gpt4 book ai didi

cors - API网关 云信息 CORS

转载 作者:行者123 更新时间:2023-12-03 07:44:47 30 4
gpt4 key购买 nike

我正在尝试使用 cloudformation 在 API Gateway 中部署 API。这些方法需要启用 CORS,我遵循此处的模板 Enable CORS for API Gateway in Cloudformation template这样做。这是我的模板

AuthorizerRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "sts:AssumeRole"
Effect: "Allow"
Principal:
Service:
- "apigateway.amazonaws.com"
Policies:
- PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "lambda:invokeFunction"
Effect: "Allow"
Resource:
- !GetAtt "MyAPIAuthorizer.Arn"
PolicyName: "lambda"

Authorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
AuthorizerResultTtlInSeconds: 0
AuthorizerCredentials: !GetAtt "AuthorizerRole.Arn"
AuthorizerUri:
Fn::Join:
- ""
-
- "arn:aws:apigateway:"
- Ref: "AWS::Region"
- ":lambda:path/2015-03-31/functions/"
- Fn::GetAtt:
- "MyAPIAuthorizer"
- "Arn"
- "/invocations"
Type: "TOKEN"
IdentitySource: "method.request.header.token"
Name: "DefaultAuthorizer"
RestApiId: !Ref RestApi

MyAPIAuthorizer:
Type: AWS::Lambda::Function
Properties:
Code:
S3Bucket: my-My-lambda-us-east-1
S3Key: node_lambdas.zip
Handler: My-APIAuthorizer.handler
Role: !Ref Role
Runtime: nodejs6.10
Timeout: 300
VpcConfig:
SecurityGroupIds:
- !Ref SecurityGroup
SubnetIds: !Ref Subnets

MyAuthenticateUser:
Type: AWS::Lambda::Function
Properties:
Code:
S3Bucket: My-My-lambda-us-east-1
S3Key: node_lambdas.zip
Handler: My-AuthenticateUser.handler
Role: !Ref Role
Runtime: nodejs6.10
Timeout: 300
VpcConfig:
SecurityGroupIds:
- !Ref SecurityGroup
SubnetIds: !Ref Subnets
#Policies: AWSLambdaDynamoDBExecutionRole

MyAuthenticateUserApiGatewayInvoke:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !GetAtt "MyAuthenticateUser.Arn"
Principal: "apigateway.amazonaws.com"
SourceArn: !Sub "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${RestApi}/*/*/*"
MyAuthenticateUserResource:
Type: AWS::ApiGateway::Resource
Properties:
RestApiId: !Ref RestApi
ParentId: !Ref ApiResourceParent
PathPart: authenticateuser
MyAuthenticateUserPost:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref RestApi
ResourceId: !Ref MyAuthenticateUserResource
HttpMethod: POST
AuthorizationType: NONE
Integration:
IntegrationHttpMethod: POST
Type: AWS
Uri: !Sub
- "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdaArn}/invocations"
- lambdaArn: !GetAtt "MyAuthenticateUser.Arn"
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
MyAuthenticateUserOptions:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref RestApi
ResourceId: !Ref MyAuthenticateUserResource
HttpMethod: OPTIONS
AuthorizationType: NONE
Integration:
IntegrationHttpMethod: POST
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'POST,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
Type: MOCK
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: true
method.response.header.Access-Control-Allow-Methods: true
method.response.header.Access-Control-Allow-Origin: true

MyFunction:
Type: AWS::Lambda::Function
Properties:
Code:
S3Bucket: My-My-lambda-us-east-1
S3Key: node_lambdas.zip
Handler: My-Function.handler
Role: !Ref Role
Runtime: nodejs6.10
Timeout: 300
VpcConfig:
SecurityGroupIds:
- !Ref SecurityGroup
SubnetIds: !Ref Subnets
#Policies: AWSLambdaDynamoDBExecutionRole

