From 1ea32eceef2350815557a554b37c586c7dbcff70 Mon Sep 17 00:00:00 2001 From: Mikhail Date: Fri, 30 Aug 2024 19:52:15 +0300 Subject: [PATCH] Update unisender_go.py --- anymail/webhooks/unisender_go.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/anymail/webhooks/unisender_go.py b/anymail/webhooks/unisender_go.py index 52d9e831..98ef6c82 100644 --- a/anymail/webhooks/unisender_go.py +++ b/anymail/webhooks/unisender_go.py @@ -69,13 +69,12 @@ def validate_request(self, request: HttpRequest) -> None: So it is both auth and encryption. Also, they hash JSON without spaces. """ - request_json = json.loads(request.body.decode("utf-8")) + request_body = request.body.decode("utf-8") + request_json = json.loads(request_body) request_auth = request_json.get("auth", "") - request_json["auth"] = get_anymail_setting( - "api_key", esp_name=self.esp_name, allow_bare=True + json_with_key = request_body.replace( + request_auth, get_anymail_setting("api_key", esp_name=self.esp_name, allow_bare=True) ) - json_with_key = json.dumps(request_json, separators=(",", ":")) - expected_auth = md5(json_with_key.encode("utf-8")).hexdigest() if not constant_time_compare(request_auth, expected_auth):