Lambda Custom Authorizer

$30-250 USD

Closed

Posted

almost 5 years ago

$30-250 USD

Paid on delivery

We have a serverless application on AWS that consists of an API Gateway that triggers Lambda do execute a specific code for our application. This application is multi tenant so this API will receive request from multiple clients. Currently the clients authenticate using cognito. We need a Lambda Custom Authorizer to validade the incoming request to make sure that user is allowed to make that specific request. Imagine the following scenario... We have 3 users John, Mark and Petter. All 3 of them login the application trough cognito and receive a JWT Token. Our front end will decrypt the token to see what’s the Tenant ID for those clientes. Currently we have 2 values to form a tenant. We have the CampusID which is our lowest level of tenant isolation and then OrganizationID that basically is 1 or more CampusID. So following along with our example we would have something like this: John CampusID : A OrganizationID: 1 Mark CampusID: B OrganizationID: 1 Petter CampusID: A, B Organization ID: 1 So all users belong to the same organization by only Petter is allowed to get results from either organization. Let’s say John needs to make a call to our API to list all orders from our e-commerce. In this case the frontend would call that specific API and would pass using querystring John’s OrganizationID and CampusID. On the header of that request the frontend would also provide the JWT Token given by Cognito during the login. Our API Gateway would then call our Lambda Custom Authorizer, and here is where the job begins. Basically the Custom Authorizer needs to decrypt the JWT Token and compare the OrganizationID and CampusID that are on the token versus the OrganizationID and CampusID that were sent trough the querystring. Following along our example, if John’s request has the same OrganizationID and CampusID on booth the JWT Token and the querystring then our Lambda Custom Authorizer would return a 200 code. Now if for some reason John manipulates the request and sends a querystring with CampusID = 2, the Lambda Custom Authorizer would return an 403 error since the querystring CampusID doesn’t match the CampusID from the JWT token. The same thing goes for the OrganizationID. One thing that is important to notice here is Petter’s case. He is allowed to call either CampusID “A” or CampusID “B” as long as the OrganizationID, in his case “1” also matches the one provided on the querystring and JWT Token. ATTENTION: The Custom Authorizer needs to be write on Python 3.6 or higher.

Project ID: 19481436

About the project

12 proposals

Remote project

Active 5 yrs ago

Looking to make some money?

Email address

Benefits of bidding on Freelancer

Set your budget and timeframe

Get paid for your work

Outline your proposal

It's free to sign up and bid on jobs

12 freelancers are bidding on average $223 USD for this job

@Gates777

Hey, I specialized in cloud application development and have long history. Please check out my profile if you'd like to review my skills and experiences. I'm really accustomed to aws lambda and serverless frameworks while working with them for a long time and I've hands-on experiences. I feel proud for having facilitating my client's startup/business very fast with my strength. Hopefully, we would be good partners on long term project through being done this project on good quality. Thank you, Shuli

$140 USD in 7 days

4.9

(116 reviews)

7.1

@bestit4u

Hey, I reviewed your job post carefully. I believe that I would be good fit to complete your project because I've long history of aws lambda. I'm familiar with amplify for web development. So I'm interested in and confident of a successful outcome. I've hands-on experiences on bot development for the past 5+ years. I'll make sure to deliver the good outcome very quickly. Thank you, Shan

$250 USD in 3 days

4.9

(88 reviews)

6.9

@seemasit

Hi, We have enough relevant experience. Let me help you. I have gone through the description "Software Skills: Android, JSON & Restful Web Services, FCM, Google Analytics, Google API, JUnit, Mockito, Wiremock, Espresso, Robolectric, Sonarqube, Kotlin, Rxjava ". As you can see my profile, I have expertise in front-end such as Android, JSON & Restful Web Services, FCM, Google Analytics, Google API, JUnit, Mockito, Wiremock, Espresso, Robolectric, Sonarqube, Kotlin, Rxjava ". JavaScript/Ajax, Angular, HTML5/CSS3, jQuery, Bootstrap, Scss/less, ReactJS, React Native, MongoDB and so on. Also, I am very familiar with Php/Mysql, CI, NodeJS, Express, Wordpress, Laravel, Symfony, CodeIgniter and so on. I can help you with that. Please start a chat to initiate it right now. Thanks & regards

$140 USD in 7 days

4.7

(79 reviews)

7.2

@pakistansolution

Hello.! I can understand your description of a project. I'm an expert in API. I have lots of experience in API. I can build a professional and expert API. I'm interested in your project. Please come and discuss the project over chat. thank you Saif

$250 USD in 3 days

4.9

(78 reviews)

6.0

@bluesea1990

Good day,Dear! Laravel Expert is HERE! I am a full-stack web developer experienced in PHP/Laravel and am interested in working for your project. I also have expertise in wordpress and can migrate to laravel. Let's discuss all the details via chat. Hope to work with you. Best regards

$140 USD in 7 days

4.9

(52 reviews)

5.7

@rabhardwaj

I mainly work with API Integration project.I have passion about API. I have been in this field for more than 7 years. i have experience in C#,php,Perl,wordpress,Html,postgress ,Ubuntu,Crontab,Web Services, Rest Api, Zend ,YIi,Mysql. Relevant Skills and Experience so i am right candidate for your project because i have experience in C#,Perl,php,node.js,Ubuntu,Crontab,Crypto currency,Wordpress,Ebay,Amazon,Instagram,Mysql,Sqllite,Mongo Db, Soap Api projects.

$212 USD in 3 days

4.9

(21 reviews)

5.6

@BestService222

Hi. As I am a professional developer, I can do your job perfectly ASAP and I want to work with you If you hire me and give me a chance to prove my abilities, so I will give you the best results with my professional skills and will do my best to make the project success I am sure I can help you Thanks :)

$140 USD in 3 days

3.9

(19 reviews)

5.3

@theukwebexpert

Hello there! My name is Chris, I'm a UK based and native English speaking web developer and app expert with 10 years experience building and maintaining complex web apps and websites. I've built and maintained applications/sites for large companies such as Coca Cola, Deutsche Bank, Easy Jet, Barclays, Vogue, Menzies, NHS, My specialist skills include: PHP, Javascript , MYSQL, Bootstrap, SEO, Digital Marketing, Laravel, IONIC, WooCommerce, Moodle, Shopify, WordPress, Drupal, New Website Builds, Search Marketing, Graphic Design, NGINX, Apache2. I'm highly motivated, results driven and personable individual with a keen eye for details and getting projects finished in a quick timescale, whilst still delivering a world class customer experience. Chris Fairman

$250 USD in 7 days