Lambda authorizer response using async/await in Node.js

6
votes

I'm trying to create a lambda authorizer on aws using node.js async/await instead of callbacks but there is no information on how to create the HTTP response returned to API Gateway. For example, if i return this :

{
  statusCode: 401
}

the API gateway doesn't seem to understand and return an error 403 to the client :

{
    "statusCode": 403,
    "error": "Forbidden",
    "message": "No principalId set on the Response"
}

Does anyone knows how to do what is described here : https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html but using async / await ?

Thanks in advance !

EDIT :

The way to return an error 401 is simply to throw an error like this : throw new Error("Unauthorized") And if the user is explicitly deny / allow, simply return the JSON policy.

3
node.jsamazon-web-servicesaws-lambda
Can you put here some code please, to try to help you, please?Jose Carlos Ramos Carmenates
If you figured it out on your own, you are allowed to answer your own questions :) .neverendingqs
Did you ever figure this out? Using the callback causes warnings but I would rather use async/await without the cb.Chance
@Chance The solution is in the "Edit" section in my post. You simply have to throw an Error with "Unauthorized" as message. I added an answer to my own question so it will be more visible.julient-monisnap
@julient-monisnap thanks :). Simple enough!Chance

3 Answers

4
votes

To return a 401 error you simply need to throw an error with "Unauthorized" as message, like this : 

throw new Error("Unauthorized")

And if the user is explicitly deny / allow, simply return the JSON policy like you would do with callbacks.

1
votes

I think the accepted solution does not work (anymore). I tried it like this:

exports.authorize = async (event, context) => {
  throw new Error("Unauthorized")
}

It works but in my logs I can see this error:

ERROR Invoke Error {"errorType":"Error","errorMessage":"Unauthorized","stack":["Error: Unauthorized"," at Runtime.exports.authorize [as handler] (/var/task/handler/auth.js:21:13)"," at processTicksAndRejections (internal/process/task_queues.js:97:5)"]}

0
votes

From what I've read (some code samples would be helpful) it sounds like you're not calling the callback right or it's not called in the right place. You can use

callback("Some error message.");

to send back a response w/ a 401 status code. You can also change this by doing something like:

var response = {
  statusCode: 401, /* some number */        
  body: "Oops!" /* some message */
}; 
callback(null, response);

I would check out this page for more information.