1
0
mirror of https://github.com/InsanusMokrassar/TelegramBotAPI.git synced 2024-11-22 00:03:48 +00:00

add checking of data in web app

This commit is contained in:
InsanusMokrassar 2022-04-18 17:26:09 +06:00
parent 705bcbe352
commit 88c62bd51c
2 changed files with 13 additions and 0 deletions

View File

@ -0,0 +1,7 @@
package dev.inmo.tgbotapi.webapps
import dev.inmo.micro_utils.crypto.CryptoJs
fun CryptoJs.HmacSHA256(text: String, key: String) = this.asDynamic().HmacSHA256(text, key).unsafeCast<String>()
fun CryptoJs.hex(text: String) = this.asDynamic().format.Hex(text).unsafeCast<String>()

View File

@ -1,5 +1,7 @@
package dev.inmo.tgbotapi.webapps package dev.inmo.tgbotapi.webapps
import dev.inmo.micro_utils.crypto.CryptoJS
external class WebApp { external class WebApp {
val initData: String val initData: String
val initDataUnsafe: WebAppInitData val initDataUnsafe: WebAppInitData
@ -73,3 +75,7 @@ fun WebApp.onMainButtonClicked(eventHandler: EventHandler) = onEvent(EventType.M
* @return The callback which should be used in case you want to turn off events handling * @return The callback which should be used in case you want to turn off events handling
*/ */
fun WebApp.onViewportChanged(eventHandler: ViewportChangedEventHandler) = onEvent(EventType.ViewportChanged, eventHandler) fun WebApp.onViewportChanged(eventHandler: ViewportChangedEventHandler) = onEvent(EventType.ViewportChanged, eventHandler)
fun WebApp.isInitDataSafe(botToken: String) = CryptoJS.hex(
CryptoJS.HmacSHA256(botToken, "WebAppData")
) == initDataUnsafe.hash