Merge pull request #13850 from proversity-org/proversity/fix-valid-signature

Fix valid signature

Merge pull request #13850 from proversity-org/proversity/fix-valid-signature
Fix valid signature
e31590e5 · Simon Chen · GitHub · 53cd05fb · e58e295c · e31590e5
Commit e31590e5 authored Jun 09, 2017 by Simon Chen Committed by GitHub Jun 09, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

lms/djangoapps/verify_student/models.py
+3 -1

lms/djangoapps/verify_student/views.py
+3 -1

No files found.
--- a/lms/djangoapps/verify_student/models.py
+++ b/lms/djangoapps/verify_student/models.py
@@ -885,8 +885,10 @@ class SoftwareSecurePhotoVerification(PhotoVerification):
            "Content-Type": "application/json",
            "Date": formatdate(timeval=None, localtime=False, usegmt=True)
        }
+        body_for_signature = {"EdX-ID": str(self.receipt_id)}
        _message, _sig, authorization = generate_signed_message(
-            "POST", headers, body, access_key, secret_key
+            "POST", headers, body_for_signature, access_key, secret_key
        )
        headers['Authorization'] = authorization

--- a/lms/djangoapps/verify_student/views.py
+++ b/lms/djangoapps/verify_student/views.py
@@ -1109,13 +1109,15 @@ def results_callback(request):
    headers = {
        "Authorization": request.META.get("HTTP_AUTHORIZATION", ""),
+        "Content-Type": "application/json",
        "Date": request.META.get("HTTP_DATE", "")
    }
+    body_for_signature = {"EdX-ID": body_dict.get("EdX-ID")}
    has_valid_signature(
        "POST",
        headers,
-        body_dict,
+        body_for_signature,
        settings.VERIFY_STUDENT["SOFTWARE_SECURE"]["API_ACCESS_KEY"],
        settings.VERIFY_STUDENT["SOFTWARE_SECURE"]["API_SECRET_KEY"]
    )