Package com.networknt.aws.lambda
Class ScopeVerifier
- java.lang.Object
-
- com.networknt.aws.lambda.ScopeVerifier
-
public class ScopeVerifier extends Object
It is called in the Lambda framework to verify the scopes in the primary and secondary jwt tokens. The scopes are passed by the jwt-authorizer deployed on the API Gateway after verify JWT tokens. The authorizer can not verify the scopes as it doesn't have the knowledge of the OpenAPI specification. Each function will have the openapi.yaml packaged as configuration and this class will use it to verify the scopes again the scopes in the authorizer context enriched by the authorizer. The verifyScope is called by the request-handler that intercepts the request and response in the App. The light-rest-4j now supports multiple OpenApi specifications, however, the Lambda should only use one specification. The default config should do that job as it is configured as single spec.- Author:
- Steve Hu
-
-
Constructor Summary
Constructors Constructor Description ScopeVerifier()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEventverifyScope(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent requestEvent)verify the scopes from the primary and optional secondary tokens against the scopes in the openapi.yaml specification.
-
-
-
Method Detail
-
verifyScope
public com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent verifyScope(com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent requestEvent)
verify the scopes from the primary and optional secondary tokens against the scopes in the openapi.yaml specification.- Parameters:
requestEvent- request event- Returns:
- responseEvent if error and null if pass.
-
-