Created
June 21, 2011 17:45
-
-
Save etrepum/1038423 to your computer and use it in GitHub Desktop.
Reference Mochi gateway
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from urllib import quote | |
import hashlib | |
from twisted.internet import reactor | |
from twisted.web import server, resource | |
CROSSDOMAIN_XML = """<?xml version="1.0"?> | |
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> | |
<cross-domain-policy> | |
<allow-access-from domain="*" to-ports="80" /> | |
</cross-domain-policy>""" | |
def signature_str(args): | |
return '&'.join(sorted( | |
(quote(k, '') + '=' + quote(v[0], '')) | |
for (k, v) in args.iteritems() | |
if k != 'signature')) | |
def sign_str(verify_str, secret_key): | |
return hashlib.md5(verify_str + secret_key).hexdigest() | |
def verify_bridge_post(args, secret_key): | |
signature = args['signature'][0] | |
expect_signature = sign_str(signature_str(args), secret_key) | |
return signature == expect_signature | |
class RefGateway(resource.Resource): | |
"""All GET requests return crossdomain.xml | |
all POST requests are handled as gateway | |
""" | |
isLeaf = True | |
SECRET_KEY = 'FILL THIS IN' | |
def render_GET(self, request): | |
return CROSSDOMAIN_XML | |
def render_POST(self, request): | |
args = request.args | |
signature = args['signature'][0] | |
verify_str = signature_str(args) | |
expected_signature = sign_str(verify_str, self.SECRET_KEY) | |
print '[unsigned str] %s' % (verify_str,) | |
print '[signature valid] %r (signature: %r expecting: %r)' % ( | |
(signature == expected_signature), | |
signature, | |
expected_signature) | |
print args | |
return "OK" | |
def main(): | |
site = server.Site(RefGateway()) | |
reactor.listenTCP(8000, site) | |
reactor.run() | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment