UNPKG

@types/aws-lambda/trigger/api-gateway-authorizer.d.ts

Version:

9.97 kBTypeScriptView Raw

1import {
2    APIGatewayAuthorizerResultContext,
3    APIGatewayEventDefaultAuthorizerContext,
4    APIGatewayEventRequestContextWithAuthorizer,
5} from "../common/api-gateway";
6import { Callback, Handler } from "../handler";
7import { APIGatewayEventRequestContextV2 } from "./api-gateway-proxy";
8
9export type APIGatewayAuthorizerHandler = Handler<APIGatewayAuthorizerEvent, APIGatewayAuthorizerResult>;
10export type APIGatewayAuthorizerWithContextHandler<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =
11    Handler<APIGatewayAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;
12
13export type APIGatewayAuthorizerCallback = Callback<APIGatewayAuthorizerResult>;
14export type APIGatewayAuthorizerWithContextCallback<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =
15    Callback<APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;
16
17export type APIGatewayTokenAuthorizerHandler = Handler<APIGatewayTokenAuthorizerEvent, APIGatewayAuthorizerResult>;
18export type APIGatewayTokenAuthorizerWithContextHandler<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =
19    Handler<APIGatewayTokenAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;
20
21export type APIGatewayRequestAuthorizerHandler = Handler<APIGatewayRequestAuthorizerEvent, APIGatewayAuthorizerResult>;
22export type APIGatewayRequestAuthorizerWithContextHandler<
23    TAuthorizerContext extends APIGatewayAuthorizerResultContext,
24> = Handler<APIGatewayRequestAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;
25
26export type APIGatewayAuthorizerEvent = APIGatewayTokenAuthorizerEvent | APIGatewayRequestAuthorizerEvent;
27
28export interface APIGatewayTokenAuthorizerEvent {
29    type: "TOKEN";
30    methodArn: string;
31    authorizationToken: string;
32}
33
34export interface APIGatewayRequestAuthorizerEventV2 {
35    version: string;
36    type: "REQUEST";
37    routeArn: string;
38    identitySource: string[];
39    routeKey: string;
40    rawPath: string;
41    rawQueryString: string;
42    cookies: string[];
43    headers?: APIGatewayRequestAuthorizerEventHeaders;
44    queryStringParameters?: APIGatewayRequestAuthorizerEventQueryStringParameters;
45    requestContext: APIGatewayEventRequestContextV2;
46    pathParameters?: APIGatewayRequestAuthorizerEventPathParameters;
47    stageVariables?: APIGatewayRequestAuthorizerEventStageVariables;
48}
49
50export interface APIGatewayRequestAuthorizerEventHeaders {
51    [name: string]: string | undefined;
52}
53
54export interface APIGatewayRequestAuthorizerEventMultiValueHeaders {
55    [name: string]: string[] | undefined;
56}
57
58export interface APIGatewayRequestAuthorizerEventPathParameters {
59    [name: string]: string | undefined;
60}
61
62export interface APIGatewayRequestAuthorizerEventQueryStringParameters {
63    [name: string]: string | undefined;
64}
65
66export interface APIGatewayRequestAuthorizerEventMultiValueQueryStringParameters {
67    [name: string]: string[] | undefined;
68}
69
70export interface APIGatewayRequestAuthorizerEventStageVariables {
71    [name: string]: string | undefined;
72}
73
74// Note, when invoked by the tester in the AWS web console, the map values can be null,
75// but they will be empty objects in the real object.
76// Worse, it will include "body" and "isBase64Encoded" properties, unlike the real call!
77// See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-input.html for the
78// formal definition.
79export interface APIGatewayRequestAuthorizerEvent {
80    type: "REQUEST";
81    methodArn: string;
82    resource: string;
83    path: string;
84    httpMethod: string;
85    headers: APIGatewayRequestAuthorizerEventHeaders | null;
86    multiValueHeaders: APIGatewayRequestAuthorizerEventMultiValueHeaders | null;
87    pathParameters: APIGatewayRequestAuthorizerEventPathParameters | null;
88    queryStringParameters: APIGatewayRequestAuthorizerEventQueryStringParameters | null;
89    multiValueQueryStringParameters: APIGatewayRequestAuthorizerEventMultiValueQueryStringParameters | null;
90    stageVariables: APIGatewayRequestAuthorizerEventStageVariables | null;
91    requestContext: APIGatewayEventRequestContextWithAuthorizer<undefined>;
92}
93
94export interface APIGatewayAuthorizerResult {
95    principalId: string;
96    policyDocument: PolicyDocument;
97    context?: APIGatewayAuthorizerResultContext | null | undefined;
98    usageIdentifierKey?: string | null | undefined;
99}
100
101// Separate type so the context property is required, without pulling complex type magic.
