def test_get_user_id_ng(self): with self.assertRaises(ClientError): self.dynamodb.Table = MagicMock() self.dynamodb.Table.return_value.get_item.side_effect = ClientError( {'Error': { 'Code': 'xxxx' }}, 'operation_name') UserUtil.get_user_id( self.dynamodb, 'external_provider_user_id', )
def test_get_user_id_ok(self): self.dynamodb.Table = MagicMock() self.dynamodb.Table.return_value.get_item.return_value = { 'Item': { 'user_id': 'you_are_external_provider_user' } } response = UserUtil.get_user_id( self.dynamodb, 'external_provider_user_id', ) self.assertEqual(response, 'you_are_external_provider_user')
def exec_main_proc(self): yahoo = YahooUtil(client_id=os.environ['YAHOO_CLIENT_ID'], secret=os.environ['YAHOO_SECRET'], callback_url=os.environ['YAHOO_OAUTH_CALLBACK_URL']) try: yahoo.verify_state_nonce(dynamodb=self.dynamodb, state=self.params['state']) token = yahoo.get_access_token(code=self.params['code']) yahoo.verify_access_token(dynamodb=self.dynamodb, access_token=token['access_token'], id_token=token['id_token']) user_info = yahoo.get_user_info(access_token=token['access_token']) except YahooOauthError as e: if e.status_code == 401: message = json.loads(e.message) return ResponseBuilder.response( status_code=401, body={'message': message['error_description']}) logging.info(self.event) logging.fatal(e) traceback.print_exc() return ResponseBuilder.response( status_code=500, body={'message': 'Internal server error'}) except (jwt.ExpiredSignatureError, jwt.InvalidTokenError, ClientError, YahooVerifyException) as e: logging.info(self.event) logging.fatal(e) traceback.print_exc() return ResponseBuilder.response( status_code=500, body={'message': 'Internal server error'}) if UserUtil.exists_user(self.dynamodb, user_info['user_id']): try: has_user_id = UserUtil.has_user_id( dynamodb=self.dynamodb, external_provider_user_id=user_info['user_id'], ) if has_user_id is True: user_id = UserUtil.get_user_id( dynamodb=self.dynamodb, external_provider_user_id=user_info['user_id']) else: user_id = user_info['user_id'] # パスワードの取得、デコード処理追加 password = CryptoUtil.get_external_provider_password( dynamodb=self.dynamodb, user_id=user_info['user_id']) response = UserUtil.external_provider_login( cognito=self.cognito, user_pool_id=os.environ['COGNITO_USER_POOL_ID'], user_pool_app_id=os.environ['COGNITO_USER_POOL_APP_ID'], user_id=user_id, password=password, provider=os.environ['EXTERNAL_PROVIDER_LOGIN_MARK']) return ResponseBuilder.response( status_code=200, body={ 'access_token': response['AuthenticationResult']['AccessToken'], 'id_token': response['AuthenticationResult']['IdToken'], 'refresh_token': response['AuthenticationResult']['RefreshToken'], 'last_auth_user': user_id, 'has_user_id': has_user_id, 'status': 'login' }) except ClientError as e: logging.info(self.event) logging.fatal(e) traceback.print_exc() return ResponseBuilder.response( status_code=500, body={'message': 'Internal server error'}) try: backed_password = UserUtil.generate_backend_password() response = UserUtil.create_external_provider_user( cognito=self.cognito, user_pool_id=os.environ['COGNITO_USER_POOL_ID'], user_pool_app_id=os.environ['COGNITO_USER_POOL_APP_ID'], user_id=user_info['user_id'], email=user_info['email'], backed_temp_password=os. environ['EXTERNAL_PROVIDER_LOGIN_COMMON_TEMP_PASSWORD'], backed_password=backed_password, provider=os.environ['EXTERNAL_PROVIDER_LOGIN_MARK']) aes_iv = os.urandom(settings.AES_IV_BYTES) encrypted_password = CryptoUtil.encrypt_password( backed_password, aes_iv) iv = base64.b64encode(aes_iv).decode() UserUtil.add_external_provider_user_info( dynamodb=self.dynamodb, external_provider_user_id=user_info['user_id'], password=encrypted_password, iv=iv, email=user_info['email']) return ResponseBuilder.response( status_code=200, body={ 'access_token': response['AuthenticationResult']['AccessToken'], 'id_token': response['AuthenticationResult']['IdToken'], 'refresh_token': response['AuthenticationResult']['RefreshToken'], 'last_auth_user': user_info['user_id'], 'has_user_id': False, 'status': 'sign_up' }) except ClientError as e: logging.info(self.event) logging.fatal(e) traceback.print_exc() if e.response['Error']['Code'] == 'UsernameExistsException': return ResponseBuilder.response( status_code=400, body={'message': 'EmailExistsException'}) return ResponseBuilder.response( status_code=500, body={'message': 'Internal server error'})