aws-sam-cli icon indicating copy to clipboard operation
aws-sam-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Feature request: Documented Example of Local Authorizer Usage

Open ChronosMasterOfAllTime opened this issue 1 year ago • 6 comments

Describe your idea/feature/enhancement

@lucashuy love the new feature for local authorizers in 1.80.0+, can we get documentation or a working example of how to set up an authorizer with sam local start-api?

Proposal

Add a sample local_authorizer_template.yml or LOCAL_AUTHORIZER_EXAMPLE.md file that bootstraps the authorizer correctly

Things to consider:

  1. Will this require any updates to the SAM Spec - No

Additional Details

Please provide documentation and examples on how to use a local Authorizer defined within the template.

ChronosMasterOfAllTime avatar May 15 '23 20:05 ChronosMasterOfAllTime

sam local docs opens up this page: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-start-api.html

We will add this as an area for us to look into.

sriram-mv avatar May 16 '23 00:05 sriram-mv

sam local docs opens up this page: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-start-api.html

We will add this as an area for us to look into.

Thanks, I am talking about the new feature introduced in 1.80+ to use local authorizer for testing. How do you define the authorizer differently as FunctionArn is not the way to go as SAM local doesnt support !GetAtt?

I am looking for examples of how to rope in our Authorizer for local testing.

ChronosMasterOfAllTime avatar May 25 '23 10:05 ChronosMasterOfAllTime

I am also looking to know this. I keep getting messages about skip parsing unsupported authorizer. I also was trying to use !GetAtt

@ChronosMasterOfAllTime did you figure this out?

brandon-burciaga avatar Jun 14 '23 23:06 brandon-burciaga

I am also looking to know this. I keep getting messages about skip parsing unsupported authorizer. I also was trying to use !GetAtt

@ChronosMasterOfAllTime did you figure this out?

If you start with the --debug flag you will see !GetAtt is not a supported function. From what I gathered you need to define the authorizer as a parameter and override the reference for local. Not ideal IMHO. We ended up pulling out the authorizer from API gateway and chaining it as part of the handler proxy middlewares. (We're using golang chi router plus the serverless proxy).

Hopefully someone gets this documented with a working example!

ChronosMasterOfAllTime avatar Jun 15 '23 00:06 ChronosMasterOfAllTime

Hey, after I traced the source code and followed your findings, I managed to make it works! Here is a demo : https://github.com/Willis0826/sam-local-authorizer-example Please feel free to take a look, cheers!

Willis0826 avatar Aug 06 '23 17:08 Willis0826

Does the feature (released in 1.80.0) work with SAM local for CDK ? https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-cdk-testing.html

I'm using the basic "AWS::ApiGatewayV2::Authorizer", "AuthorizerType": "JWT", and not seeing any auth happen on the latest version of SAM CLI

kPOWz avatar Apr 01 '24 21:04 kPOWz