o Fh @sddlZddlmZddlmZddlmZddlmZddl m Z m Z e dZe d Zefd ed ed e d efddZefd ed ed e d e fddZdS)N) itemgetter) parse_qsl)Ed25519PublicKey)InvalidSignature)parse_webapp_init_dataWebAppInitData@e7bf03a2fa4602af4580703d88dda5bb59f32ed8b02a56c187fe7d34caed242d@40055058a4ee38156a06562e52eece92a771bcd8346a8c4615cb7376eddf72ecbot_id init_datapublic_key_bytesreturnc Csz tt|dd}Wn tyYdSw|dd}|sdS|dd|ddd d t|td d D}|}d t | d}t ||}t |} z | ||WdStyhYdSw)aM Check incoming WebApp init data signature without bot token using only bot id. Source: https://core.telegram.org/bots/webapps#validating-data-for-third-party-use :param bot_id: Bot ID :param init_data: WebApp init data :param public_key: Public key :return: True if signature is valid, False otherwise T)strict_parsingF signatureNhashz :WebAppData  css"|] \}}|d|VqdS)=N).0kvrrR/var/www/html/venv/lib/python3.10/site-packages/aiogram/utils/web_app_signature.py (s z)check_webapp_signature..r)keyr)dictr ValueErrorpopjoinsorteditemsrencodelenbase64urlsafe_b64decoderfrom_public_bytesverifyr) r r r parsed_data signature_b64data_check_stringmessagepaddingr public_keyrrrcheck_webapp_signatures,        r.cCst|||r t|Std)a  Validate raw WebApp init data using only bot id and return it as WebAppInitData object :param bot_id: bot id :param init_data: data from frontend to be parsed and validated :param public_key_bytes: public key :return: WebAppInitData object zInvalid init data signature)r.rr)r r r rrr*safe_check_webapp_init_data_from_signature9s r/)r$operatorr urllib.parser1cryptography.hazmat.primitives.asymmetric.ed25519rcryptography.exceptionsrweb_apprrbytesfromhexPRODUCTION_PUBLIC_KEYTEST_PUBLIC_KEYintstrboolr.r/rrrrs<      *