From 221777e6ea739b65323a0fefea6a9461cade3ec8 Mon Sep 17 00:00:00 2001
From: David Ormsbee <dave@edx.org>
Date: Thu, 12 Sep 2013 11:59:03 -0400
Subject: [PATCH] Re-enable signature checking for Software Secure callbacks

---
 lms/djangoapps/verify_student/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lms/djangoapps/verify_student/views.py b/lms/djangoapps/verify_student/views.py
index 2496cead0a..f315c2136f 100644
--- a/lms/djangoapps/verify_student/views.py
+++ b/lms/djangoapps/verify_student/views.py
@@ -180,8 +180,8 @@ def results_callback(request):
         settings.VERIFY_STUDENT["SOFTWARE_SECURE"]["API_SECRET_KEY"]
     )
 
-#    if not sig_valid:
-#        return HttpResponseBadRequest(_("Signature is invalid"))
+    if not sig_valid:
+        return HttpResponseBadRequest(_("Signature is invalid"))
 
     receipt_id = body_dict.get("EdX-ID")
     result = body_dict.get("Result")