telegram_authorizer/authorizer/
embedded.rs

1use crate::error::AuthError;
2
3use super::{authorize, Authorizer, User};
4use ring::hmac;
5use serde::Deserialize;
6
7#[derive(Clone)]
8pub struct Embedded(hmac::Key);
9
10#[derive(Debug, Deserialize)]
11struct EmbeddedUser {
12    user: String,
13}
14
15impl TryFrom<EmbeddedUser> for User {
16    type Error = serde_json::Error;
17    fn try_from(value: EmbeddedUser) -> Result<Self, Self::Error> {
18        let user = serde_json::from_str(&value.user)?;
19        Ok(user)
20    }
21}
22
23impl Embedded {
24    pub fn new(bot_token: &str) -> Self {
25        let key = hmac::Key::new(hmac::HMAC_SHA256, b"WebAppData");
26        let tag = hmac::sign(&key, bot_token.as_bytes());
27        Self(hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref()))
28    }
29}
30
31impl Authorizer for Embedded {
32    fn authorize(&self, query_string: Option<&str>) -> Result<User, AuthError> {
33        let embedder_user: EmbeddedUser = authorize(query_string, &self.0)?;
34        serde_json::from_str(&embedder_user.user).map_err(|_| AuthError::InvalidUserJson)
35    }
36}

telegram_authorizer/authorizer/embedded.rs

telegram_authorizer/authorizer/
embedded.rs