Giter VIP home page Giter VIP logo

Comments (6)

sapessi avatar sapessi commented on September 24, 2024 1

I've implemented these changes. You can now cast the Principal field to CognitoUserPoolPrincipal and call the getClaims() method to extract all of the claims in the token. I have also added support for custom claims in the object. You can get custom claims using the getClaim(String key) method of the CognitoAuthorizerClaims object.

Resolving the issue.

from aws-serverless-java-container.

sapessi avatar sapessi commented on September 24, 2024

This is possible today by creating a custom SecurityContextWriter and passing it to the library.

We could solve this easily by giving you an easy way to inject the security context writer without having to manually create the full object constructor, perhaps just add it as a parameter to the static getAwsProxyHandler?

from aws-serverless-java-container.

sapessi avatar sapessi commented on September 24, 2024

We discussed this offline. We see two option:

  1. Create a new HandlerMethodArgumentResolver for Spring and a ContextResolver in Jersey. All you'd have to do then is:
@RequestMapping(path = "/pets", method = RequestMethod.POST)
public Pet createPet(@RequestBody Pet newPet, ApiGatewayAuthorizerContext context) {
...
}
  1. Extend the Principal interface with a few methods to access the additional properties of the authorization context from API Gateway:
public Pet createPet(@RequestBody Pet newPet, Principal principal) {
((CognitoUserPoolPrincipal)principal).getClaims();
}

Would love to hear from the community what the preferred option is.

from aws-serverless-java-container.

sapessi avatar sapessi commented on September 24, 2024

Since there is no feedback and this is not a high priority fix I'm pulling it out of 0.7. The data is still accessible through the request attributes.

from aws-serverless-java-container.

yyolk avatar yyolk commented on September 24, 2024

I'm not a user of Spring or Jersey, so I see a lot of benefit in option 2

from aws-serverless-java-container.

eranation avatar eranation commented on September 24, 2024

I think option 2, as much as I hate casting or doing instanceof, is the most consistent with Spring Security. this also seems to be backward compatible.

from aws-serverless-java-container.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.