javascriptnode.jsamazon-web-serviceslambda-authorizeraws-jwt-authorizer

AWS authorizer returns 500, message: null, with AuthorizerConfigurationException error in response

I've spent the better part of today trying to make authorizers work, I've checked multiple examples and they all seem to be doing the same thing my code does.

I use serverless framework here's the authorization code:

exports.handler = function (event: APIGatewayTokenAuthorizerEvent): APIGatewayAuthorizerResult {
    const authorizer = new Authorizer();

    try {
        if (!event.authorizationToken) throw new Error("No token");

        const token = event.authorizationToken.split(" ")[1];
        const decodedData = authorizer.verifyToken(token) as unknown as User;
        const policy = generatePolicy(token, event.methodArn);

        return {
            ...policy,
            context: {
                user: JSON.stringify(decodedData),
            },
        };
    } catch (err) {
        console.log(err);
        throw "Unauthorized";
    }
};

const generatePolicy = (principalId: string, methodArn: string) => {
    return {
        principalId,
        policyDocument: {
            Version: "2012-10-17",
            Statement: [
                {
                    Action: "execute-api:Invoke",
                    Effect: "Allow",
                    Resource: methodArn,
                },
            ],
        },
    };
};

and here's the serverless config

const serverlessConfiguration: AWS = {
service: "user-crud",
frameworkVersion: "2",
custom: {
    webpack: {
        webpackConfig: "./webpack.config.js",
        includeModules: true,
    },
},
plugins: ["serverless-webpack"],
provider: {
    name: "aws",
    runtime: "nodejs14.x",
    region: "eu-west-1",
    apiGateway: {
        minimumCompressionSize: 1024,
        shouldStartNameWithService: true,
    },
    environment: {
        AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1",
    },
    lambdaHashingVersion: "20201221",
},

functions: {
    jwtAuthorizer: {
        handler: "src/api/authorizer.handler",
        name: "jwtAuthorizer",
    },
    get: {
        name: "get",
        handler: "src/api/get.handler",
        role: "arn:aws:iam::109394173706:role/dynamodb_cloudwatch_full",
        events: [
            {
                http: {
                    path: "get",
                    method: "get",
                    cors: true,
                    authorizer: "jwtAuthorizer",
                },
            },
        ],
    },

}...

I always get 500 response when the token is correct and I return the object, so I guess there's something wrong with the return object?

If the token is incorrect and I throw "Unauthorized" then I get back the correct 401 response.

Solution

  • Apparently, the handler needs to be async, otherwise, it expects a callback... Time well spent :|