Skip to content

Commit

Permalink
revert changes to apollo_gql.ts
Browse files Browse the repository at this point in the history
  • Loading branch information
pearl-truss committed Dec 27, 2023
1 parent b129665 commit c196f0d
Showing 1 changed file with 0 additions and 44 deletions.
44 changes: 0 additions & 44 deletions services/app-api/src/handlers/apollo_gql.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ import { ApolloServer } from 'apollo-server-lambda'
import type {
APIGatewayProxyEvent,
APIGatewayProxyHandler,
APIGatewayAuthorizerResult,
PolicyDocument,
Handler,
} from 'aws-lambda'
import typeDefs from '../../../app-graphql/src/schema.graphql'
Expand Down Expand Up @@ -105,48 +103,6 @@ function contextForRequestForFetcher(userFetcher: userFromAuthProvider): ({
}
}

const thirdPartyAPIAuthorizer = async function (event: any): Promise<APIGatewayAuthorizerResult> {
// authentication step by getting and validating JWT token
const authToken = event.headers['authorization'] || '';
try {
// @ts-ignore
const decodedJWT = await cognitoJwtVerifier.verify(authToken);

// After the token is verified we can do Authorization check here if needed.
// If the request doesn't meet authorization conditions then we should return a Deny policy.
const policyDocument: PolicyDocument = {
Version: '2012-10-17',
Statement: [
{
Action: 'execute-api:Invoke',
Effect: 'Allow', // return Deny if you want to reject the request
Resource: event['methodArn'],
},
],
};

// This is the place you inject custom data into request context which will be available
// inside `event.requestContext.authorizer` in API Lambdas.
const context = {
'userId': 123,
'companyId': 456,
'role': 'ADMIN',
};

const response: APIGatewayAuthorizerResult = {
principalId: decodedJWT.sub,
policyDocument,
context,
};
console.log(`response => ${JSON.stringify(response)}`);

return response;
} catch (err) {
console.error('Invalid auth token. err => ', err);
throw new Error('Unauthorized');
}
};

// This middleware returns an error if the local request is missing authentication info
function localAuthMiddleware(wrapped: APIGatewayProxyHandler): Handler {
return async function (event, context, completion) {
Expand Down

0 comments on commit c196f0d

Please sign in to comment.