amplify-js icon indicating copy to clipboard operation
amplify-js copied to clipboard
verified publisher icon aws-amplify

AWS_IAM API Gateway Auth in Next.js getStaticProps() withSSRContext()

Open deldrid1 opened this issue 5 years ago • 2 comments

Is your feature request related to a problem? Please describe.

I have an API Gateway setup to use AWS_IAM and require an AWS Signature Version 4 to provide data. I have deployed this using the serverless framework and have lambda's tied into Dynamo DB (using the server side AWS SDK for Javascript) and have tested everything working end to end using a REST Client

I am trying to figure out how to do access this API inside of next.js's getStaticProps using the new withSSRContext() function as described here

Describe the solution you'd like

This may be a documentation gap or a personal knowledge gap, but so far I've struck out. I'm new to the AWS ecosystem so if I am just missing something obvious please point it out.

I don't see an API Gateway equivalent of AWS.DynamoDB.DocumentClient().get() in the AWS SDK for Node or in Amplify that uses environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to create the needed tokens for trusted server authorization.

On the client side and on the server side in getServerSideProps, my understanding is that AWS Amplify

  • Authenticates against a Cognito User Pool and acquire a user token using the Auth class
  • When an API call is made
    • With the user token, Amplify gets temporary IAM credentials from the Cognito Identity Pool using the custom role that I have setup
    • the API class uses the IAM credentials to sign our API request with Signature Version 4.

Unfortunately, I can't figure out how to provide credentials to the API class when there isn't a cognito user in play such as in getStaticProps...

Describe alternatives you've considered

  • One solution would be to use an API Key for the endpoints that are specific to my next.js SSR, but I would prefer to use AWS_IAM everywhere.
  • Another option is to forget that the AWS libraries exist and use standard open source approaches (i.e. https://medium.com/@joshua.a.kahn/calling-amazon-api-gateway-authenticated-methods-with-axios-and-aws4-6eeda1aa8696)

Any thoughts on how to get this all plumbed up?

deldrid1 avatar Oct 13 '20 20:10 deldrid1

@deldrid1, apologies on how long it's taken for you to get a response on this issue. There's been updates to the documentation surrounding Next.js and SSR recently... AND we've just released support today for Next.js v12+ via a new Amplify Hosting compute managed SSR provider. Can you verify if you're still experiencing this issue?

Here's links to the updated guides: Amplify support for Next.js SSR Next.js Tutorial - API with SSR

cwomack avatar Nov 17 '22 18:11 cwomack

I just ran into this issue today.

mtliendo avatar Jul 29 '23 21:07 mtliendo