authorizer

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 26, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package authorizer provides built-in authorizers for AWS AppSync Events.

It includes API key, IAM, and token-based authorizers. Token-based authorization can be used with Lambda authorizers, Cognito User Pool tokens, and OpenID Connect tokens.

Custom authorization schemes can implement Authorizer.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ApiKeyAuthorizerConfig 

type ApiKeyAuthorizerConfig struct {
	ApiKey   string
	Endpoint string
}

type AuthorizeCommandInput 

type AuthorizeCommandInput struct {
	Channel string
	Payload []byte
}

type AuthorizeCommandOutput 

type AuthorizeCommandOutput struct {
	Signature map[string]string
}

type Authorizer 

type Authorizer interface {
	Authorize(context.Context, AuthorizeCommandInput) (*AuthorizeCommandOutput, error)
}

Authorizer is used for generating subprotocol and authorizing outgoing messages

func ApiKey 

func ApiKey(config ApiKeyAuthorizerConfig) (Authorizer, error)
Example 
package main

import (
	"context"
	"log"

	"github.com/exanubes/appsync"
	"github.com/exanubes/appsync/authorizer"
)

func main() {
	ctx := context.Background()

	authz, err := authorizer.ApiKey(authorizer.ApiKeyAuthorizerConfig{
		ApiKey:   "da2-xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
		Endpoint: "https://xxxxxxxxxxxxxxxxxxxx.appsync-api.us-east-1.amazonaws.com",
	})
	if err != nil {
		log.Fatal(err)
	}

	client, err := appsync.Connect(ctx, appsync.ConnectionOptions{
		Endpoint:     "wss://xxxxxxxxxxxxxxxxxxxx.appsync-realtime-api.us-east-1.amazonaws.com",
		Subprotocols: []string{appsync.ProtocolEvents},
		Authorizer:   authz,
	})
	if err != nil {
		log.Fatal(err)
	}
	defer client.Close(ctx)
}

func IAM 

func IAM(config IAMAuthorizerConfig) (Authorizer, error)

IAM authorization uses the AWS SDK default credential chain. Temporary/session credentials (STS, SSO, AssumeRole, ECS/EC2 roles, Lambda roles, environment variables with AWS_SESSION_TOKEN, etc.) are supported automatically as long as they are resolvable by the AWS SDK. Advanced/custom credential workflows can implement the Authorizer interface directly.

Example 
package main

import (
	"context"
	"log"

	"github.com/exanubes/appsync"
	"github.com/exanubes/appsync/authorizer"
)

func main() {
	ctx := context.Background()

	authz, err := authorizer.IAM(authorizer.IAMAuthorizerConfig{
		Region:   "us-east-1",
		Endpoint: "https://xxxxxxxxxxxxxxxxxxxx.appsync-api.us-east-1.amazonaws.com",
	})
	if err != nil {
		log.Fatal(err)
	}

	client, err := appsync.Connect(ctx, appsync.ConnectionOptions{
		Endpoint:     "wss://xxxxxxxxxxxxxxxxxxxx.appsync-realtime-api.us-east-1.amazonaws.com",
		Subprotocols: []string{appsync.ProtocolEvents},
		Authorizer:   authz,
	})
	if err != nil {
		log.Fatal(err)
	}
	defer client.Close(ctx)
}

func Token 

func Token(config TokenAuthorizerConfig) (Authorizer, error)
Example 
package main

import (
	"context"
	"log"

	"github.com/exanubes/appsync"
	"github.com/exanubes/appsync/authorizer"
)

func main() {
	ctx := context.Background()

	// Works with Cognito ID tokens, OIDC tokens, and Lambda authorizer tokens.
	authz, err := authorizer.Token(authorizer.TokenAuthorizerConfig{
		AuthToken: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
		Endpoint:  "https://xxxxxxxxxxxxxxxxxxxx.appsync-api.us-east-1.amazonaws.com",
	})
	if err != nil {
		log.Fatal(err)
	}

	client, err := appsync.Connect(ctx, appsync.ConnectionOptions{
		Endpoint:     "wss://xxxxxxxxxxxxxxxxxxxx.appsync-realtime-api.us-east-1.amazonaws.com",
		Subprotocols: []string{appsync.ProtocolEvents},
		Authorizer:   authz,
	})
	if err != nil {
		log.Fatal(err)
	}
	defer client.Close(ctx)
}

type IAMAuthorizerConfig 

type IAMAuthorizerConfig struct {
	Region   string
	Endpoint string
}

type TokenAuthorizerConfig 

type TokenAuthorizerConfig struct {
	AuthToken string
	Endpoint  string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.