如何异步获取Express应用配置?
如何异步获取Express应用配置?
提问于 2021-02-11 08:07:42
我有一个Express应用程序,使用无服务器框架开发,将通过AWS API Gateway和AWS Lambda提供服务。它使用Okta进行身份验证,我希望将各种秘密存储在SSM中。现在,我必须在部署Lambda之前从SSM检索秘密并将它们存储在环境变量中,但如果可能,我希望在调用Lambda时从SSM检索它们。这个是可能的吗?
下面是类似于我的代码的内容(这是一个工作项目,所以我不能随意分享实际的代码)。注意,这里的main被设置为Lambda处理程序。
import { APIGatewayProxyHandler } from 'aws-lambda'
import 'source-map-support/register'
import serverless from 'serverless-http'
import express from 'express'
import bodyParser from 'body-parser'
import { ExpressOIDC } from '@okta/oidc-middleware'
import session from 'express-session'
const jsonParser = bodyParser.json()
const app = express()
app.engine('pug', require('pug').__express)
app.use(express.static('static'))
const oidc = new ExpressOIDC({
issuer: process.env.ISSUER, // `https://${oktaDomain}/oauth2/default`
client_id: process.env.CLIENT_ID, // Stored in SSM
client_secret: process.env.CLIENT_SECRET, // Stored in SSM
appBaseUrl: process.env.APP_BASE_URL, // `https://${apiGatewayId}.execute-api.${AWS::Region}.amazonaws.com/prod`
scope: 'openid profile'
})
app.use(session({
secret: process.env.SESSION_SECRET!, // Stored in SSM
resave: true,
saveUninitialized: false
}))
app.use(oidc.router)
app.set('view engine', 'pug')
app.set('views', './views')
app.get('/', oidc.ensureAuthenticated(), async (_req, res) => res.render('index'))
app.get('/status/:taskId', oidc.ensureAuthenticated(), async (req, res) => { ... })
app.post('/doPost', oidc.ensureAuthenticated(), jsonParser, async (req, res) => { ... })
export const main: APIGatewayProxyHandler = serverless(
app
) as APIGatewayProxyHandle回答 1
Stack Overflow用户
发布于 2021-02-13 07:28:59
这看起来可以工作,但我还没有测试它来确认。灵感来自this Serverless Express PR
import { APIGatewayProxyHandler } from 'aws-lambda'
import 'source-map-support/register'
import serverless from 'serverless-http'
import express from 'express'
import bodyParser from 'body-parser'
import { ExpressOIDC } from '@okta/oidc-middleware'
import session from 'express-session'
const jsonParser = bodyParser.json()
// Retrieve stuff from SSM
const ssmConfig = async() => { ... }
const buildApp(ssmConfig) = (ssmConfig: Record<string, string>) => {
const app = express()
app.engine('pug', require('pug').__express)
app.use(express.static('static'))
const oidc = new ExpressOIDC({
issuer: ssmConfig.ISSUER, // `https://${oktaDomain}/oauth2/default`
client_id: process.env.CLIENT_ID, // Stored in SSM
client_secret: process.env.CLIENT_SECRET, // Stored in SSM
appBaseUrl: process.env.APP_BASE_URL, // `https://${apiGatewayId}.execute-api.${AWS::Region}.amazonaws.com/prod`
scope: 'openid profile'
})
app.use(session({
secret: process.env.SESSION_SECRET!, // Stored in SSM
resave: true,
saveUninitialized: false
}))
app.use(oidc.router)
app.set('view engine', 'pug')
app.set('views', './views')
app.get('/', oidc.ensureAuthenticated(), async (_req, res) => res.render('index'))
app.get('/status/:taskId', oidc.ensureAuthenticated(), async (req, res) => { ... })
app.post('/doPost', oidc.ensureAuthenticated(), jsonParser, async (req, res) => { ... })
return app
}
export const main: APIGatewayProxyHandler = async (event, context) => {
ssmConfig = await getSsmConfig(); // this would handle retrieving stuff from SSM
const app = buildApp(ssmConfig); // build the app w/ config from ssm
const handle = serverless(app);
return handle(event, context); // I might need to add an "as <something or other>" to make TypeScript happy
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/66147001
复制相关文章
相似问题
腾讯云开发者
