I have an API that is secured using OAuth (IdentityServer 4). I need to call this from an AWS Lambda function. I cant figure out how to do this in Node (noob to node). I can see an example of using oidc-client package but it seems to be designed for browser based clients. I just need the access token to call the api. Ive done this from a .Net console app, but Im lost in Node. Does anyone know of an example of doing this?
Thanks
#Jonesie have you tried example from AWS repository? Request you to take a look https://github.com/awslabs/serverless-application-model/tree/master/examples/apps/api-gateway-authorizer-nodejs
Related
I have a nodejs app deployed on AppEngine with IAP enabled, so right now access to its endpoints is protected against users outside of the project's IAM and I get the "x-goog-authenticated-user-id", "x-goog-authenticated-user-email" and another jwt assertion x-goog signed header, just like it should be (as detailed here https://cloud.google.com/iap/docs/identity-howto).
In certain AppEngine environments (so far Python, Java, Go) it seems you are able to use some already provided libraries to get more information about the user with Users API, however the nodejs page is disabled (here https://cloud.google.com/appengine/docs/standard/python/users/), there seems to be no indication of what should be done there. Any ideas?
If there is no straight forward way around it would I be able to have an app engine environment that also exposes for example the Python libraries for Users API so that I can wrap around them and use them in my nodejs app?
The Users API isn't supported for Node.js. Instead, you can get the identity from the x-goog-iap-jwt-assertion header.
We don't currently have a code sample for Node.js, though this looks like one reasonable approach. (Disclaimer: I'm not a Node user, and don't know enough about Node JWT libraries to endorse any of them in particular.)
Update for the current state:
There is currently a
Identity-Aware Proxy Documentation for Node JS.
I am using Angular 5 with Firebase, i understand the firebase credential in Angular has the chance to leak to client side when rendering the pages. But Firebase Products can use rules to secure it, i found it doesn't harm any to me.
But i have another question, what if I want to use SQL or any other services that require credential to perform authentication before executing an action, such as read/write from a SQL table.
When I using Node.js, the credential will declare in the server-side JS file, but apparently Angular is client-side framework. So i would like to know to solve this problem.
Thank you!
Code on your server/node app won't be available to the frontend.
Only data that's requested by the client via http requests is available to the Angular app.
So as long you don't return the critical data through your api you're good to go.
I am trying to deploy the Webhook Example for Google Actions found here onto Lambda AWS.
I was successful deploying and making the POST calls using ngrok. So, no problems there.
But the issue i found is it uses Express node module for POST request calls. Lambda AWS fails when the request is made to Express module. So is there a way to make the POST call successful.
I tried using Lambda-Express node module to deploy it, but it seems to have some issue as well.
Lambda AWS does not directly support an HTTP interface.
One solution would be for you to use API Gateway which would allow you to translate the HTTPS POST that AoG sends, into a call to AWS Lambda.
In your lambda you will handle the request which comes in via the standard Lambda handler:
function( event, context, callback );
instead of via Express. You would probably also want to remove Express from your code, which might sound like a lot of work, but I took a brief look at it when it was released and my impression was that the dependence on Express was minor and quite unnecessary.
The alternative would be to switch from Lambda to something HTTP based like Google App Engine which is also serverless (to a degree). I guess that might be easier but I don't know what your other factors might be.
I have come across this tutorial that explains the step by step process of connecting API.ai intent using the Lambda function.
And if you follow the Google web hook example to deploy it to Lambda, then it's a wrong direction. Completely eliminate the express usage and also the Assistant class is not necessary when Lambda deployment is necessary.
I'm trying to call GA api in a react/webpack/babel project using google-api-nodejs-client. However it doesn't work. I've got multiple error in my console. On the google-api-nodejs-client GitHub's issues I found the following answers about a similar issue :
google-api-nodejs-client is not meant to be used in a browser—it won't
work. googleapis (google-api-nodejs-client) will work in Node.js.
Excluding googleapis from any server-side bundle (just let Node's
module system load it for you) is the best option.
To access Google APIs from a browser, please use the Google API Client
Library for JavaScript (gapi).
I don't really understand it. Can someone explain this differently ?
thanks.
I am using the Facebook SDK on a mobile app. After the login, I get a token (long string) from facebook. I want to use this to connect to a remove mongodb database and update or query the database there.
Am I correct in understanding that:
I need to run node.js on the remote server and then
make a connection from the app to the remote node.js, and then
have node.js query the mongodb
If yes, can someone please point me to a simple example that demonstrates this?
thanks!
What you require is API(mostly REST which understands JSON), much like the Facebook api your mobile app is already talking to. Your mobile app will also communicate with this API, which in turn connects to MongoDB and preforms desired operation.
Look here to get basic understanding of REST API
Look here for sample REST API implementation using nodejs.
I found a solution which is in line with what I need: http://www.quietless.com/kitchen/building-a-login-system-in-node-js-and-mongodb/