diff --git a/services/app-api/src/handlers/apollo_gql.ts b/services/app-api/src/handlers/apollo_gql.ts index cf48a433f1..1634285734 100644 --- a/services/app-api/src/handlers/apollo_gql.ts +++ b/services/app-api/src/handlers/apollo_gql.ts @@ -4,8 +4,6 @@ import { ApolloServer } from 'apollo-server-lambda' import type { APIGatewayProxyEvent, APIGatewayProxyHandler, - APIGatewayAuthorizerResult, - PolicyDocument, Handler, } from 'aws-lambda' import typeDefs from '../../../app-graphql/src/schema.graphql' @@ -105,48 +103,6 @@ function contextForRequestForFetcher(userFetcher: userFromAuthProvider): ({ } } -const thirdPartyAPIAuthorizer = async function (event: any): Promise { - // authentication step by getting and validating JWT token - const authToken = event.headers['authorization'] || ''; - try { - // @ts-ignore - const decodedJWT = await cognitoJwtVerifier.verify(authToken); - - // After the token is verified we can do Authorization check here if needed. - // If the request doesn't meet authorization conditions then we should return a Deny policy. - const policyDocument: PolicyDocument = { - Version: '2012-10-17', - Statement: [ - { - Action: 'execute-api:Invoke', - Effect: 'Allow', // return Deny if you want to reject the request - Resource: event['methodArn'], - }, - ], - }; - - // This is the place you inject custom data into request context which will be available - // inside `event.requestContext.authorizer` in API Lambdas. - const context = { - 'userId': 123, - 'companyId': 456, - 'role': 'ADMIN', - }; - - const response: APIGatewayAuthorizerResult = { - principalId: decodedJWT.sub, - policyDocument, - context, - }; - console.log(`response => ${JSON.stringify(response)}`); - - return response; - } catch (err) { - console.error('Invalid auth token. err => ', err); - throw new Error('Unauthorized'); - } - }; - // This middleware returns an error if the local request is missing authentication info function localAuthMiddleware(wrapped: APIGatewayProxyHandler): Handler { return async function (event, context, completion) {