def test_decode_base64():
s = '\n'
s += util.decode_base64('YWJj')
s += '\n'
s += util.decode_base64('YWJj', 'utf-8')
s += '\n'
s += util.decode_base64('YWJj', 'shift-jis')
s += '\n'
s += util.decode_base64('YWJj44GC44GE44GG', 'utf-8')
s += '\n'
s += util.decode_base64('YWJjgqCCooKk', 'shift-jis')
return s
def _verify_signature(payment):
if payment.service_platform == membership_pb2.SERVICE_PLATFORM_PLAYSTORE:
# verify playstore purchase signature
h = SHA.new(payment.playstore.original_json)
signature = decode_base64(payment.playstore.signature)
return _signature_verifier.verify(h, signature)
elif payment.service_platform == membership_pb2.SERVICE_PLATFORM_APPSTORE:
# TODO: verify appstore purchase reciept
pass
elif payment.service_platform == membership_pb2.SERVICE_PLATFORM_GAMFLIER:
# TODO: verify gameflier purchase information
pass
return False
def _verify_request_body(request, type):
if not request.data:
_error(request, 'Invalid request', 404)
# decode base64
try:
decode_data = decode_base64(request.data)
except Exception as err:
_error(request, 'Invalid decode string;{data:%s}' % (request.data), 404, err)
req = membership_pb2.Request()
try:
req.ParseFromString(decode_data)
except Exception as err:
_error(request, 'Invalid massage format;{data:%s}' % (request.data), 404, err)
if type != req.type:
_error(request, 'Invalid request type;{type:%d}' % (type), 404)
return req
_service_platform_urls = {
membership_pb2.SERVICE_PLATFORM_PLAYSTORE: app.PLAYSTORE_URL,
membership_pb2.SERVICE_PLATFORM_APPSTORE: app.APPSTORE_URL,
membership_pb2.SERVICE_PLATFORM_GAMEFLIER: app.GAMEFLIER_URL,
}
_random_string = string.ascii_letters + string.digits
# initialize PlayStore PUBLIC_KEY
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
PLAYSTORE_PUBLIC_KEY = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs01V/72JCxylb8REj6jlRBvsjmx/VfTs1nIX4lQY6sinzJYrz07x0Ven9GD6xTQboXGH2Dk2hmu4XsiZDu8CxKWcR5Kx/8BqtE6IrLWSAD4J2iB1P4ELZRGoLWIraZ/oidxLGKk0RgohPw/EjNFtVveXlgHrvY3NECMZ75n/t8wNivp+nEKqWAtPd0gCTxtp3hDOe8n70aiw9MtCV2t0BaAyFXYiVtkBCAyjDh7k0RKo7TgCR+IA21rfs5i2Fv6S8H0I1o+1rfNyRG9jnqhtHI4Wi+CfcXf7uO+oVECl2Pq21rrcBSzIOZqfwdZTrnK/pXD1Hb891KLRIUk9DdkRcQIDAQAB'
PLAYSTORE_VERIFY_KEY = RSA.importKey(decode_base64(PLAYSTORE_PUBLIC_KEY))
_signature_verifier = PKCS1_v1_5.new(PLAYSTORE_VERIFY_KEY)
def _verify_access_token(request, access_token):
member = None
# access_token
if not access_token:
_error(request, 'Can not verify access_token;{access_token:%s}' % (access_token), 404)
# verify access_token
try:
member = _serializer.loads(access_token)
except BadSignature as err:
_error(request, 'Can not verify access_token;{access_token:%s}' % (access_token), 404, err)