UNPKG

@types/aws-lambda/trigger/iot-authorizer.d.ts

Version:

1.76 kBTypeScriptView Raw

1import { Handler } from "../handler";
2import { PolicyDocument } from "./api-gateway-authorizer";
3
4export type IoTProtocolType = "http" | "mqtt" | "tls";
5
6export type IoTCustomAuthorizerHandler = Handler<IoTCustomAuthorizerEvent, IoTCustomAuthorizerResult>;
7
8export interface IoTProtocolDataTLS {
9    serverName: string; // The server name indication (SNI) host_name string.
10}
11
12export interface IoTProtocolDataHTTP {
13    headers: Record<string, string>;
14    queryString: string;
15}
16
17export interface IoTProtocolDataMQTT {
18    username?: string;
19    password?: string; // A base64-encoded string.
20    clientId: string; // Included in the event only when the device sends the value.
21}
22
23export interface IoTCustomAuthorizerEvent {
24    token?: string;
25    signatureVerified: boolean; // Indicates whether the device gateway has validated the signature.
26    protocols: IoTProtocolType[]; // Indicates which protocols to expect for the request.
27    protocolData: {
28        tls?: IoTProtocolDataTLS;
29        http?: IoTProtocolDataHTTP;
30        mqtt?: IoTProtocolDataMQTT;
31    };
32    connectionMetadata: {
33        id: string; // The connection ID. You can use this for logging.
34    };
35}
36
37/**
38 * IoT CustomAuthorizer AuthResponse.PolicyDocument.
39 * https://docs.aws.amazon.com/iot/latest/developerguide/config-custom-auth.html#custom-auth-lambda
40 * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition
41 */
42export interface IoTCustomAuthorizerResult {
43    isAuthenticated: boolean; // A Boolean that determines whether client can connect.
44    principalId: string; // A string that identifies the connection in logs.
45    disconnectAfterInSeconds: number;
46    refreshAfterInSeconds: number;
47    policyDocuments: PolicyDocument[];
48}

1	`import { Handler } from "../handler";`
2	`import { PolicyDocument } from "./api-gateway-authorizer";`
3
4	`export type IoTProtocolType = "http" \| "mqtt" \| "tls";`
5
6	`export type IoTCustomAuthorizerHandler = Handler<IoTCustomAuthorizerEvent, IoTCustomAuthorizerResult>;`
7
8	`export interface IoTProtocolDataTLS {`
9	`serverName: string; // The server name indication (SNI) host_name string.`
10	`}`
11
12	`export interface IoTProtocolDataHTTP {`
13	`headers: Record<string, string>;`
14	`queryString: string;`
15	`}`
16
17	`export interface IoTProtocolDataMQTT {`
18	`username?: string;`
19	`password?: string; // A base64-encoded string.`
20	`clientId: string; // Included in the event only when the device sends the value.`
21	`}`
22
23	`export interface IoTCustomAuthorizerEvent {`
24	`token?: string;`
25	`signatureVerified: boolean; // Indicates whether the device gateway has validated the signature.`
26	`protocols: IoTProtocolType[]; // Indicates which protocols to expect for the request.`
27	`protocolData: {`
28	`tls?: IoTProtocolDataTLS;`
29	`http?: IoTProtocolDataHTTP;`
30	`mqtt?: IoTProtocolDataMQTT;`
31	`};`
32	`connectionMetadata: {`
33	`id: string; // The connection ID. You can use this for logging.`
34	`};`
35	`}`
36
37	`/**`
38	`* IoT CustomAuthorizer AuthResponse.PolicyDocument.`
39	`* https://docs.aws.amazon.com/iot/latest/developerguide/config-custom-auth.html#custom-auth-lambda`
40	`* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition`
41	`*/`
42	`export interface IoTCustomAuthorizerResult {`
43	`isAuthenticated: boolean; // A Boolean that determines whether client can connect.`
44	`principalId: string; // A string that identifies the connection in logs.`
45	`disconnectAfterInSeconds: number;`
46	`refreshAfterInSeconds: number;`
47	`policyDocuments: PolicyDocument[];`
48	`}`