def __get_user_private_eth_address(self, user_id):
# user_id に紐づく private_eth_address を取得
user_info = UserUtil.get_cognito_user_info(self.cognito, user_id)
private_eth_address = [
a for a in user_info['UserAttributes']
if a.get('Name') == 'custom:private_eth_address'
]
# private_eth_address が存在しないケースは想定していないため、取得出来ない場合は例外とする
if len(private_eth_address) != 1:
raise RecordNotFoundError('Record Not Found: private_eth_address')
return private_eth_address[0]['Value']
def exec_main_proc(self):
params = self.event
body = json.loads(params.get('body'))
if UserUtil.check_try_to_register_as_line_user(body['user_id']) or \
UserUtil.check_try_to_register_as_twitter_user(body['user_id']) or \
UserUtil.check_try_to_register_as_yahoo_user(body['user_id']) or \
UserUtil.check_try_to_register_as_facebook_user(body['user_id']):
raise ValidationError('This username is not allowed')
# ログインしているユーザが本処理対象の external_provider_user であること
external_provider_user_id = params['requestContext']['authorizer'][
'claims']['cognito:username']
if not UserUtil.check_try_to_register_as_line_user(external_provider_user_id) and \
not UserUtil.check_try_to_register_as_twitter_user(external_provider_user_id) and \
not UserUtil.check_try_to_register_as_yahoo_user(external_provider_user_id) and \
not UserUtil.check_try_to_register_as_facebook_user(external_provider_user_id):
raise ValidationError('This login user is not eligible.')
users_table = self.dynamodb.Table(os.environ['USERS_TABLE_NAME'])
external_provider_users_table = self.dynamodb.Table(
os.environ['EXTERNAL_PROVIDER_USERS_TABLE_NAME'])
# usersテーブルのユーザIDの重複チェック
already_user_exists_in_users_table = users_table.get_item(
Key={
'user_id': body['user_id']
}).get('Item') is not None
# cognitoのユーザIDの重複チェック
already_user_exists_in_cognito = False
try:
already_user_exists_in_cognito = UserUtil.get_cognito_user_info(
self.cognito, body['user_id']) is not None
except RecordNotFoundError:
pass
already_user_exists = already_user_exists_in_users_table or already_user_exists_in_cognito
external_provider_user = external_provider_users_table.get_item(
Key={
'external_provider_user_id': external_provider_user_id
}).get('Item')
if (external_provider_user
is not None) and ('user_id' in external_provider_user):
raise ValidationError('The user id of this user has been added.')
elif not already_user_exists:
# EXTERNAL_PROVIDERのidで作成したcognitoのユーザーを除去
if UserUtil.delete_external_provider_id_cognito_user(
self.cognito, external_provider_user_id):
# user_idでのCognitoユーザーの作成し直し
email = external_provider_user['email']
hash_data = external_provider_user['password']
byte_hash_data = hash_data.encode()
decoded_iv = external_provider_user['iv']
iv = decoded_iv.encode()
backed_password = CryptoUtil.decrypt_password(
byte_hash_data, iv)
backed_temp_password = os.environ[
'EXTERNAL_PROVIDER_LOGIN_COMMON_TEMP_PASSWORD']
provider = os.environ['EXTERNAL_PROVIDER_LOGIN_MARK']
response = UserUtil.create_external_provider_user(
cognito=self.cognito,
user_id=body['user_id'],
user_pool_id=os.environ['COGNITO_USER_POOL_ID'],
user_pool_app_id=os.environ['COGNITO_USER_POOL_APP_ID'],
email=email,
backed_temp_password=backed_temp_password,
backed_password=backed_password,
provider=provider)
UserUtil.force_non_verified_phone(cognito=self.cognito,
user_id=body['user_id'])
# ExternalProviderUsersテーブルにuser_idを追加
UserUtil.add_user_id_to_external_provider_user(
body['user_id'], external_provider_users_table,
external_provider_user_id)
# Usersテーブルにユーザーを作成
UserUtil.add_user_profile(dynamodb=self.dynamodb,
user_id=body['user_id'],
user_display_name=body['user_id'])
has_user_id = UserUtil.has_user_id(self.dynamodb,
external_provider_user_id)
return {
'statusCode':
200,
'body':
json.dumps({
'access_token':
response['AuthenticationResult']['AccessToken'],
'last_auth_user':
body['user_id'],
'id_token':
response['AuthenticationResult']['IdToken'],
'refresh_token':
response['AuthenticationResult']['RefreshToken'],
'status':
'login',
'has_user_id':
has_user_id
})
}
return {
'statusCode': 500,
'body': json.dumps({'message': 'Internal server error'})
}
else:
raise ValidationError('This id is already in use.')