From 61e7cbb567793aa040e346d4dad165c6a55353bd Mon Sep 17 00:00:00 2001
From: David Ormsbee <dave@edx.org>
Date: Sun, 22 Sep 2013 15:47:43 -0400
Subject: [PATCH] Add extra error checking and logging to Software Secure
 callback

---
 lms/djangoapps/verify_student/views.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lms/djangoapps/verify_student/views.py b/lms/djangoapps/verify_student/views.py
index 295c8e1f20..329e7efa10 100644
--- a/lms/djangoapps/verify_student/views.py
+++ b/lms/djangoapps/verify_student/views.py
@@ -170,7 +170,17 @@ def results_callback(request):
     verified to be who they said they are.
     """
     body = request.body
-    body_dict = json.loads(body)
+
+    try:
+        body_dict = json.loads(body)
+    except ValueError:
+        log.exception("Invalid JSON received from Software Secure:\n\n{}\n".format(body))
+        return HttpResponseBadRequest("Invalid JSON. Received:\n\n{}".format(body))
+
+    if not isinstance(body_dict, dict):
+        log.error("Reply from Software Secure is not a dict:\n\n{}\n".format(body))
+        return HttpResponseBadRequest("JSON should be dict. Received:\n\n{}".format(body))
+
     headers = {
         "Authorization": request.META.get("HTTP_AUTHORIZATION", ""),
         "Date": request.META.get("HTTP_DATE", "")