Is your feature request related to a problem? Please describe.
We are using API HTTP (v2) Gateway with the standard JWT authorizer. Our JWT has custom claims that are within an object. This library sets claims as map[string]string which then will take the object and set a string of 'map[key:value]' which is then not able to unmarshal it or get the value of the key within the object.
Our code to attempt to get the a value from an object based claim
claims := request.RequestContext.Authorizer.JWT.Claims
namespace, ok := claims[_globalNamespace]
if !ok {
return "", false
}
log.Printf("namespace: (%v) with type (%T)", namespace, namespace)
Value when printed into cloud watch looks like this:
namespace: (map[key:value]) with type (string)
Describe the solution you'd like
JWT claims to be a map[string]interface{} so we can retrieve the data within object based claims.
Ideally this line should be map[string]interface{}
https://github.com/aws/aws-lambda-go/blob/main/events/apigw.go#L93
Describe alternatives you've considered
We having to use a jwt.parser to pull out the claims that are an object within the lamba which seems counter productive and less efficient to parse the jwt token twice
authHeader := request.Headers["authorization"]
// Split "Bearer <token>"
tokenString := strings.Split(authHeader, " ")[1]
// Parse the JWT token without validating (for the purpose of extracting claims)
token, parts, _ := new(jwt.Parser).ParseUnverified(tokenString, jwt.MapClaims{})
customClaims, ok := token.Claims.(jwt.MapClaims)[_globalNamespace].(map[string]interface{})
valueInObjectClaim := customClaims["key"])
Additional context
Decrypted JWT token example (some data obscured for security purposes)
{
"global-namespace": {
"key": "value"
},
"iss": "https://auth..com/",
"sub": "auth|1234",
"aud": "aud.com",
"iat": 1725883332,
"exp": 1725969732,
"scope": "email offline_access openid profile",
"gty": "password",
"azp": "152348"
}
Is your feature request related to a problem? Please describe.
We are using API HTTP (v2) Gateway with the standard JWT authorizer. Our JWT has custom claims that are within an object. This library sets claims as map[string]string which then will take the object and set a string of 'map[key:value]' which is then not able to unmarshal it or get the value of the key within the object.
Our code to attempt to get the a value from an object based claim
Value when printed into cloud watch looks like this:
Describe the solution you'd like
JWT claims to be a map[string]interface{} so we can retrieve the data within object based claims.
Ideally this line should be map[string]interface{}
https://github.com/aws/aws-lambda-go/blob/main/events/apigw.go#L93
Describe alternatives you've considered
We having to use a jwt.parser to pull out the claims that are an object within the lamba which seems counter productive and less efficient to parse the jwt token twice
Additional context
Decrypted JWT token example (some data obscured for security purposes)