def authorize(self, request, *args, **kwargs):
     try:
         obj = super(SuperAppKeyProvider, self).authorize(request, *args, **kwargs)
         if isinstance(obj, AuthenticationError):
             return obj
         obj = verify_request(request, "signature")
         return obj
     except AuthenticationError as ae:
         return ae
     except Exception as e:
         return AuthenticationError(error_code=500, message="General error")
    def testCorrectlySignedAuthVerifySignature(self):
        a = Application()
        a.id = "test_id"
        a.client_secret = "test_secret"
        parameters = OrderedDict()
        parameters['test_param_1'] = random.randint(0,100)
        parameters['test_param_2'] = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(10))

        parameters['signature'] = self.__build_signature(a.id, a.client_secret, parameters)

        r = RequestFactory().get("/test", data=parameters)
        self.assertEqual(a, verify_request(r, a))  # this is a valid request so the app should come back
    def testIncorrectlySignedAuthVerifySignature(self):
        a = Application()
        a.id = "test_id"
        a.client_secret = "test_secret"
        parameters = OrderedDict({
            "test_param_1": random.randint(0,100),
            "test_param_2": ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(10))
        })

        parameters['signature'] = self.__build_signature(a.id, "bad_secret", parameters)
        r = RequestFactory().get("/test", parameters)

        # this throws an error since it isn't a valid signature
        self.assertRaises(AuthenticationError, lambda: verify_request(r, a))