Documentation
¶
Index ¶
Constants ¶
const (
RequestContextHeaderName = "x-amzn-request-context"
)
Variables ¶
This section is empty.
Functions ¶
func CertAuthorizer ¶
CertAuthorizer returns a Lambda Authorizer function that authorizes requests based on the client certificate in the request context. If the certificate is valid, the Authorizer returns an Allow policy. The the certificate namespace does not match the configured namespace, the Authorizer returns a Deny policy.
func TLSIdentifier ¶
TLSIdentifier returns a HTTP Handler middleware function that identifies clients using TLS client certificates. It parses the client certficiate into a RequestContext which is JSON-serialised into the request context header.
Types ¶
type AuthorizedRequestContext ¶
type AuthorizedRequestContext struct {
Identity AuthzIdentity `json:"identity"`
Authorizer Authorizer `json:"authorizer"`
}
type Authorizer ¶
type AuthorizerContext ¶ added in v1.13.3
type AuthorizerContext struct {
events.APIGatewayCustomAuthorizerRequest
RequestContext AuthorizerRequestContext `json:"requestContext"`
}
type AuthorizerRequestContext ¶ added in v1.13.3
type AuthorizerRequestContext struct {
Identity CertIdentity `json:"identity"`
}
type AuthzIdentity ¶ added in v1.13.3
type CertIdentity ¶ added in v1.13.2
type CertIdentity struct {
ClientCert ClientCert `json:"clientCert"`
}
type ClientCert ¶
type ClientCert struct {
ClientCertPem string `json:"clientCertPem"`
}
type JWK ¶
type JWK struct {
KeyType string `json:"kty"`
Curve string `json:"crv"`
X string `json:"x"`
Y string `json:"y"`
}
JWK is a JSON Web Key. It is a subset of the JWK spec, containing only the fields we need. See https://tools.ietf.org/html/rfc7517#section-4.1 for the full spec. JWK marshals to and unmarshals from a JSON string.
Source Files