This project contains a Lambda@Edge function that decodes the OpenStax Accounts JWT signed cookie and sets custom HTTP headers based on its content. This is useful for applications behind a CloudFront distribution that wish to make decisions based on JWT claims without having to decode the JWT on every server or application instance.
If a openstax SSO cookie is present on a request, it will set two headers:
- os-user-uuid: The user's uuid
- os-user: JSON encoded content of the accounts cookie
- AWS Account with permissions to create Lambda functions and CloudFront distributions.
node.jsandnpminstalled.- Nodejs 20+
-
Clone this repository:
git clone https://github.com/openstax/sso-cookie-decoder.git cd sso-cookie-decoder -
Install dependencies:
yarn install
-
Make changes and run tests
yarn test -
Set terraform config vars in your environment
. ./set-env <staging|production>
Note: Make sure you have AWS credentials set using the OpenStax
set_aws_credsscript
- run terraform
terraform apply