102export interface APIGatewayAuthorizerWithContextResult<TAuthorizerContext extends APIGatewayAuthorizerResultContext> {
103    principalId: string;
104    policyDocument: PolicyDocument;
105    context: TAuthorizerContext;
106    usageIdentifierKey?: string | null | undefined;
107}
108
109/**
110 * IAM Authorizer Types
111 */
112export interface APIGatewayIAMAuthorizerResult {
113    principalId: string;
114    policyDocument: PolicyDocument;
115    context?: APIGatewayAuthorizerResultContext | null | undefined;
116    usageIdentifierKey?: string | null | undefined;
117}
118
119export interface APIGatewayIAMAuthorizerWithContextResult<
120    TAuthorizerContext extends APIGatewayAuthorizerResultContext,
121> {
122    principalId: string;
123    policyDocument: PolicyDocument;
124    context: TAuthorizerContext;
125    usageIdentifierKey?: string | null | undefined;
126}
127
128export type APIGatewayRequestIAMAuthorizerHandlerV2 = Handler<
129    APIGatewayRequestAuthorizerEventV2,
130    APIGatewayIAMAuthorizerResult
131>;
132
133export type APIGatewayRequestIAMAuthorizerV2WithContextHandler<
134    TAuthorizerContext extends APIGatewayAuthorizerResultContext,
135> = Handler<APIGatewayRequestAuthorizerEventV2, APIGatewayIAMAuthorizerWithContextResult<TAuthorizerContext>>;
136
137/**
138 * Simple Lambda Authorizer Types V2 spec with simple response
139 * @see - https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html
140 */
141export interface APIGatewaySimpleAuthorizerResult {
142    isAuthorized: boolean;
143}
144
145export interface APIGatewaySimpleAuthorizerWithContextResult<TAuthorizerContext>
146    extends APIGatewaySimpleAuthorizerResult
147{
148    context: TAuthorizerContext;
149}
150
151export type APIGatewayRequestSimpleAuthorizerHandlerV2 = Handler<
152    APIGatewayRequestAuthorizerEventV2,
153    APIGatewaySimpleAuthorizerResult
154>;
155
156export type APIGatewayRequestSimpleAuthorizerHandlerV2WithContext<TAuthorizerContext> = Handler<
157    APIGatewayRequestAuthorizerEventV2,
158    APIGatewaySimpleAuthorizerWithContextResult<TAuthorizerContext>
159>;
160
161// Legacy event / names
162
163/** @deprecated Use APIGatewayAuthorizerHandler or a subtype */
164export type CustomAuthorizerHandler = Handler<CustomAuthorizerEvent, APIGatewayAuthorizerResult>;
165
166// This one is actually fine.
167export type CustomAuthorizerCallback = APIGatewayAuthorizerCallback;
168
169/** @deprecated Use APIGatewayAuthorizerEvent or a subtype */
170export interface CustomAuthorizerEvent {
171    type: string;
172    methodArn: string;
173    authorizationToken?: string | undefined;
174    resource?: string | undefined;
175    path?: string | undefined;
176    httpMethod?: string | undefined;
177    headers?: { [name: string]: string } | undefined;
178    multiValueHeaders?: { [name: string]: string[] } | undefined;
179    pathParameters?: { [name: string]: string } | null | undefined;
180    queryStringParameters?: { [name: string]: string } | null | undefined;
181    multiValueQueryStringParameters?: { [name: string]: string[] } | null | undefined;
182    stageVariables?: { [name: string]: string } | undefined;
183    requestContext?: APIGatewayEventRequestContextWithAuthorizer<APIGatewayEventDefaultAuthorizerContext> | undefined;
184    domainName?: string | undefined;
185    apiId?: string | undefined;
186}
187
188export type CustomAuthorizerResult = APIGatewayAuthorizerResult;
189export type AuthResponse = APIGatewayAuthorizerResult;
190export type AuthResponseContext = APIGatewayAuthorizerResultContext;
191
192/**
193 * API Gateway CustomAuthorizer AuthResponse.PolicyDocument.
194 * https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html
195 * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition
196 */
197export interface PolicyDocument {
198    Version: string;
199    Id?: string | undefined;
200    Statement: Statement[];
201}
202
203/**
204 * API Gateway CustomAuthorizer AuthResponse.PolicyDocument.Condition.
