Internal server error AWS API Gateway with custom authorizer

0
votes

I am trying to protect a lambda function using a custom authorizer (which validates a jwt) on AWS API Gateway. I also want to pass any queryStringParameters into my lambda function, so I want to keep my Integration request to be Lambda Proxy.

enter image description here

The custom authorizer is set, tested and working

enter image description here

Problem:

When I call this endpoint (after deploying), I receive a HTTP 500 response.

{
    "message": "Internal server error"
}

When I remove my custom authorizer OR deselect the lambda Proxy integration, I receive a normal output from my lambda

def lambda_handler(event, context):
    return {
        'status': 400,
        'body' : json.dumps('hello World'),
        'headers': {
            'Access-Control-Allow-Origin': "*"
        },
        'isBase64Encoded': 'false'
    }

Has anyone come across this? AWS documentation on this issue is sparse :/

Thank you!

1
amazon-web-servicesaws-lambdaaws-api-gatewayaws-serverless
What is the code for your custom authorizer?Marcin
def handler(event, context): token = event['authorizationToken'].split(' ')[1] audience = {hidden} certificateFile = open("hidden",'r') certificateLines = certificateFile.readlines() certificate = ''.join(certificateLines) try: decoded = jwt.decode(token, publicKey, algorithms='RS256', audience=audience) return generatePolicy(decoded['sub'], 'Allow') except: return generatePolicy(None, 'Deny')Saif Elkholy
Sorry Marcin, it doesn't seem like i can format my code properly in a comment. However, my auth function returns a correct policy with the correct ARNs. I am sure of this because if i disable Lambda Proxy, then my auth function correctly checks the jwt token , and calls my lambda fucntion (without the event object's properties like queryStringParameters)Saif Elkholy
Test your Lambda authorizer via the console and see if you get the right policy. 500 error due to authorizer function can be because API doesn't have permissions to invoke the function or the function is not returning back the policy in the right format.Suraj Bhatia

1 Answers

0
votes

I'm hitting myself in the head after this. The reason is because of what my lambda function was returning. It should've been 

def lambda_handler(event, context):
    return {
        'statusCode': 400,
        ...

As opposed to 

def lambda_handler(event, context):
    return {
        'status': 400,
     ...

If the AWS docs were better/i wasn't as obtuse :D