def verify(request, uuid):
    # Because this will be called at any point in the future,
    # use guid in the URL.
    addon = get_object_or_404(Addon, guid=uuid)
    receipt = request.read()
    verify = Verify(receipt, request)
    output = verify(check_purchase=False)

    # Ensure CORS headers are set.
    def response(data):
        response = http.HttpResponse(data)
        for header, value in get_headers(len(output)):
            response[header] = value
        return response

    # Only reviewers or the developers can use this which is different
    # from the standard receipt verification. The user is contained in the
    # receipt.
    if verify.user_id:
        try:
            user = UserProfile.objects.get(pk=verify.user_id)
        except UserProfile.DoesNotExist:
            user = None

        if user and (acl.action_allowed_user(user, 'Apps', 'Review')
            or addon.has_author(user)):
            amo.log(amo.LOG.RECEIPT_CHECKED, addon, user=user)
            return response(output)

    return response(verify.invalid())

def reissue(request):
    """
    Reissues an existing receipt, provided from the client. Will only do
    so if the receipt is a full receipt and expired.
    """
    raw = request.read()
    verify = Verify(raw, request.META)
    output = verify.check_full()

    # We will only re-sign expired receipts.
    if output["status"] != "expired":
        log.info("Receipt not expired returned: {0}".format(output))
        receipt_cef.log(request._request, None, "sign", "Receipt reissue failed")
        output["receipt"] = ""
        return Response(output, status=400)

    receipt_cef.log(request._request, None, "sign", "Receipt reissue signing")
    return Response({"reason": "", "receipt": reissue_receipt(raw), "status": "expired"})

def verify(request, addon):
    receipt = request.read()
    verify = Verify(receipt, request)
    output = verify(check_purchase=False)

    # Only reviewers or the developers can use this which is different
    # from the standard receipt verification. The user is contained in the
    # receipt.
    if verify.user_id:
        try:
            user = UserProfile.objects.get(pk=verify.user_id)
        except UserProfile.DoesNotExist:
            user = None

        if user and (acl.action_allowed_user(user, "Apps", "Review") or addon.has_author(user)):
            amo.log(amo.LOG.RECEIPT_CHECKED, addon, user=user)
            return http.HttpResponse(output, verify.get_headers(len(output)))

    return http.HttpResponse(verify.invalid(), verify.get_headers(verify.invalid()))

def reissue(request):
    """
    Reissues an existing receipt, provided from the client. Will only do
    so if the receipt is a full receipt and expired.
    """
    raw = request.read()
    verify = Verify(raw, request.META)
    output = verify.check_full()

    # We will only re-sign expired receipts.
    if output['status'] != 'expired':
        log.info('Receipt not expired returned: {0}'.format(output))
        receipt_cef.log(request._request, None, 'sign',
                        'Receipt reissue failed')
        output['receipt'] = ''
        return Response(output, status=400)

    receipt_cef.log(request._request, None, 'sign', 'Receipt reissue signing')
    return Response({'reason': '', 'receipt': reissue_receipt(raw),
                     'status': 'expired'})

def verify(request, uuid):
    # Because this will be called at any point in the future,
    # use guid in the URL.
    addon = get_object_or_404(Addon, guid=uuid)
    receipt = request.read()
    verify = Verify(receipt, request.META)
    output = verify.check_without_purchase()

    # Only reviewers or the developers can use this which is different
    # from the standard receipt verification. The user is contained in the
    # receipt.
    if verify.user_id:
        try:
            user = UserProfile.objects.get(pk=verify.user_id)
        except UserProfile.DoesNotExist:
            user = None

        if user and (acl.action_allowed_user(user, "Apps", "Review") or addon.has_author(user)):
            amo.log(amo.LOG.RECEIPT_CHECKED, addon, user=user)
            return response(output)

    return response(verify.invalid())

def devhub_verify(request, status):
    receipt = request.read()
    verify = Verify(receipt, request.META)
    return response(verify.check_without_db(status))