These Python code examples are for implementing Approov as a Proxy Authorizer in the AWS API Gateway, and you can learn how to do it by reading the Approov AWS Serverless API Proxy e-book.
The ApproovV2/lambda_function.py will implement a proxy authorizer for Approov tokens in an AWS API Gateway.
The Approov authorizer will validate the Approov token for being signed correctly, not being expired, and optionally can validate if the token binding on it matches the token binding value in the header of the request.
- 401 - when the Approov token cannot be decoded.
- 403 - when the Approov token can be decoded but is expired or the token binding doesn't match with the value in the header of the request. Also returns a 403 for when allow policy conditions fail.
- 200 - when the Approov token is valid and policy conditions are met. The body will contain the data for the response to the request.
- Authorizer Runtime: Python 3
- Python dependencies: PyJWT
If you have found a bug please report them here.
This project is licensed under the MIT license. See the LICENSE file for more info.