I have an HTTP ApiGatewayV2 setup, with a single AWS_PROXY endpoint to a lambda (using HTTP, not REST!). There are 2 sources of incoming requests, one is a frontend we control, and one is a 3rd party api. Both send JWT tokens with the requests, but in different headers. I am using a custom authorizer to validate the JWT tokens, and determine the policies based on the claim. Since I am using an AWS_PROXY with a single route for all requests, I need a single authorizer lambda to handle both tokens/headers.
I would like to be able to cache the authorization responses from the authorization lambda, so I want to use the IdentitySource. But since there are 2 different headers that can contain the JWT token, this doesn't work. Unfortunately the Identity source entries need to ALL be present for the lambda to be invoked. So I can't specify ["$request.header.Authorization", "$request.header.OtherHeader"]. So would there be a way to somehow map $request.header.OtherHeader to $request.header.Authorization before the authorization lambda gets invoked? Or is there another trick to achieve something similar?
Cheers
AWS 官方已更新 2 年前