Serverless-offline: Support Non-Local Custom Authorisers

Hi @johncmckim, yes your solution would work. We can use invoke from within the plugin easily. If you want to PR, please wait for the upcoming version 3 of the plugin.

Thanks @dherault happy to send a PR once v3 is out.

It's done, go crazy :)

+1, would be awesome to see! Out of interest, is there any way to "mock" it for serverless-offline at all?

Not I the moment as far as I know. 90% of this plugin's code comes from 3rd parties, so don't be afraid to PR :p

I would love to be able to just ignore the custom authorizer altogether when I'm running locally. I don't care about authentication when running locally.

What would be the best way to add it to the project? Perhaps add an option to disable authorization altogether:

$ sls offline --noAuth

And if authorization is required, then run either the Cognito authorizer or the custom authorizer, whichever is defined for the endpoint.

Yeah, that option would be perfect.

On Feb 6, 2017 6:48 PM, "Hassan Khan" notifications@github.com wrote:

What would be the best way to add it to the project? Perhaps add an option
to disable authorization altogether:

$ sls offline --noAuth

And if authorization IS required, then run either the Cognito authorizer
or the custom authorizer, whichever is defined for the endpoint.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/dherault/serverless-offline/issues/118#issuecomment-277863561,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACXzBUH9LsZj7cMhBaHvbbshn0kquofZks5rZ794gaJpZM4KVUXH
.

Any updates on this? I want to avoid having to use this authorizer when running locally:

https://github.com/laardee/serverless-authentication-boilerplate/blob/master/test-token/serverless.yml#L27

Having a cognito auth arn makes my routes throw

// endpoint error:
{
    "statusCode": 404,
    "error": "Serverless-offline: route not found.",
    "currentRoute": "get - /todos/123",
    "existingRoutes":[]
}

// serverless.yml snippet:
functions:
  read:
    handler: app.read
    events:
      - http:
          path: todos/{key}
          method: get
          authorizer:
            arn: <...>  // <-- problematic

Works without the arn.
Makes local development frustrating.

I would also appreciate support for a command line option to just ignore custom authorizers locally.

@garethmcc that should be easy to do, do not hesitate :p

Hi everyone,

I had the same problem and wrote a package for that.
https://github.com/vladgolubev/lambda-custom-authorizer-middleware

Its usage is a bit limited (for those who use aws-serverless-express), but still may be useful

UPD: it doesn't invoke remote lambdas, just allows using authorizers from other folders/projects, like I had

So what is the solution to this? For me it looks like there is still no way to cross-reference an authorizer from a different (running) service in serverless offline plugin, right?

I've been using Cognito as an authorizer for years and it's fine. I don't
see anything in the authorizer handler that would stop me from using any
other external Auth service. What are you trying to do? Are you trying to
use multiple Auth services?

On Thu, Apr 9, 2020, 5:08 AM Rene Bartkowiak notifications@github.com
wrote:

So what is the solution to this? For me it looks like there is still no
way to cross-reference an authorizer from a different (running) service in
serverless offline plugin, right?

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/dherault/serverless-offline/issues/118#issuecomment-611420666,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAS7GBNXAUU4OBRIWENCVATRLWGB5ANCNFSM4CSVIXDQ
.

I'm using a custom JWT solution which uses a dynamodb table for authorization. I found an own workaround now by creating an offline service. It links to all functions and works well. Not the perfect way but better than having to use an online running authorizer or stuff like that.