Created
March 7, 2010 00:04
-
-
Save trepca/324028 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/local/bin/python | |
# -*- coding: utf-8 -*- | |
from oauth import oauth | |
signature_method = oauth.OAuthSignatureMethod_HMAC_SHA1() | |
OAUTH_CONSUMER_KEY = 'http://www.myspace.com/xxxxxxxx' | |
OAUTH_SECRET_KEY = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' | |
def _get_request_signature(url, params): | |
'''Returns a signature built with consumer key, secret and parameters of the request''' | |
request = oauth.OAuthRequest(http_url=url, parameters=params) | |
consumer = oauth.OAuthConsumer(OAUTH_CONSUMER_KEY, OAUTH_SECRET_KEY) | |
return signature_method.build_signature(request, consumer, None) | |
def request_secure(url, params): | |
'''Tests if request for given URL(and parameters) is safe''' | |
try: | |
remote_signature = params['oauth_signature'] | |
local_signature = _get_request_signature(url, params) | |
return local_signature == remote_signature | |
except KeyError: | |
return False | |
except: | |
logging.exception("error verifying signature: %r"%params) | |
return False | |
if __name__ == '__main__': | |
# build signature | |
test_signature = _get_request_signature("http://www.test.com/resource", dict(person=1, | |
context=100)) | |
assert request_secure("http://www.test.com/resource", dict(person=1, | |
context=100, | |
oauth_signature=test_signature)) | |
print "All ok." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment