatement
                  {
                       Action = new HashSet<string>(){"execute-api:Invoke"},
                       Effect = ok ? "Allow" : "Deny",
                       Resource = new HashSet<string>(){ apigAuthRequest.MethodArn } // resource arn here
                  }
            },
            }
        };

    }

I'm expecting that this function should call when I invoke my API.

Below is the screenshot of AWS Console --> API Gateway where I configured custom authorizer for my API.

enter image description here

enter image description here

Why my authorizer is not called when I hit API URL.

Improve this question
2
  • How do you know it is not called? What do you expect to see? and what's the actual response? Commented Feb 5, 2019 at 20:59
  • How do you know it is not called -- There should be cloudwatch logs when authorizer lambda function called. But no logs there. What do you expect to see -- I'm expecting that my API should not return output if custom-authorizer is not valid or Deny. what's the actual response -- API controller method return a string value. But as custom-authorizer is placed, it should not return string value if custom-authorizer return Deny response. Commented Feb 6, 2019 at 7:03

1 Answer 1

Reset to default
7

Custom authorizers start to work only after you deploy a stage. Make sure you deployed yours.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Arghhh.... How I missed it!!!.. I forgot to deploy it. And after deploy it works for me.
Awesome! Good to hear :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.