Added WebApp functions

`validate_WebApp_data()` - Use to validate the data received by the WebApp from Telegram. `parse_WebApp_data()` - Use to parse the data sent to the WebApp from the bot's backend.
2023-08-10 21:12:57 +03:00 · 2022-05-30 14:52:49 +05:30 · 2022-05-30 14:52:49 +05:30 · 82f056e88a
commit 82f056e88a
parent 6b19d631d1
1 changed files with 37 additions and 0 deletions
--- a/telebot/util.py
+++ b/telebot/util.py
@ -5,6 +5,10 @@ import string
 import threading
 import traceback
 from typing import Any, Callable, List, Dict, Optional, Union
+import hmac
+import json
+from hashlib import sha256
+from urllib.parse import parse_qsl

 # noinspection PyPep8Naming
 import queue as Queue
@ -518,3 +522,36 @@ def antiflood(function, *args, **kwargs):
            msg = function(*args, **kwargs)
    finally:
        return msg
+    
+    
+def parse_WebApp_data(token: str, raw_init_data: str):
+    is_valid = validate_WebApp_data(token, raw_init_data)
+    if not is_valid:
+        return False
+
+    result = {}
+    for key, value in parse_qsl(raw_init_data):
+        try:
+            value = json.loads(value)
+        except json.JSONDecodeError:
+            result[key] = value
+        else:
+            result[key] = value
+    return result
+
+
+def validate_WebApp_data(token, raw_init_data):
+    try:
+        parsed_data = dict(parse_qsl(raw_init_data))
+    except ValueError:
+        return False
+    if "hash" not in parsed_data:
+        return False
+
+    init_data_hash = parsed_data.pop('hash')
+    data_check_string = "\n".join(f"{key}={value}" for key, value in sorted(parsed_data.items()))
+    secret_key = hmac.new(key=b"WebAppData", msg=token.encode(), digestmod=sha256)
+
+    return hmac.new(secret_key.digest(), data_check_string.encode(), sha256).hexdigest() == init_data_hash
+
+