aws-lambda-pyauthlib

Release 0.2.2

A python helper library for AWS API Gateway Custom Authorizers

Homepage Repository PyPI Python

Keywords
auth, authorization, authorizer, aws, aws-api-gateway, aws-lambda, lambda, python27, python36, serverless
License
MIT
Install
pip install aws-lambda-pyauthlib==0.2.2

Documentation

aws-lambda-pyauthlib

https://travis-ci.org/oharaandrew314/aws-lambda-pyauthlib.svg?branch=master codecov.io

A python helper library for AWS API Gateway Custom Authorizers.

Installation

pip install aws-lambda-pyauthlib

or

pipenv install aws-lambda-pyauthlib

Quickstart

'''authorizer_handler.py'''
from pyauthlib import UserInfo, AuthPolicy, HttpMethod, parse_event, raise_401
from my_auth_client import get_client

def lambda_handler(event, _context):
    '''Exchanges access token for user_info and returns the policy.
        Unauthorized users are denied all access.
        Users are allowed read access to all resources.
        Admins are allowed full access to all resources.
    '''
    event = parse_event(event)

    identity = get_client().get_identity(event.access_token)
    user_info = UserInfo(identity['user_id'], identity['grants'])
    policy = AuthPolicy(user_info)

    if not user_info:
        raise_401()
    elif 'ROLE_ADMIN' in user_info.authorities:
        policy.allow(event.arn(method=HttpMethod.ALL, resource='*'))
    else:
        policy.allow(event.arn(method=HttpMethod.GET, resource='*'))

    return policy.build()

More Information

You can also return an arbitrary authorizer context, by passing kwargs into the UserInfo. A list of authorities is always required, but nothing is stopping you from using an empty list.

Go check out the examples!

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
1
Total releases
7
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
1
Repository size
43.9 KB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.2
0.2.1
0.2.0
0.1.2
0.1.1
0.1.0
0.1.0.dev1

Contributors

Andrew O'Hara


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-12 12:34:35 UTC

Login to resync this project