o LDi2 @sddlZddlmZddlmZddlmZddlmZddl m Z m Z e dZe d Zefd ed ed e d efddZefd ed ed e d e fddZdS)N) itemgetter) parse_qsl)InvalidSignature)Ed25519PublicKey)WebAppInitDataparse_webapp_init_data@e7bf03a2fa4602af4580703d88dda5bb59f32ed8b02a56c187fe7d34caed242d@40055058a4ee38156a06562e52eece92a771bcd8346a8c4615cb7376eddf72ecbot_id init_datapublic_key_bytesreturnc Csz tt|dd}Wn tyYdSw|dd}|sdS|dd|ddd d t|td d D}|}d t | d}t ||}t |} z | ||WdStyhYdSw)aM Check incoming WebApp init data signature without bot token using only bot id. Source: https://core.telegram.org/bots/webapps#validating-data-for-third-party-use :param bot_id: Bot ID :param init_data: WebApp init data :param public_key: Public key :return: True if signature is valid, False otherwise T)strict_parsingF signatureNhashz :WebAppData  css"|] \}}|d|VqdS)=N).0kvrrk/var/www/www-root/data/www/77.83.87.30/venv/lib/python3.10/site-packages/aiogram/utils/web_app_signature.py *s z)check_webapp_signature..r)keyr)dictr ValueErrorpopjoinsorteditemsrencodelenbase64urlsafe_b64decoderfrom_public_bytesverifyr) r r r parsed_data signature_b64data_check_stringmessagepaddingr public_keyrrrcheck_webapp_signatures,      r.cCs t|||r t|Sd}t|)a  Validate raw WebApp init data using only bot id and return it as WebAppInitData object :param bot_id: bot id :param init_data: data from frontend to be parsed and validated :param public_key_bytes: public key :return: WebAppInitData object zInvalid init data signature)r.rr)r r r msgrrr*safe_check_webapp_init_data_from_signature<s r0)r$operatorr urllib.parsercryptography.exceptionsr1cryptography.hazmat.primitives.asymmetric.ed25519rweb_apprrbytesfromhexPRODUCTION_PUBLIC_KEYTEST_PUBLIC_KEYintstrboolr.r0rrrrs<      /