def verify_request(request): """Verify requests using the d0_blind_id library""" # first determine if we should be verifying or not val_verify_requests = request.registry.settings.get('xonstat.verify_requests', 'true') if val_verify_requests == "true": flg_verify_requests = True else: flg_verify_requests = False try: (idfp, status) = d0_blind_id_verify( sig=request.headers['X-D0-Blind-Id-Detached-Signature'], querystring='', postdata=request.body) except: log.debug('ERROR: Could not verify request: {0}'.format(sys.exc_info())) idfp = None status = None if flg_verify_requests and not idfp: log.debug("ERROR: Unverified request") raise pyramid.httpexceptions.HTTPUnauthorized("Unverified request") return (idfp, status)
def verify_request(request): try: (idfp, status) = d0_blind_id_verify( sig=request.headers['X-D0-Blind-Id-Detached-Signature'], querystring='', postdata=request.body) log.debug('\nidfp: {0}\nstatus: {1}'.format(idfp, status)) except: idfp = None status = None return (idfp, status)