evandempsey/validate_shopify_redirect.py

## validate_shopify_redirect.py
import hashlib
import hmac


def validate_shopify_redirect(params, secret):
    """
    Validates requests/redirects from Shopify according to the rules in
    http://docs.shopify.com/api/tutorials/oauth
    """
    hmac_param = params["hmac"]
    copied_params = params.copy()

    del copied_params["hmac"]
    if "signature" in copied_params:
        del copied_params["signature"]

    param_list = [key + "=" + value for key, value in copied_params.iteritems()]
    param_list.sort()
    param_string = '&'.join(param_list)

    hm = hmac.new(secret, param_string, hashlib.sha256)
    return hmac_param == hm.hexdigest()
	import hashlib
	import hmac


	def validate_shopify_redirect(params, secret):
	"""
	Validates requests/redirects from Shopify according to the rules in
	http://docs.shopify.com/api/tutorials/oauth
	"""
	hmac_param = params["hmac"]
	copied_params = params.copy()

	del copied_params["hmac"]
	if "signature" in copied_params:
	del copied_params["signature"]

	param_list = [key + "=" + value for key, value in copied_params.iteritems()]
	param_list.sort()
	param_string = '&'.join(param_list)

	hm = hmac.new(secret, param_string, hashlib.sha256)
	return hmac_param == hm.hexdigest()