var credentialsRegExp = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9\-\._~\+\/]+=*)

1. var credentialsRegExp = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9\-\._~\+\/]+=*) *$/;
2. var userPassRegExp = /^([^:]*):(.*)$/;
3.  
4. Credentials = function(name, pass) {
5. this.name = name;
6. this.pass = pass;
7. }
8.  
9. exports.handler = (event, context, callback, config) => {
10. var token = event.authorizationToken;
11. var user = userFromBasicAuthString(token);
12.  
13. if (user.name === process.env.AUTH_USER && user.pass === process.env.AUTH_PASS) {
14. console.log("Authorized for name: " + user.name + " and methodArn: " + event.methodArn);
15. context.succeed(generatePolicy(user.name, 'Allow', event.methodArn));
16. return;
17. }
18.  
19. context.fail("Unauthorized");
20. };
21.  
22. userFromBasicAuthString = (header) => {
23. var match = credentialsRegExp.exec(header || '');
24.  
25. if (!match) {
26. if (!header) {
27. console.log('no header provided');
28. return null;
29. }
30. match = ['', header];
31. }
32.  
33. var userPass = userPassRegExp.exec(decodeBase64(match[1]));
34.  
35. if (!userPass) {
36. console.log("No user password provided");
37. return null;
38. }
39.  
40. return new Credentials(userPass[1], userPass[2]);
41. }
42.  
43. decodeBase64 = (str) => {
44. return new Buffer(str, 'base64').toString();
45. }
46.  
47. generatePolicy = (principalId, effect, resource) => {
48. var authResponse = {};
49. authResponse.principalId = principalId;
50. if (effect && resource) {
51. var policyDocument = {};
52. policyDocument.Version = '2012-10-17'; // default version
53. policyDocument.Statement = [];
54. var statementOne = {};
55. statementOne.Action = 'execute-api:Invoke'; // default action
56. statementOne.Effect = effect;
57. statementOne.Resource = resource;
58. policyDocument.Statement[0] = statementOne;
59. authResponse.policyDocument = policyDocument;
60. }
61. console.log(JSON.stringify(authResponse));
62. return authResponse;
63. }