def is_valid(self): # check Application ID sent_id = self.session['application']['applicationId'] if sent_id != settings.AMAZON_APPLICATION_ID: # TODO: log return False # check timestamp # TODO! # check certificate URL cert_chain_url = self.flask_request.headers.get('SignatureCertChainUrl') if not cert_chain_url_valid(cert_chain_url): # TODO: log return False # check signature signature = self.flask_request.headers.get('Signature') cert_text = parse_certificate(cert_chain_url) request_body = self.flask_request.data if not signature_valid(signature, cert_text, request_body): # TODO: log return False return True
def test_valid_urls_are_valid(self): for url in VALID_URLS: self.assertTrue(cert_chain_url_valid(url))
def test_invalid_urls_are_invalid(self): for url in INVALID_URLS: self.assertFalse(cert_chain_url_valid(url))