etrepum/gist:1038423

## gistfile1.py
#!/usr/bin/env python
from urllib import quote
import hashlib

from twisted.internet import reactor
from twisted.web import server, resource

CROSSDOMAIN_XML = """<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" to-ports="80" />
</cross-domain-policy>"""


def signature_str(args):
    return '&'.join(sorted(
            (quote(k, '') + '=' + quote(v[0], ''))
            for (k, v) in args.iteritems()
            if k != 'signature'))


def sign_str(verify_str, secret_key):
    return hashlib.md5(verify_str + secret_key).hexdigest()


def verify_bridge_post(args, secret_key):
    signature = args['signature'][0]
    expect_signature = sign_str(signature_str(args), secret_key)
    return signature == expect_signature


class RefGateway(resource.Resource):
    """All GET requests return crossdomain.xml
    all POST requests are handled as gateway
    """
    isLeaf = True
    SECRET_KEY = 'FILL THIS IN'

    def render_GET(self, request):
        return CROSSDOMAIN_XML

    def render_POST(self, request):
        args = request.args
        signature = args['signature'][0]
        verify_str = signature_str(args)
        expected_signature = sign_str(verify_str, self.SECRET_KEY)
        print '[unsigned str] %s' % (verify_str,)
        print '[signature valid] %r (signature: %r expecting: %r)' % (
            (signature == expected_signature),
            signature,
            expected_signature)
        print args
        return "OK"

def main():
    site = server.Site(RefGateway())
    reactor.listenTCP(8000, site)
    reactor.run()

if __name__ == '__main__':
    main()
	#!/usr/bin/env python
	from urllib import quote
	import hashlib

	from twisted.internet import reactor
	from twisted.web import server, resource

	CROSSDOMAIN_XML = """<?xml version="1.0"?>
	<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
	<cross-domain-policy>
	<allow-access-from domain="*" to-ports="80" />
	</cross-domain-policy>"""


	def signature_str(args):
	return '&'.join(sorted(
	(quote(k, '') + '=' + quote(v[0], ''))
	for (k, v) in args.iteritems()
	if k != 'signature'))


	def sign_str(verify_str, secret_key):
	return hashlib.md5(verify_str + secret_key).hexdigest()


	def verify_bridge_post(args, secret_key):
	signature = args['signature'][0]
	expect_signature = sign_str(signature_str(args), secret_key)
	return signature == expect_signature


	class RefGateway(resource.Resource):
	"""All GET requests return crossdomain.xml
	all POST requests are handled as gateway
	"""
	isLeaf = True
	SECRET_KEY = 'FILL THIS IN'

	def render_GET(self, request):
	return CROSSDOMAIN_XML

	def render_POST(self, request):
	args = request.args
	signature = args['signature'][0]
	verify_str = signature_str(args)
	expected_signature = sign_str(verify_str, self.SECRET_KEY)
	print '[unsigned str] %s' % (verify_str,)
	print '[signature valid] %r (signature: %r expecting: %r)' % (
	(signature == expected_signature),
	signature,
	expected_signature)
	print args
	return "OK"

	def main():
	site = server.Site(RefGateway())
	reactor.listenTCP(8000, site)
	reactor.run()

	if __name__ == '__main__':
	main()