Serverless-offline: event.requestContext.authorizer shouldn't always exist

Created on 12 Dec 2018  路  9Comments  路  Source: dherault/serverless-offline

I think #292 has led to different behaviour between serverless-offline and Lambda, at least in certain configurations.

My functions implement dealing with the authorization header themselves -- I do not use a separate authorizer function or IAM authorization.

serverless-offline is adding the decoded token to event.requestContext, and I see the decoded claims in key event.requestContext.authorizer.claims. This seemed useful and so I made use of it when developing (my function decorator then only has to validate the token signature). However, when deployed, then event.requestContext.authorizer key does not exist, at least with my configuration.

needs repro
Source
picture tremby

Most helpful comment

hi, i can access event.requestContext.authorizer.claims in my local via serverless-offline but after deploying to AWS, there's no authorizer in event.requestContext. what's the fix here?

picture mdrijwan on 9 Jan 2021
👍2

All 9 comments

Hi @tremby, is your issue fix by serverless-offline v3.32.0 ? event.requestContext has been modified to handle authorizer functions more clearly.

dherault picture dherault on 8 Jan 2019
👎1

Is that a typo? Latest tag I see on this project is 3.25.17.

tremby picture tremby on 8 Jan 2019

version v3.32.1 is available on npm :)

dherault picture dherault on 9 Jan 2019

I'll give it a try next time I work on the project in question.

tremby picture tremby on 9 Jan 2019

We are seeing this as well -- with a custom authorizer the claims are appearing locally on event.requestContext.authorizer.claims. However, when running in aws via LAMBDA_PROXY integration there are no claims inside the authorizer object.

djakaitis picture djakaitis on 4 Apr 2019

Could you fix it via a PR please ?

dherault picture dherault on 5 Apr 2019

@tremby @djakaitis could you provide a small repository with some repro steps?

dnalborczyk picture dnalborczyk on 7 Jul 2019

closing for inactivity. the latest v6 alpha had some additional changes regarding authorizer. feel free to re-open if this is still an issue.

dnalborczyk picture dnalborczyk on 12 Sep 2019

hi, i can access event.requestContext.authorizer.claims in my local via serverless-offline but after deploying to AWS, there's no authorizer in event.requestContext. what's the fix here?

mdrijwan picture mdrijwan on 9 Jan 2021
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ktwbc picture ktwbc  路  4Comments
yareyaredesuyo picture yareyaredesuyo  路  4Comments
stunningpixels picture stunningpixels  路  3Comments
Ali-Dalal picture Ali-Dalal  路  4Comments
MEGApixel23 picture MEGApixel23  路  4Comments