dh ddlZddlmZddlmZddlmZddlmZddl m Z m Z e jdZe jd Zefd ed ed e d efdZefd ed ed e d e fdZy)N) itemgetter) parse_qsl)Ed25519PublicKey)InvalidSignature)parse_webapp_init_dataWebAppInitData@e7bf03a2fa4602af4580703d88dda5bb59f32ed8b02a56c187fe7d34caed242d@40055058a4ee38156a06562e52eece92a771bcd8346a8c4615cb7376eddf72ecbot_id init_datapublic_key_bytesreturnc  tt|d}|jdd}|sy|jdd|ddj d t |j td  Dz}|j}d t| d zz}tj||z}tj|} | j||y#t$rYywxYw#t$rYywxYw)aM Check incoming WebApp init data signature without bot token using only bot id. Source: https://core.telegram.org/bots/webapps#validating-data-for-third-party-use :param bot_id: Bot ID :param init_data: WebApp init data :param public_key: Public key :return: True if signature is valid, False otherwise T)strict_parsingF signatureNhashz :WebAppData  c30K|]\}}|d|yw)=N).0kvs Y/var/www/netwell/bot/venv/lib/python3.12/site-packages/aiogram/utils/web_app_signature.py z)check_webapp_signature..(s#=q!1#Qqc =sr)keyr)dictr ValueErrorpopjoinsorteditemsrencodelenbase64urlsafe_b64decoderfrom_public_bytesverifyr) r r r parsed_data signature_b64data_check_stringmessagepaddingr public_keys rcheck_webapp_signaturer1s9YtDE  OOK6M OOFD!!(-0499=%k&7&7&9z!}M=4 &&(Gc-((1,-G(()@AI!334DEJ)W-+ , s#C"C1" C.-C.1 C=<C=cHt|||r t|Std)a  Validate raw WebApp init data using only bot id and return it as WebAppInitData object :param bot_id: bot id :param init_data: data from frontend to be parsed and validated :param public_key_bytes: public key :return: WebAppInitData object zInvalid init data signature)r1rr )r r rs r*safe_check_webapp_init_data_from_signaturer39s(fi1AB%i00 2 33)r'operatorr urllib.parser1cryptography.hazmat.primitives.asymmetric.ed25519rcryptography.exceptionsrweb_apprr bytesfromhexPRODUCTION_PUBLIC_KEYTEST_PUBLIC_KEYintstrboolr1r3rr4rrAs "N4; F-- bc