Aws lambda 无服务器框架-具有授权者COGNITO_用户_池的Lambda函数始终返回“Unauthorized”
我不知道我的授权有什么问题 我有一个Hello函数,它只返回一个简单的静态消息。如果我在没有设置授权器的情况下部署,它会工作。我考过邮递员。当我尝试添加授权人时,问题开始出现 我的白兰地酒已经充分发挥作用了。在我的前端,我可以注册,然后登录,然后从这个登录会话中获取令牌 当我去邮递员那里做测试时,我总是得到未经授权的答案。 在Postman上,我对GET方法进行了测试,在Headers选项卡上,我添加了Authorization属性,并将其粘贴到我从登录会话获得的令牌的值上。我还按照一些推荐的地方,在前缀承载的值字段上测试了这一点。没有成功 过去一周我一直在努力解决这个问题。请,任何帮助都会非常有用 serverless.yml phraseOptions.js 我可以看到该函数是使用正确的身份验证创建的: 我猜授权人也会按预期创建 昂首阔步Aws lambda 无服务器框架-具有授权者COGNITO_用户_池的Lambda函数始终返回“Unauthorized”,aws-lambda,aws-api-gateway,amazon-cognito,serverless-framework,unauthorized,Aws Lambda,Aws Api Gateway,Amazon Cognito,Serverless Framework,Unauthorized,我不知道我的授权有什么问题 我有一个Hello函数,它只返回一个简单的静态消息。如果我在没有设置授权器的情况下部署,它会工作。我考过邮递员。当我尝试添加授权人时,问题开始出现 我的白兰地酒已经充分发挥作用了。在我的前端,我可以注册,然后登录,然后从这个登录会话中获取令牌 当我去邮递员那里做测试时,我总是得到未经授权的答案。 在Postman上,我对GET方法进行了测试,在Headers选项卡上,我添加了Authorization属性,并将其粘贴到我从登录会话获得的令牌的值上。我还按照一些推荐的地
我已经找出了问题所在 服务器端还可以。在邮递员身上测试它的问题就是代币。 我使用的是cognitoUser.signInUserSession.accessToken.jwtToken,但应该是cognitoUser.signInUserSession.idToken.jwtToken
现在一切正常。我已经找出了问题所在 服务器端还可以。在邮递员身上测试它的问题就是代币。 我使用的是cognitoUser.signInUserSession.accessToken.jwtToken,但应该是cognitoUser.signInUserSession.idToken.jwtToken
现在一切正常。你也能分享这个文件吗?我对Serverless很新,好吗?据我所知,我没有使用任何招摇过市的文件。好的,不用担心。最后,我做完了。我刚刚加了。谢谢你告诉我如何提供这些信息=你也能分享这个文件吗?我对Serverless很新,好吗?据我所知,我没有使用任何招摇过市的文件。好的,不用担心。最后,我做完了。我刚刚加了。谢谢你还说了如何提供这些信息=希望我能不止一次地投票,我花了好几个小时的时间来反对完全相同的问题希望我能不止一次地投票,我花了好几个小时来反对完全相同的问题
provider:
name: aws
runtime: nodejs10.x
stage: dev
region: eu-west-1
environment:
MY_TABLE: ${self:custom.myStage}_${self:custom.settings.tb_items}
MY_STAGE: ${self:custom.myStage}
MY_DOMAIN: ${self:custom.myDomain}
iamRoleStatements:
- Effect: "Allow"
Action:
- "dynamodb:GetItem"
- "dynamodb:PutItem"
- "dynamodb:UpdateItem"
- "dynamodb:DeleteItem"
- "dynamodb:Scan"
Resource: "*"
functions:
hello:
handler: ${self:custom.pathFunc}/phraseOption.hello
events:
- http:
method: GET
path: hello
cors: true
integration: lambda-proxy
authorizer:
type: COGNITO_USER_POOLS
authorizerId:
Ref: ApiGatewayAuthorizer
resources:
Resources:
CognitoUserPool:
Type: "AWS::Cognito::UserPool"
DeletionPolicy: Retain
Properties:
MfaConfiguration: OFF
UserPoolName: ${self:custom.myStage}_aePool
EmailVerificationSubject: 'Your verification Code'
EmailVerificationMessage: 'Use this code to confirm your sign up {####}'
AutoVerifiedAttributes:
- email
UsernameAttributes:
- email
Policies:
PasswordPolicy:
MinimumLength: 6
RequireLowercase: False
RequireNumbers: False
RequireSymbols: False
RequireUppercase: False
CognitoUserPoolClient:
Type: "AWS::Cognito::UserPoolClient"
DeletionPolicy: Retain
Properties:
ClientName: ${self:custom.myStage}_aePoolClient
GenerateSecret: False
UserPoolId:
Ref: CognitoUserPool
ApiGatewayAuthorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
Name: CognitoUserPool
Type: COGNITO_USER_POOLS
IdentitySource: method.request.header.Authorization
RestApiId:
Ref: ApiGatewayRestApi
ProviderARNs:
- Fn::GetAtt:
- CognitoUserPool
- Arn
module.exports.hello = (event, context, callback) => {
const response = {
statusCode: 200,
body: JSON.stringify({
message: 'Your function executed successfully!',
input: event,
}),
};
callback(null, response);
};
---
swagger: "2.0"
info:
version: "2019-10-07T21:24:17Z"
title: "XXXXXX"
host: "XXXXXX"
basePath: "/dev"
schemes:
- "https"
paths:
/getPhrase:
get:
responses: {}
options:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin:
type: "string"
Access-Control-Allow-Methods:
type: "string"
Access-Control-Allow-Credentials:
type: "string"
Access-Control-Allow-Headers:
type: "string"
/hello:
get:
responses: {}
security:
- CognitoUserPool: []
/item:
post:
responses: {}
options:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin:
type: "string"
Access-Control-Allow-Methods:
type: "string"
Access-Control-Allow-Credentials:
type: "string"
Access-Control-Allow-Headers:
type: "string"
/item/{itemId}:
get:
responses: {}
put:
responses: {}
delete:
responses: {}
options:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin:
type: "string"
Access-Control-Allow-Methods:
type: "string"
Access-Control-Allow-Credentials:
type: "string"
Access-Control-Allow-Headers:
type: "string"
/items:
get:
responses: {}
options:
consumes:
- "application/json"
produces:
- "application/json"
responses:
200:
description: "200 response"
headers:
Access-Control-Allow-Origin:
type: "string"
Access-Control-Allow-Methods:
type: "string"
Access-Control-Allow-Credentials:
type: "string"
Access-Control-Allow-Headers:
type: "string"
securityDefinitions:
CognitoUserPool:
type: "apiKey"
name: "Authorization"
in: "header"
x-amazon-apigateway-authtype: "cognito_user_pools"