From cd3002be5f3347b45a5c7ffff38916e011c8c8c9 Mon Sep 17 00:00:00 2001
From: Serghei Mihai <smihai@entrouvert.com>
Date: Tue, 12 Apr 2016 09:43:09 +0200
Subject: [PATCH] compare hmac signature with lower case (#10617)

---
 ckanext/ozwillo_organization_api/plugin.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ckanext/ozwillo_organization_api/plugin.py b/ckanext/ozwillo_organization_api/plugin.py
index 0ba41a8..be481ba 100644
--- a/ckanext/ozwillo_organization_api/plugin.py
+++ b/ckanext/ozwillo_organization_api/plugin.py
@@ -36,7 +36,7 @@ def valid_signature_required(secret_prefix):
                     computed_hmac = hmac.new(api_secret, request.body, sha1).hexdigest()
                     # the received hmac is uppercase according to
                     # http://doc.ozwillo.com/#ref-3-2-1
-                    if received_hmac != computed_hmac.upper():
+                    if received_hmac.lower() != computed_hmac:
                         log.info('Invalid HMAC')
                         raise logic.NotAuthorized(_('Invalid HMAC'))
                 else:
-- 
2.8.0.rc3