I have just started with AWS Serverless and I am having some doubts. Here is my use case and what I have tried and done so far:
Use Case:
Make multiple GET and POST requests to an API using HTTP API(not REST API) in AWS using lambda function.
What I have done:
Created an HTTP API. Using $default stage currently. Created a POST route. Created a function(in python) with POST request. Attached the function integration with my POST route. I am successfully able to call this route using my frontend code(written in vanilla js). Using the data that I receive from frontend, I call an external API using it's URL in my python lambda function.
Problem:
I want to make a GET request to another API using it's URL. Will I have to make another lambda function to do so?
Any help will be great. Pardon me if I have asked a silly question. It's just that I am new to AWS and HTTP API. Thank You for your time!
Based on the comments.
A single lambda function can be used for both POST and GET requests. For this, you can have either two routes, one for POST and one for GET. Both can be integrated with the same function.
Alternatively, you can have one ANY route to route everything into a single function.
The function can have same file and same handler. However, its logic must be probably modified to handle POST and GET events differently, depending on your use-case.
Related
I have a Python FastAPI Backend which gives me an endpoint in order to retrieve some oAuth data. The Endpoint works when i put it manually in my Browser. It first does a redirect retrieves an accessToken which it then adds to a second link and opens it. So the functionality works. Now i'm a bit stuck on how to get this data in my Frontend. I tried a GET request on the original endpoint but then get the response with the redirect link. What would be a clever way to handle this? I would like to store the data in the Frontend in order to manipulate it
Thanks for helping me!
After doing many OAuth2 interactions, I recommend you use a library; OAuth2 flow is fairly complicated with the interactions between Client, Backend, Identification, & Authorization servers. Using a library helps ensure you are doing all the key swaps properly and securely; Also it will save you lots of time :).
Here is a library I would use in your shoes; https://github.com/manfredsteyer/angular-oauth2-oidc
I am trying to find a proper way of calling Azure Logic App endpoints from Python. I know that it is possible to call the url using requests package, but I am just curious if there is a specific python client library available for this purpose?
I already came across LogicManagementClient but it seems it's more of an Azure Resource Management client and it is really complicated to figure out how to call a Logic App endpoint through it.
You could define sig in your code with rest api. Also there is a logic app management api for python:azure.mgmt.logic.
And there is a run method under workflow_triggers_operations. You could use it to run a workflow trigger. Here is the method detail run(resource_group_name, workflow_name, trigger_name, custom_headers=None, raw=False, **operation_config).
I have an iOS app with an authenticated cognito user calling a lambda function through API Gateway.
I'm trying to access this user's attributes from within the lambda function (written in Python). E.g. i want to get his username to add a comment he's sending to my database.
This seems like quite a basic thing to do, and I'm surprised it's so difficult.
I've been looking at the context & event objects passed to the lambda function, but it does not contain user attributes
I tried to look at using boto3 to request information from cognito, but cannot find how to make it work
I think the way to do this is to get some information from the context object, and then use the boto3 lib to connect to Cognito and request user attributes. I cannot find anywhere an example of how to do this and boto3 documentation is not very helpful.
I would very much appreciate help on this, I must be missing a very easy & obvious way to do this given how little talk there is on this issue.
Thanks
I'm using python-oauth2 to authenticate API calls to Dropbox's API.
There are two problems I'm having:
I don't know how to provide a callback function to OAuth. I tried making the request as follows:
resp, content = client.request(request_token_url,\
"POST",body=urllib.urlencode({'oauth_callback':callbackURL}))
However, the function at callbackURL is not called.
At the moment, I've just modified the example code given in the README for python-oauth2, and I've managed to redirect the user to the Dropbox authentication page. However, I've written no code to explicitly sign my requests. Is that being done by the module, or are the requests I am making just unsigned? If its the latter, I'm really confused as to how things are working.
Help much appreciated. Thanks!
--Edit--
So I was reading the API docs, and the authorization URL takes two parameters - one is the access_token and the second is oauth_callback. I managed to created a URL that had these two parameters, and now, once the user authenticates my app, they are successfully redirected to my website. However, this seems like a very crude hack, and I'd love to learn to do this in a better way.
Hi I am trying to secure a server function being used for an Ajax request, so that the function is not accessed for any sort of malicious activity. I have done the following till now:-
I am checking whether a valid session is present while the function is being called.
I am using POST rather than GET
I look for specific headers by using request.is_xhr else I induce a redirect.
I have compressed the javascript using dojo shrinksafe(..i am using dojo..)
What else can and should be done here. Need your expert advice on this.
(NB-I am using Flask and Dojo)
No any special secure actions required. Consider ajax request as any other client request.