38 lines
1.1 KiB
Go
38 lines
1.1 KiB
Go
package login
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"fmt"
|
|
)
|
|
|
|
// CheckAuthorization verify the authentication and the integrity of the data
|
|
// received by comparing the received hash parameter with the hexadecimal
|
|
// representation of the HMAC-SHA-256 signature of the data-check-string with the
|
|
// SHA256 hash of the bot's token used as a secret key.
|
|
func (user *User) CheckAuthorization(botToken string) (bool, error) {
|
|
dataCheckString := fmt.Sprint(
|
|
"auth_date=", user.AuthDate.Unix(),
|
|
"\n", "first_name=", user.FirstName,
|
|
// Eliminate 'hash' to avoid recursion and incorrect data validation.
|
|
"\n", "id=", user.ID,
|
|
)
|
|
|
|
// Add optional values if exist
|
|
if user.LastName != "" {
|
|
dataCheckString += fmt.Sprint("\n", "last_name=", user.LastName)
|
|
}
|
|
if user.PhotoURL != "" {
|
|
dataCheckString += fmt.Sprint("\n", "photo_url=", user.PhotoURL)
|
|
}
|
|
if user.Username != "" {
|
|
dataCheckString += fmt.Sprint("\n", "username=", user.Username)
|
|
}
|
|
|
|
secretKey := sha256.Sum256([]byte(botToken))
|
|
hash := hmac.New(sha256.New, secretKey[0:])
|
|
_, err := hash.Write([]byte(dataCheckString))
|
|
return hex.EncodeToString(hash.Sum(nil)) == user.Hash, err
|
|
}
|