Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fabianogoes/fiap-tech-challenge-authorizer-lambda

aws jwt jwt-token lambda lambda-functions python python3 virtualenv

Last synced: 20 days ago
JSON representation

Host: GitHub
URL: https://github.com/fabianogoes/fiap-tech-challenge-authorizer-lambda
Owner: fabianogoes
Created: 2024-03-29T00:48:27.000Z (9 months ago)
Default Branch: main
Last Pushed: 2024-08-26T11:44:34.000Z (4 months ago)
Last Synced: 2024-10-02T09:10:25.718Z (3 months ago)
Topics: aws, jwt, jwt-token, lambda, lambda-functions, python, python3, virtualenv
Language: Python
Homepage:
Size: 97.7 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Authorizer - Lambda Function da API Tech Challenge

[![CI/CD](https://github.com/fabianogoes/fiap-tech-challenge-authorizer-lambda/actions/workflows/deploy-lambda.yml/badge.svg)](https://github.com/fabianogoes/fiap-tech-challenge-authorizer-lambda/actions/workflows/deploy-lambda.yml)

- [Authorizer - Lambda Function da API Tech Challenge](#authorizer---lambda-function-da-api-tech-challenge)

  - [Relationship](#relationship)

  - [Setup and Build](#setup-and-build)

    - [1. Python3](#1-python3)

    - [3. Virtualenv](#3-virtualenv)

    - [Gerar o `zip` para deploy na `aws`](#gerar-o-zip-para-deploy-na-aws)

  - [Deployments](#deployments)

  - [Para criar a lambda por `awscli`](#para-criar-a-lambda-por-awscli)

  - [Para atualizar a lambda por `awscli`](#para-atualizar-a-lambda-por-awscli)

  - [Important References](#important-references)

## Relationship

![Auth](./.utils/assets/Fluxo-de-Autenticacao-e-Autorizacao-com-JWT.png)

- [API Tech Challenge](https://github.com/fabianogoes/fiap-tech-challenge)

- [Users - Lambda Functions da API Tech Challenge](https://github.com/fabianogoes/fiap-tech-challenge-users-lambda)

- [Authenticator - Lambda Functions da API Tech Challenge](https://github.com/fabianogoes/fiap-tech-challenge-authenticator-lambda)

- [Authorizer - Lambda Functions da API Tech Challenge](https://github.com/fabianogoes/fiap-tech-challenge-authorizer-lambda)

  

## Setup and Build 

### 1. Python3

```shell

sudo apt update && sudo apt install python3 python3-venv

```

### 3. Virtualenv

```shell

python3 -m venv .venv

source .venv/bin/activate

pip install -r requirements.txt

```

### Gerar o `zip` para deploy na `aws`

```shell

cp -r .venv/lib/python3.10/site-packages/jwt ./jwt          

cp -r .venv/lib/python3.10/site-packages/dotenv ./dotenv   

cp -r .venv/lib/python3.10/site-packages/dotenv ./boto3          

zip -r lambda_function.zip jwt/ dotenv/ boto3/ .env lambda_function.py

```

> Para desativar o virtualenv: `deactivate`

## Deployments

## Para criar a lambda por `awscli`

```shell

aws lambda create-function --function-name fiap-tech-challenge-authorizer-lambda \

  --runtime python3.8 \

  --region ${AWS_DEFAULT_REGION} \

  --role arn:aws:iam::${AWS_ACCOUNT_ID}:role/${AWS_DEFAULT_ROLE} \

  --handler lambda_function.lambda_handler --zip-file fileb://./lambda_function.zip

```

## Para atualizar a lambda por `awscli`

```shell

aws lambda update-function-code --function-name fiap-tech-challenge-authorizer-lambda --zip-file fileb://./lambda_function.zip

```

## Authorizer Lambda Function Response

```json

// Resource:

// arn:aws:execute-api:{REGION}:{ACCOUNT_ID}:{FIRST-API-STAGE-INVOKE-URL}/*/*/*

// STAGE-INVOKE-URL = https://6zjg700oqb.execute-api.us-east-1.amazonaws.com/test

// Default endpoint Api = https://6zjg700oqb.execute-api.us-east-1.amazonaws.com

// FIRST-API-STAGE-INVOKE-URL = 6zjg700oqb

// Effect: Allow | Deny

{

    "principalId": "abc123",

    "policyDocument": {

        "Version": "2012-10-17",

        "Statement": [

            {

                "Action": "execute-api:Invoke",

                "Resource": [

                    "arn:aws:execute-api:us-east-1:637423526753:6zjg700oqb/*/*/*"

                ],

                "Effect": auth

            }

        ]

    }

}

```

## Important References

- [AWS Lambda](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)

- [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html)

- [AWS Lambda CLI](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-awscli.html)

- [AWS Lambda Python](https://docs.aws.amazon.com/lambda/latest/dg/python-handler.html)

- [AWS API Gateway JWT Authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html)

- [JWT Instruduction](https://jwt.io/introduction/)

- [GitHUb Actions configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials)