Hello everyone, I am trying to create an API in which some endpoints need to be authenticated. The authentication data(token) is being sent in the Cookie header.
My problem is that the API is returning 500 Internal Server Error { "message": null } whenever I am trying to request something. Cloud watch logs show that the API gateway is getting invoked, the lambda authorizer is getting invoked, but the function to process my request is not getting executed at all. No error logs.
When I test locally using serverless offline, it works fine. When I test my function by making it accessible without needing any authentication, it works fine. So my guess is that there’s some configuration error in my serverless template or the authorizer is not returning a valid response. Please have a look below:
serverless.yml:
frameworkVersion: '2'
org: companyx
app: customer-self-service-api
service: customer-self-service-api
custom:
domains:
production: customer-self-service.example.com
development: dev-customer-self-service.example.com
staging: stg-customer-self-service.example.com
customDomain:
domainName: ${self:custom.domains.${self:provider.stage}}
basePath: ''
stage: development
createRoute53Record: true
sentry:
sourceMaps: true
dsn: ${env:SENTRY_DSN}
organization: companyx
project: customer-self-service-api
authToken: ${env:SENTRY_AUTH_TOKEN}
release:
version: true
plugins:
- serverless-bundle
- serverless-dotenv-plugin
- serverless-domain-manager
- serverless-offline
provider:
stage: ${opt:stage, "development"}
region: eu-central-1
name: aws
runtime: nodejs12.x
apiGateway:
shouldStartNameWithService: true
minimumCompressionSize: 1024
endpointType: regional
environment:
AWS_NODEJS_CONNECTION_REUSE_ENABLED: '1'
package:
individually: true
functions:
ping:
handler: handler.ping
events:
- http:
method: get
path: api/v1/ping
jwtAuth:
handler: handler.jwtAuth
getProfile:
handler: handler.getProfile
events:
- http:
method: get
path: api/v1/customers/profile
authorizer:
name: jwtAuth
type: request
identitySource: method.request.header.Cookie
cors: true
The response from Lambda Authorizer:
{
"principalId": "myuser1@example.com",
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": "Allow",
"Resource": "arn:aws:execute-api:eu-central-1:<my account id>:<api gw id>/<stage>/GET/api/v1/customers/profile"
}
]
},
"context": {
"user": {
"email": "myuser1@example.com",
"email_verified": true,
"iat": 1619528494,
"exp": 1622120494
},
"expires": "2031-03-08T17:45:21.809Z"
}
}