massi-ang / aws-iot-custom-authorizer-sample Goto Github PK
View Code? Open in Web Editor NEWSample implementation of Custom Authorizers.
License: MIT No Attribution
Sample implementation of Custom Authorizers.
License: MIT No Attribution
I built a similar solution to this using python. I was able to verify with the aws iot test-invoke-authorizer
command that it is returning a policy (denial of course, as there are no query string args to use with this tool).
Using the index.html solution you provide in this repo, I am unable to establish a connection using the token (first two segments concatenated with the '.' between) and the signature (the last portion of the jwt with additional regex work I saw in your example sig.replace(/_/gi, '/').replace(/-/gi, '+') + '=='
) which honestly I am confused by what this is doing other than making it fit a regex used by the aws cli command mentioned previously.
I also created a thing in IoT core for good measure mqtt_client
but I am thinking this might not be necessary since I am using an Azure AD token and the keys provided by its public .well-known
document (as described in the README).
When I hit connect in the web tool, it seems to get stuck in a loop attempting to make the websocket connection with the query string values provided by the UI. It continuously closes the connection and tries again. The error object in the callback does not seem to be defined and the HTTP Status codes are all 101.
I guess I am wondering if there is something I am missing here? If the custom authorizer is able to return the policy with rights to iot:Connect
and I used '*' for the resource value just for testing, then what would keep the browser client (running locally) from establishing the connection via websocket? Any ideas? Thanks in advance!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.