def wrap(request, *args, **kwargs): client_id = request.GET.get('client_id', None) signature = request.GET.get('signature', None) verify = request.GET.get('verify', None) if client_id is None or signature is None or verify is None: return HttpResponse(json.dumps({"error": "422", "message": "required parameter missing"}), content_type="application/json", status=422) try: app = application_cache().get(client_id) except: return HttpResponse(json.dumps({"error": "4031", "message": "auth failure"}), content_type="application/json", status=403) verified_signature = application_hasher(app, verify) if verified_signature != signature: return HttpResponse(json.dumps({"error": "4032", "message": "auth failure"}), content_type="application/json", status=403) return f(request, app, *args, **kwargs)
def testInvalidateCacheView(self): a = Application() a.id = uuid.uuid4().hex a.client_secret = uuid.uuid4().hex a.super_application = True a.name = "Test Super App" a.redirect_uri = "/" a.created_by = "nick" a.save() sig = application_hasher(a, "secret") post_data = { 'uncache_type': 'user_request', 'user_id': 123 } resp = self.client.post("/cache/invalidate?client_id=%s&signature=%s&verify=%s" % (a.id, sig, "secret"), data=post_data) self.assertEqual('{"message": "OK"}', resp.content.decode())
def testApplicationHasher(self): a = Application() a.id = "abc" a.client_secret = "def" signature = application_hasher(a, "signature") self.assertEqual("11b2d248b0f026bf61d02dbc4d0a6edb", signature)