Feature request - configurable Principal field #55
Comments
eranation
changed the title
|
This is possible today by creating a custom We could solve this easily by giving you an easy way to inject the security context writer without having to manually create the full object constructor, perhaps just add it as a parameter to the static |
|
We discussed this offline. We see two option:
@RequestMapping(path = "/pets", method = RequestMethod.POST)
public Pet createPet(@RequestBody Pet newPet, ApiGatewayAuthorizerContext context) {
...
}
public Pet createPet(@RequestBody Pet newPet, Principal principal) {
((CognitoUserPoolPrincipal)principal).getClaims();
}Would love to hear from the community what the preferred option is. |
|
Since there is no feedback and this is not a high priority fix I'm pulling it out of 0.7. The data is still accessible through the request attributes. |
|
I'm not a user of Spring or Jersey, so I see a lot of benefit in option 2 |
|
I think option 2, as much as I hate casting or doing instanceof, is the most consistent with Spring Security. this also seems to be backward compatible. |
…hat exposes claims from the token. Also added support for custom claims.
|
I've implemented these changes. You can now cast the Principal field to Resolving the issue. |
At the moment in a Spring scenario, if you inject the Principal and use Cognito auth, you get the cognito sub (Subject). If you need the username, you must either do a lookup request to Cognito, or fish the ApiGatewayRequestContext and grab it via .getAuthorizer().getClaims().getUsername()
It would be nice if the field that is mapped to the Principal name can be configurable so that one can point it to the username instead of the sub.
The text was updated successfully, but these errors were encountered: