Exemple #1
0
    def clean(self):
        #validate security issues, check md5sum
        cd = self.cleaned_data
        subscription_project_id = cd.get('subscriptionprojectid', None)
        now = cd.get('now', None)
        signature = cd.get('signature', None)
        if not now or not signature or not subscription_project_id:
            self._errors['signature'] = ErrorList([_('Signature failed')])
            self.xml_response = make_xml({
                'StatusName': 'SECURITY_ERROR',
                'ErrorDescription': 'md5 hash validation failed, not valid md5'
            })

        md5hash = md5hash_generate(subscription_project_id, now, settings.SMS_SECRET_KEY)
        if not md5hash.hexdigest() == signature:
            data = {
                'StatusName': 'SECURITY_ERROR',
                'ErrorDescription': "MD5 hash validation failed, not valid md5"
            }
            xml_data = make_xml(data)
            msg = _('Signature failed')
            self._errors['signature'] = ErrorList([msg])
            self.xml_response = xml_data
            if 'signature' in cd:
                del cd['signature']
        else:
            xml_response = make_xml({
                'StatusName': 'REQUEST_ACCEPTED'
            })
            self.xml_response = xml_response
        return cd
Exemple #2
0
    def clean(self):
        cd = self.cleaned_data
        items = {
            'service_number': cd.get('serviceNumber', None),
            'sms_text': cd.get('smsText', None),
            'country': cd.get('country', None),
            'abonent_id': cd.get('abonentId', None),
            'now': cd.get('now', None),
        }
        optional_items = {
            'retry': cd.get('retry', False),
            'debug': cd.get('debug', False),
            'test': cd.get('test', None),
        }
        #send test OK
        if optional_items['test']:
            self.xml_response = make_xml({
                'SmsText': optional_items['test']
            })
            return cd

        #check
        mapping = map(lambda x: bool(x), items.values())
        errors = [i for i in mapping if not i]
        if errors:
            xml_response = make_xml({
                'ErrorText': 'Given params is not enough to complete request'
            })
            self.xml_response = xml_response
            self._errors['md5key'] = ErrorList([_('Security issues')])
            return cd
        items['secret_key'] = settings.SMS_SECRET_KEY
        order = ['service_number', 'sms_text', 'country', 'abonent_id',
            'secret_key', 'now']
        keys = [items[i] for i in order]
        md5hash = md5hash_generate(*keys)
        if optional_items['retry']:
            md5hash.update('1')
        if optional_items['debug']:
            md5hash.update('1')
            md5hash.update(settings.SMS_DEBUG_SECRET_KEY)
        if md5hash.hexdigest() == cd.get('md5key', None):
            self.sms_text = items['sms_text']
            self.xml_response = make_xml({
                'SmsText': 'you request queued'
            })
        else:
            self.xml_response = make_xml({
                'ErrorText': 'md5key is not valid, security error'
            })
            self._errors['md5key'] = ErrorList([_('Md5key is not valid, security error')])
        return cd