Set up a $connect
route that requires a WebSocket subprotocol
Clients can use the Sec-WebSocket-Protocol
field to request a WebSocket subprotocol$connect
route to allow connections only if a client requests a subprotocol
that your API supports.
The following example Lambda function returns the Sec-WebSocket-Protocol
header to clients. The function establishes a connection to your API only if the client specifies the
myprotocol
subprotocol.
For an AWS CloudFormation template that creates this example API and Lambda proxy integration, see
ws-subprotocol.yaml
.
export const handler = async (event) => { if (event.headers != undefined) { const headers = toLowerCaseProperties(event.headers); if (headers['sec-websocket-protocol'] != undefined) { const subprotocolHeader = headers['sec-websocket-protocol']; const subprotocols = subprotocolHeader.split(','); if (subprotocols.indexOf('myprotocol') >= 0) { const response = { statusCode: 200, headers: { "Sec-WebSocket-Protocol" : "myprotocol" } }; return response; } } } const response = { statusCode: 400 }; return response; }; function toLowerCaseProperties(obj) { var wrapper = {}; for (var key in obj) { wrapper[key.toLowerCase()] = obj[key]; } return wrapper; }
You can use wscat
-s
flag to specify subprotocols during the connection.
The following command attempts a connection with an unsupported subprotocol. Because
the client specified the chat1
subprotocol, the Lambda integration returns a
400 error, and the connection is unsuccessful.
wscat -c wss://
api-id
.execute-api.region
.amazonaws.com/beta
-s chat1error: Unexpected server response: 400
The following command includes a supported subprotocol in the connection request. The Lambda integration allows the connection.
wscat -c wss://
api-id
.execute-api.region
.amazonaws.com/beta
-s chat1,myprotocolconnected (press CTRL+C to quit)
To learn more about invoking WebSocket APIs, see Invoke WebSocket APIs.