Sepi itu bukan Kesepian
Beberapa hari ini aku mencoba memahami berbagai peristiwa aneh yang terjadi. Bukan tentang teman — teman sekolahku yang kini sedang menyambut kelahiran anak — anak pertama mereka, sedangkan aku masih…
独家优惠奖金 100% 高达 1 BTC + 180 免费旋转
Authenticating Api Gateway using Github Login
Many of us use third party identity providers (Facebook, Google, Github, Twitter)to identify our user. With OAuth2 and now OIDC it is easier than ever to provide authentication capabilities to the static websites with simple javascript.
The next logical step is to allow the users to use their authentication and to access secure server side API’s. The idea is that the user authenticates using Github receives the token and then passes this token to the server side to authenticate himself.
I Really like API Gateway pattern to abstract away Authentication, Request Throttling, and even request and response transformation. AWS has a real good API gateway implementation called… surprise :) “API Gateway”
So what we want to do now is to configure API gateway to authenticate our requests using the token present in the request, validate this token, load the user in the usercontext and pass this to the downstream service
Api gateway allows authorization via Lambda Function (Custom Authorizer), Api gateway also allows authentication via another service which is cognito and IAM as well. But for the current purposes we will stick to the the Custom Authorizer.
The only thing now left to do is to write this Lambda function to validate Github tokens, We will use the Github v3 Authorization Api for it.
First Lets create a lambda function that deals with the validation process from github. Here is the code that does that
Next step is to create an Authorizer in API Gateway.
Once this is done all that is remaining is to associate the Authorizer to a endpoint.
And thats it!! all the requests will now have be validated by github :)
Related posts:
Order vs Chaos vs Imagination
One of humanities greatest gifts is imagination and according to evolution it helped our species grow and advance technologically. It’s time for me to take responsibility for my talents and give…
Amazon Disruption
What started with just selling books online is now a multi-billion dollar company that offers products and services that span across multiple industries. In the process of Amazon’s development, they…
Writing Independent Tests
What does it mean for a test to be independent? It means that a test should not depend upon the presence or absence of other tests, the order of the tests, or whether or not previous tests failed or…