We have a serverless application on AWS that consists of an API Gateway that triggers Lambda do execute a specific code for our application. This application is multi tenant so this API will receive request from multiple clients. Currently the clients authenticate using cognito. We need a Lambda Custom Authorizer to validade the incoming request to make sure that user is allowed to make that specific request.
Imagine the following scenario... We have 3 users John, Mark and Petter. All 3 of them login the application trough cognito and receive a JWT Token. Our front end will decrypt the token to see what’s the Tenant ID for those clientes. Currently we have 2 values to form a tenant. We have the CampusID which is our lowest level of tenant isolation and then OrganizationID that basically is 1 or more CampusID. So following along with our example we would have something like this:
CampusID : A
CampusID: A, B
Organization ID: 1
So all users belong to the same organization by only Petter is allowed to get results from either organization.
Let’s say John needs to make a call to our API to list all orders from our e-commerce. In this case the frontend would call that specific API and would pass using querystring John’s OrganizationID and CampusID. On the header of that request the frontend would also provide the JWT Token given by Cognito during the login. Our API Gateway would then call our Lambda Custom Authorizer, and here is where the job begins. Basically the Custom Authorizer needs to decrypt the JWT Token and compare the OrganizationID and CampusID that are on the token versus the OrganizationID and CampusID that were sent trough the querystring.
Following along our example, if John’s request has the same OrganizationID and CampusID on booth the JWT Token and the querystring then our Lambda Custom Authorizer would return a 200 code.
Now if for some reason John manipulates the request and sends a querystring with CampusID = 2, the Lambda Custom Authorizer would return an 403 error since the querystring CampusID doesn’t match the CampusID from the JWT token. The same thing goes for the OrganizationID.
One thing that is important to notice here is Petter’s case. He is allowed to call either CampusID “A” or CampusID “B” as long as the OrganizationID, in his case “1” also matches the one provided on the querystring and JWT Token.
ATTENTION: The Custom Authorizer needs to be write on Python 3.6 or higher.
18 freelance font une offre moyenne de $222 pour ce travail
Hey, I specialized in cloud application development and have long history. Please check out my profile if you'd like to review my skills and experiences. I'm really accustomed to aws lambda and serverless frameworks wh Plus
Hey, I reviewed your job post carefully. I believe that I would be good fit to complete your project because I've long history of aws lambda. I'm familiar with amplify for web development. So I'm interested in and con Plus
Hi, We have enough relevant experience. Let me help you. I have gone through the description "Software Skills: Android, JSON & Restful Web Services, FCM, Google Analytics, Google API, JUnit, Mockito, Wiremock, Espress Plus
Good day,Dear! Laravel Expert is HERE! I am a full-stack web developer experienced in PHP/Laravel and am interested in working for your project. I also have expertise in wordpress and can migrate to laravel. Let's di Plus
Hi, there My name's Hongri, Sr Python Developer who got the reputation of "Top Talented Developer" by the support team. I have rich experience in AWS Lambda function, Trigger with API, Deploy API, ETC. Please contact m Plus
Hello.! I can understand your description of a project. I'm an expert in API. I have lots of experience in API. I can build a professional and expert API. I'm interested in your project. Please come and discuss the pro Plus
I mainly work with API Integration project.I have passion about API. I have been in this field for more than 7 years. i have experience in C#,php,Perl,wordpress,Html,postgress ,Ubuntu,Crontab,Web Services, Rest Api, Plus
Greetings! I saw you are looking for AWS Expert to configure the server and I would like to offer my sincere services in this regard. Your post instantly caught my attention because it perfectly lies in my domain o Plus
We're expert in api integration, have used several different api’s in our previous [login to view URL] of api and also list down the functionality that you want to achieve via integrating this api. Multiple amendments are Plus
Firestly we had an overview on your requirement and we are capable to work on your project but at a cost. We Aifi Solutions Pvt Ltd based in Navi Mumbai , India and have 20 years of experience in Desktop/Web/Mobile ap Plus
Hi, Dear How are you doing? I am very interested in your project. I am always ready for you. I wish you contact me as soon as possible. Let us discuss your project on chat in detail. Thanks for your regards.
Hi, there. Nice to meet you. I really would like to work for you. I'm full stack professional developer. I have rich development experience and have developed many apps. If you hire me, I will do my best for you. Plus
Hi there, I'm a professional web designer - Front End Developer, having 7+ years experience in web designing. I build valid, Responsive HTML5, CSS3, JQ, JS, bootstrap and Word Press, Magento, Drupal, CI, based websi Plus
Hi. As I am a professional developer, I can do your job perfectly ASAP and I want to work with you If you hire me and give me a chance to prove my abilities, so I will give you the best results with my professional Plus
Hello, After reading your offer this looks like a perfect fit for my skill sets. I have built a large number of creative designs /Development for different businesses. My name is Shivangi and I am an Indian web Devel Plus
Interesting Wonderful project! We are good team in many experiences in Web developing. We are masters of math and web design. If you keep in touch with us, you can get satisfy result. Thanks a lot!
Hello there! My name is Chris, I'm a UK based and native English speaking web developer and app expert with 10 years experience building and maintaining complex web apps and websites. I've built and maintained applic Plus