无服务器中响应的自定义错误消息
Custom error message on response in serverless
我正在使用节点 js 无服务器 v2 框架。我已经知道回调只接受 Allow、Deny 和 Unauthorized 作为参数。我正在使用自定义授权方进行资源保护。我需要在我无法实现的回调上发送自定义错误消息。以下是我尝试但失败的方法列表
一段代码
if (!response.data) {
return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn));
}
if (response.data && response.data.status === 'active') {
return callback(null, generateAuthResponse(decoded.id, 'Allow', methodArn));
}
if (response.data && response.data.status == 'inactive') {
return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn));
}
我想发送自定义错误消息而不是 return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn)); 拒绝。
#1
return callback(null, "Session expired");
#2
return callback(null, {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,POST,GET',
'Access-Control-Allow-Credentials': true,
},
body: JSON.stringify({
error: error
})
});
#3
return {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,POST,GET',
'Access-Control-Allow-Credentials': true,
},
body: JSON.stringify({
error: error
})
}
#4
throw Error('Session expired')
所有人都在使用 x-amzn-errortype: AuthorizerConfigurationException 抛出 cors 错误或拒绝(调用错误)。有没有办法发送自定义错误响应?
很可能是语法错误。
试试这个:
let response_object = {
statusCode: 200,
headers: {
"Access-Control-Allow-Headers" : "Content-Type",
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "OPTIONS,POST,GET"
},
body: JSON.stringify("Some Custom Error")
};
return response_object;
使用 ResponseTemplates 为 ACCESS_DENIED 响应创建和设置资源。
serverless.yml
...
resources:
Resources:
DenyFailureGatewayResponse:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
# Config your header response
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseTemplates:
# Custom response object
application/json: |
{
"success":false,
"message":"$context.authorizer.errorMessage"
}
# Setup only for ACCESS_DENIED type
ResponseType: ACCESS_DENIED
RestApiId:
Ref: 'ApiGatewayRestApi'
StatusCode: '403'
...
并且在您的 generateAuthResponse 函数中,如果您需要自定义消息,请更新您的 authResponse 对象。
const generateAuthResponse = (principalId, effect, resource, errorMessage = null) => { // I guest function will look like that
// ... do something
// before return, let custom your error message
if(effect.toLowerCase() === 'deny' && errorMessage !== null){
authResponse.context = {
// Key to map with $context.authorizer.errorMessage
"errorMessage": errorMessage ,
};
}
return authResponse;
}
我正在使用节点 js 无服务器 v2 框架。我已经知道回调只接受 Allow、Deny 和 Unauthorized 作为参数。我正在使用自定义授权方进行资源保护。我需要在我无法实现的回调上发送自定义错误消息。以下是我尝试但失败的方法列表
一段代码
if (!response.data) {
return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn));
}
if (response.data && response.data.status === 'active') {
return callback(null, generateAuthResponse(decoded.id, 'Allow', methodArn));
}
if (response.data && response.data.status == 'inactive') {
return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn));
}
我想发送自定义错误消息而不是 return callback(null, generateAuthResponse(decoded.id, 'Deny', methodArn)); 拒绝。
#1
return callback(null, "Session expired");
#2
return callback(null, {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,POST,GET',
'Access-Control-Allow-Credentials': true,
},
body: JSON.stringify({
error: error
})
});
#3
return {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,POST,GET',
'Access-Control-Allow-Credentials': true,
},
body: JSON.stringify({
error: error
})
}
#4
throw Error('Session expired')
所有人都在使用 x-amzn-errortype: AuthorizerConfigurationException 抛出 cors 错误或拒绝(调用错误)。有没有办法发送自定义错误响应?
很可能是语法错误。
试试这个:
let response_object = {
statusCode: 200,
headers: {
"Access-Control-Allow-Headers" : "Content-Type",
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "OPTIONS,POST,GET"
},
body: JSON.stringify("Some Custom Error")
};
return response_object;
使用 ResponseTemplates 为 ACCESS_DENIED 响应创建和设置资源。
serverless.yml
...
resources:
Resources:
DenyFailureGatewayResponse:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
# Config your header response
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseTemplates:
# Custom response object
application/json: |
{
"success":false,
"message":"$context.authorizer.errorMessage"
}
# Setup only for ACCESS_DENIED type
ResponseType: ACCESS_DENIED
RestApiId:
Ref: 'ApiGatewayRestApi'
StatusCode: '403'
...
并且在您的 generateAuthResponse 函数中,如果您需要自定义消息,请更新您的 authResponse 对象。
const generateAuthResponse = (principalId, effect, resource, errorMessage = null) => { // I guest function will look like that
// ... do something
// before return, let custom your error message
if(effect.toLowerCase() === 'deny' && errorMessage !== null){
authResponse.context = {
// Key to map with $context.authorizer.errorMessage
"errorMessage": errorMessage ,
};
}
return authResponse;
}