MyFunctionApiGatewayInvoke:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !GetAtt "MyFunction.Arn"
Principal: "apigateway.amazonaws.com"
SourceArn: !Sub "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${RestApi}/*/*/*"
MyFunctionResource:
Type: AWS::ApiGateway::Resource
Properties:
RestApiId: !Ref RestApi
ParentId: !Ref ApiResourceParent
PathPart: Function
MyFunctionGet:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref RestApi
ResourceId: !Ref MyFunctionResource
HttpMethod: GET
AuthorizationType: CUSTOM
AuthorizerId: !Ref Authorizer
Integration:
IntegrationHttpMethod: GET
Type: AWS
Uri: !Sub
- "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdaArn}/invocations"
- lambdaArn: !GetAtt "MyFunction.Arn"
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
MyFunctionOptions:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref RestApi
ResourceId: !Ref MyFunctionResource
HttpMethod: OPTIONS
AuthorizationType: NONE
Integration:
IntegrationHttpMethod: GET
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
Type: MOCK
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: true
method.response.header.Access-Control-Allow-Methods: true
method.response.header.Access-Control-Allow-Origin: true

部署 API 后,MyAuthenticateUserPost 方法返回带有以下响应 header 的 200

Access-Control-Allow-Origin →*

Connection →keep-alive

Content-Length→249

Content-Type →application/json

Date →Fri, 28 Sep 2018 21:15:38 GMT

Via →1.1 sdlkfnsdlk.cloudfront.net(CloudFront)

X-Amz-Cf-Id→dflknsdlfkn

X-Amzn-Trace-Id →Root=sdlkfnsdlk;Sampled=0

X-Cache →Miss from cloudfront

x-amz-apigw-id →sdklfnsdlk

x-amzn-RequestId →slkfnlsdk

MyFunctionGet 方法返回 500 并包含以下响应 header

Connection →keep-alive

Content-Length →36

Content-Type →application/json

Date →Fri, 28 Sep 2018 21:19:04 GMT

Via →1.1 slkdfnk.cloudfront.net (CloudFront)

X-Amz-Cf-Id →dsklfnsdlk

X-Cache →Error from cloudfront

x-amz-apigw-id →dlsfknsdlkfn

x-amzn-RequestId →sdkfnsdkln

500 响应缺少 Access-Control-Allow-OriginX-Amzn-Trace-Id header 。两种方法之间的区别在于,工作方法是 POST,没有授权,而不起作用的方法是 GET,并且有自定义授权者。如果我进入 API Gateway 控制台,选择 GET 方法 -> 集成请求,然后像这样保存 Lambda 函数,我可以使返回 500 的方法起作用 enter image description here

在 cloudformation 部署后,该函数已经存在于该字段中,并且我已在模板中添加了权限,但除非我执行此手动步骤,否则 API 网关方法将无法工作。我有大约 50 种方法,所以我想完全自动化。我的模板中是否缺少某些内容?

更新:为了响应 @jny,我更新了 Get 方法中的集成响应,如下所示

IntegrationResponses:
- StatusCode: 200
SelectionPattern: "2\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 300
SelectionPattern: "3\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 400
SelectionPattern: "4\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 500
SelectionPattern: "5\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
- StatusCode: 300
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
- StatusCode: 400
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
- StatusCode: 500
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true

我也对我的选项方法进行了相同的更新

IntegrationResponses:
- StatusCode: 200
SelectionPattern: "2\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 300
SelectionPattern: "3\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 400
SelectionPattern: "4\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
- StatusCode: 500
SelectionPattern: "5\\{d}2"
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token'"
method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: false
method.response.header.Access-Control-Allow-Methods: false
method.response.header.Access-Control-Allow-Origin: false
- StatusCode: 300
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: false
method.response.header.Access-Control-Allow-Methods: false
method.response.header.Access-Control-Allow-Origin: false
- StatusCode: 400
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: false
method.response.header.Access-Control-Allow-Methods: false
method.response.header.Access-Control-Allow-Origin: false
- StatusCode: 500
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: false
method.response.header.Access-Control-Allow-Methods: false
method.response.header.Access-Control-Allow-Origin: false

调用 API 方法时我仍然看到 500 响应

最佳答案

您必须为所有状态配置 ResponseParameters,而不仅仅是 200。

类似的事情:

   "IntegrationResponses": [
{
"ResponseParameters":{
"method.response.header.Access-Control-Allow-Origin": "'*'"
},
"StatusCode": 200,
"ResponseTemplates": {
....
}
},
{
"StatusCode": 500,
"SelectionPattern": "5\\{d}2",
"ResponseTemplates": {
....
}
}
],

方法响应也相同,例如:

"MethodResponses": [{
"ResponseModels": {
"application/json": "Empty"
},
"ResponseParameters":{
"method.response.header.Access-Control-Allow-Origin": "'*'"
},
"StatusCode": "200"
},
{
"StatusCode": "500"
}
]

关于cors - API网关 云信息 CORS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52563022/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com