Gathering detailed insights and metrics for serverless-offline-local-authorizers-plugin
Gathering detailed insights and metrics for serverless-offline-local-authorizers-plugin
Installations
npm install serverless-offline-local-authorizers-pluginDeveloper
nlang
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
14.16.1
NPM Version
8.5.0
Statistics
16 Stars
48 Commits
22 Forks
2 Watching
3 Branches
4 Contributors
Updated on 08 Dec 2023
Bundle Size
3.11 kB
Minified
1.36 kB
Minified + Gzipped
Languages
TypeScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
1,083,207
Last day
28.7%
852
Compared to previous day
Last week
15%
4,320
Compared to previous week
Last month
-9.5%
18,090
Compared to previous month
Last year
-11.7%
279,762
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
2
Versions
serverless-offline-local-authorizers-plugin
Serverless plugin for adding authorizers when developing and testing functions locally with serverless-offline.
This plugin allows you to add local authorizer functions to your serverless projects. These authorizers
are added dynamically in a way they can be called by serverless-offline but don't interfer with your
deployment and your shared authorizer functions. This helps when you have shared API Gateway authorizers
and developing and testing locally with serverless-offline.
:warning: If you are using this plugin and get schema validation errors: Please check indentation of
localAuthorizer:config property! See example below...
Installation
Installing using npm:
npm i serverless-offline-local-authorizers-plugin --save-dev
Usage
Step 1: Define your authorizer functions in a file of your choice (.js, .mjs, .ts and others) and later you will inform the path and name or file default called local-authorizers.js and put it into your
project root (that's where your serverless.yml lives).
If you want the local function to call your deployed shared authorizer it could look something like this:
1const AWS = require("aws-sdk"); 2const mylocalAuthProxyFn = async (event, context) => { 3 4 const lambda = new AWS.Lambda(); 5 const result = await lambda.invoke({ 6 FunctionName: "my-shared-lambda-authorizer", 7 InvocationType: "RequestResponse", 8 Payload: JSON.stringify(event), 9 }).promise(); 10 11 if (result.StatusCode === 200) { 12 return JSON.parse(result.Payload); 13 } 14 15 throw Error("Authorizer error"); 16}; 17 18module.exports = { mylocalAuthProxyFn }; 19
Of course you could also just return a mocked response, call Cognito to mock your Cognito Authorizer or whatever suits your needs. You can also define multiple authorizer functions if you need to.
Step 2: In your serverless.yml, add the localAuthorizer property to your http events. This will not interfere
with your "real" authorizers and will be ignored upon deployment.
1functions: 2 myFunction: 3 handler: myFunction.handler 4 events: 5 - http: 6 path: /my/api/path 7 method: GET 8 authorizer: 9 type: CUSTOM 10 authorizerId: abcjfk 11 localAuthorizer: 12 name: "mylocalAuthProxyFn" 13 pathFile: "local-authorizers.js" # Optional 14 type: "request" 15
Step 3: Add the plugin to the plugins sections in serverless.yml:
1plugins: 2 - serverless-offline-local-authorizers-plugin 3 - serverless-offline
Step 4: Fire up serverless offline with the local-authorizers option:
1$ sls offline local-authorizers --stage dev --region eu-central-1
License
MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 3/10 approved changesets -- score normalized to 3
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 23 are checked with a SAST tool
Reason
23 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-pppg-cpfq-h7wr
- Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
- Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
- Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
- Warn: Project is vulnerable to: GHSA-3xq5-wjfh-ppjc / GHSA-wc69-rhjr-hc9g
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
- Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
- Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
2.1
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More