205 * https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-policy-language-overview.html
206 * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
207 */
208export interface ConditionBlock {
209    [condition: string]: Condition | Condition[];
210}
211
212export interface Condition {
213    [key: string]: string | string[];
214}
215
216/**
217 * API Gateway CustomAuthorizer AuthResponse.PolicyDocument.Statement.
218 * https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-policy-language-overview.html
219 * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html
220 */
221export type Statement = BaseStatement & StatementAction & (StatementResource | StatementPrincipal);
222
223export type StatementEffect = "Allow" | "Deny";
224
225export interface BaseStatement {
226    Effect: StatementEffect;
227    Sid?: string | undefined;
228    Condition?: ConditionBlock | undefined;
229}
230
231export type PrincipalValue = { [key: string]: string | string[] } | string | string[];
232export interface MaybeStatementPrincipal {
233    Principal?: PrincipalValue | undefined;
234    NotPrincipal?: PrincipalValue | undefined;
235}
236export interface MaybeStatementResource {
237    Resource?: string | string[] | undefined;
238    NotResource?: string | string[] | undefined;
239}
240export type StatementAction = { Action: string | string[] } | { NotAction: string | string[] };
241export type StatementResource =
242    & MaybeStatementPrincipal
243    & ({ Resource: string | string[] } | { NotResource: string | string[] });
244export type StatementPrincipal =
245    & MaybeStatementResource
246    & ({ Principal: PrincipalValue } | { NotPrincipal: PrincipalValue });

1	`import {`
2	`APIGatewayAuthorizerResultContext,`
3	`APIGatewayEventDefaultAuthorizerContext,`
4	`APIGatewayEventRequestContextWithAuthorizer,`
5	`} from "../common/api-gateway";`
6	`import { Callback, Handler } from "../handler";`
7	`import { APIGatewayEventRequestContextV2 } from "./api-gateway-proxy";`
8
9	`export type APIGatewayAuthorizerHandler = Handler<APIGatewayAuthorizerEvent, APIGatewayAuthorizerResult>;`
10	`export type APIGatewayAuthorizerWithContextHandler<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =`
11	`Handler<APIGatewayAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;`
12
13	`export type APIGatewayAuthorizerCallback = Callback<APIGatewayAuthorizerResult>;`
14	`export type APIGatewayAuthorizerWithContextCallback<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =`
15	`Callback<APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;`
16
17	`export type APIGatewayTokenAuthorizerHandler = Handler<APIGatewayTokenAuthorizerEvent, APIGatewayAuthorizerResult>;`
18	`export type APIGatewayTokenAuthorizerWithContextHandler<TAuthorizerContext extends APIGatewayAuthorizerResultContext> =`
19	`Handler<APIGatewayTokenAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;`
20
21	`export type APIGatewayRequestAuthorizerHandler = Handler<APIGatewayRequestAuthorizerEvent, APIGatewayAuthorizerResult>;`
22	`export type APIGatewayRequestAuthorizerWithContextHandler<`
23	`TAuthorizerContext extends APIGatewayAuthorizerResultContext,`
24	`> = Handler<APIGatewayRequestAuthorizerEvent, APIGatewayAuthorizerWithContextResult<TAuthorizerContext>>;`
25
26	`export type APIGatewayAuthorizerEvent = APIGatewayTokenAuthorizerEvent \| APIGatewayRequestAuthorizerEvent;`
27
28	`export interface APIGatewayTokenAuthorizerEvent {`
29	`type: "TOKEN";`
30	`methodArn: string;`
31	`authorizationToken: string;`
32	`}`
33
34	`export interface APIGatewayRequestAuthorizerEventV2 {`
35	`version: string;`
36	`type: "REQUEST";`
37	`routeArn: string;`
38	`identitySource: string[];`
39	`routeKey: string;`
40	`rawPath: string;`
41	`rawQueryString: string;`
42	`cookies: string[];`
43	`headers?: APIGatewayRequestAuthorizerEventHeaders;`
44	`queryStringParameters?: APIGatewayRequestAuthorizerEventQueryStringParameters;`
45	`requestContext: APIGatewayEventRequestContextV2;`
46	`pathParameters?: APIGatewayRequestAuthorizerEventPathParameters;`
47	`stageVariables?: APIGatewayRequestAuthorizerEventStageVariables;`
48	`}`
49
50	`export interface APIGatewayRequestAuthorizerEventHeaders {`
51	`[name: string]: string \| undefined;`
52	`}`
53
54	`export interface APIGatewayRequestAuthorizerEventMultiValueHeaders {`
55	`[name: string]: string[] \| undefined;`
56	`}`
57
58	`export interface APIGatewayRequestAuthorizerEventPathParameters {`
59	`[name: string]: string \| undefined;`
60	`}`
61
62	`export interface APIGatewayRequestAuthorizerEventQueryStringParameters {`
63	`[name: string]: string \| undefined;`
64	`}`
65
66	`export interface APIGatewayRequestAuthorizerEventMultiValueQueryStringParameters {`
67	`[name: string]: string[] \| undefined;`
68	`}`
69
70	`export interface APIGatewayRequestAuthorizerEventStageVariables {`
71	`[name: string]: string \| undefined;`
72	`}`
73
74	`// Note, when invoked by the tester in the AWS web console, the map values can be null,`
75	`// but they will be empty objects in the real object.`
76	`// Worse, it will include "body" and "isBase64Encoded" properties, unlike the real call!`
77	`// See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-input.html for the`
78	`// formal definition.`
79	`export interface APIGatewayRequestAuthorizerEvent {`
80	`type: "REQUEST";`
81	`methodArn: string;`
82	`resource: string;`
83	`path: string;`
84	`httpMethod: string;`
85	`headers: APIGatewayRequestAuthorizerEventHeaders \| null;`
86	`multiValueHeaders: APIGatewayRequestAuthorizerEventMultiValueHeaders \| null;`
87	`pathParameters: APIGatewayRequestAuthorizerEventPathParameters \| null;`
88	`queryStringParameters: APIGatewayRequestAuthorizerEventQueryStringParameters \| null;`
89	`multiValueQueryStringParameters: APIGatewayRequestAuthorizerEventMultiValueQueryStringParameters \| null;`
90	`stageVariables: APIGatewayRequestAuthorizerEventStageVariables \| null;`
91	`requestContext: APIGatewayEventRequestContextWithAuthorizer<undefined>;`
92	`}`
93
94	`export interface APIGatewayAuthorizerResult {`
95	`principalId: string;`
96	`policyDocument: PolicyDocument;`
97	`context?: APIGatewayAuthorizerResultContext \| null \| undefined;`
98	`usageIdentifierKey?: string \| null \| undefined;`
99	`}`
100
101	`// Separate type so the context property is required, without pulling complex type magic.`
102	`export interface APIGatewayAuthorizerWithContextResult<TAuthorizerContext extends APIGatewayAuthorizerResultContext> {`
103	`principalId: string;`
104	`policyDocument: PolicyDocument;`
105	`context: TAuthorizerContext;`
106	`usageIdentifierKey?: string \| null \| undefined;`
107	`}`
108
109	`/**`
110	`* IAM Authorizer Types`
111	`*/`
112	`export interface APIGatewayIAMAuthorizerResult {`
113	`principalId: string;`
114	`policyDocument: PolicyDocument;`
115	`context?: APIGatewayAuthorizerResultContext \| null \| undefined;`
116	`usageIdentifierKey?: string \| null \| undefined;`
117	`}`
118
119	`export interface APIGatewayIAMAuthorizerWithContextResult<`
120	`TAuthorizerContext extends APIGatewayAuthorizerResultContext,`
121	`> {`
122	`principalId: string;`
123	`policyDocument: PolicyDocument;`
124	`context: TAuthorizerContext;`
125	`usageIdentifierKey?: string \| null \| undefined;`
126	`}`
127
128	`export type APIGatewayRequestIAMAuthorizerHandlerV2 = Handler<`
129	`APIGatewayRequestAuthorizerEventV2,`
130	`APIGatewayIAMAuthorizerResult`
131	`>;`
132
133	`export type APIGatewayRequestIAMAuthorizerV2WithContextHandler<`
134	`TAuthorizerContext extends APIGatewayAuthorizerResultContext,`
135	`> = Handler<APIGatewayRequestAuthorizerEventV2, APIGatewayIAMAuthorizerWithContextResult<TAuthorizerContext>>;`
136
137	`/**`
138	`* Simple Lambda Authorizer Types V2 spec with simple response`
139	`* @see - https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html`
140	`*/`
141	`export interface APIGatewaySimpleAuthorizerResult {`
142	`isAuthorized: boolean;`
143	`}`
144
145	`export interface APIGatewaySimpleAuthorizerWithContextResult<TAuthorizerContext>`
146	`extends APIGatewaySimpleAuthorizerResult`
147	`{`
148	`context: TAuthorizerContext;`
149	`}`
150
151	`export type APIGatewayRequestSimpleAuthorizerHandlerV2 = Handler<`
152	`APIGatewayRequestAuthorizerEventV2,`
153	`APIGatewaySimpleAuthorizerResult`
154	`>;`
155
156	`export type APIGatewayRequestSimpleAuthorizerHandlerV2WithContext<TAuthorizerContext> = Handler<`
157	`APIGatewayRequestAuthorizerEventV2,`
158	`APIGatewaySimpleAuthorizerWithContextResult<TAuthorizerContext>`
159	`>;`
160
161	`// Legacy event / names`
162
163	`/** @deprecated Use APIGatewayAuthorizerHandler or a subtype */`
164	`export type CustomAuthorizerHandler = Handler<CustomAuthorizerEvent, APIGatewayAuthorizerResult>;`
165
166	`// This one is actually fine.`
167	`export type CustomAuthorizerCallback = APIGatewayAuthorizerCallback;`
168
169	`/** @deprecated Use APIGatewayAuthorizerEvent or a subtype */`
170	`export interface CustomAuthorizerEvent {`
171	`type: string;`
172	`methodArn: string;`
173	`authorizationToken?: string \| undefined;`
174	`resource?: string \| undefined;`
175	`path?: string \| undefined;`
176	`httpMethod?: string \| undefined;`
177	`headers?: { [name: string]: string } \| undefined;`
178	`multiValueHeaders?: { [name: string]: string[] } \| undefined;`
179	`pathParameters?: { [name: string]: string } \| null \| undefined;`
180	`queryStringParameters?: { [name: string]: string } \| null \| undefined;`
181	`multiValueQueryStringParameters?: { [name: string]: string[] } \| null \| undefined;`
182	`stageVariables?: { [name: string]: string } \| undefined;`
183	`requestContext?: APIGatewayEventRequestContextWithAuthorizer<APIGatewayEventDefaultAuthorizerContext> \| undefined;`
184	`domainName?: string \| undefined;`
185	`apiId?: string \| undefined;`
186	`}`
187
188	`export type CustomAuthorizerResult = APIGatewayAuthorizerResult;`
189	`export type AuthResponse = APIGatewayAuthorizerResult;`
190	`export type AuthResponseContext = APIGatewayAuthorizerResultContext;`
191
192	`/**`
193	`* API Gateway CustomAuthorizer AuthResponse.PolicyDocument.`
194	`* https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html`
195	`* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition`
196	`*/`
197	`export interface PolicyDocument {`
198	`Version: string;`
199	`Id?: string \| undefined;`
200	`Statement: Statement[];`
201	`}`
202
203	`/**`
204	`* API Gateway CustomAuthorizer AuthResponse.PolicyDocument.Condition.`
205	`* https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-policy-language-overview.html`
206	`* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html`
207	`*/`
208	`export interface ConditionBlock {`
209	`[condition: string]: Condition \| Condition[];`
210	`}`
211
212	`export interface Condition {`
213	`[key: string]: string \| string[];`
214	`}`
215
216	`/**`
217	`* API Gateway CustomAuthorizer AuthResponse.PolicyDocument.Statement.`
218	`* https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-policy-language-overview.html`
219	`* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html`
220	`*/`
221	`export type Statement = BaseStatement & StatementAction & (StatementResource \| StatementPrincipal);`
222
223	`export type StatementEffect = "Allow" \| "Deny";`
224
225	`export interface BaseStatement {`
226	`Effect: StatementEffect;`
227	`Sid?: string \| undefined;`
228	`Condition?: ConditionBlock \| undefined;`
229	`}`
230
231	`export type PrincipalValue = { [key: string]: string \| string[] } \| string \| string[];`
232	`export interface MaybeStatementPrincipal {`
233	`Principal?: PrincipalValue \| undefined;`
234	`NotPrincipal?: PrincipalValue \| undefined;`
235	`}`
236	`export interface MaybeStatementResource {`
237	`Resource?: string \| string[] \| undefined;`
238	`NotResource?: string \| string[] \| undefined;`
239	`}`
240	`export type StatementAction = { Action: string \| string[] } \| { NotAction: string \| string[] };`
241	`export type StatementResource =`
242	`& MaybeStatementPrincipal`
243	`& ({ Resource: string \| string[] } \| { NotResource: string \| string[] });`
244	`export type StatementPrincipal =`
245	`& MaybeStatementResource`
246	`& ({ Principal: PrincipalValue } \| { NotPrincipal: PrincipalValue });`