forked from jsmnbom/githubbotrevised
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathutils.py
More file actions
90 lines (61 loc) · 2.74 KB
/
utils.py
File metadata and controls
90 lines (61 loc) · 2.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
import base64
import hashlib
import hmac
import pickle
from typing import Any
import base65536
from telegram import MessageEntity
from telegram.ext import BaseFilter
from bot.const import HMAC_SECRET
URL_BASE = 'https://ghbot.test/'
class HMACException(Exception):
pass
def secure_encode_64(input_data: Any, secret: bytes) -> str:
pickled = pickle.dumps(input_data)
length = str(len(pickled)).encode('ascii')
hmac_hash = hmac.new(secret, pickled, hashlib.sha256).digest()
return base64.b64encode(length + b'\0' + pickled + hmac_hash).decode('ascii')
def secure_decode_64(input_data: str, secret: bytes) -> Any:
# Str -> bytes
decoded_data = base64.b64decode(input_data)
length, _, data_and_hash = decoded_data.partition(b'\0')
length = int(length.decode('ascii'))
raw_data, hmac_hash = data_and_hash[:length], data_and_hash[length:]
if not hmac.compare_digest(hmac.new(secret, raw_data, hashlib.sha256).digest(), hmac_hash):
raise HMACException('Data has been tampered with.')
return pickle.loads(raw_data)
def secure_encode_65536(input_data, secret):
pickled = pickle.dumps(input_data)
length = str(len(pickled)).encode('ascii')
hmac_hash = hmac.new(secret, pickled, hashlib.sha256).digest()
return base65536.encode(length + b'\0' + pickled + hmac_hash)
def secure_decode_65536(input_data, secret):
decoded_data = base65536.decode(input_data)
length, _, data_and_hash = decoded_data.partition(b'\0')
length = int(length.decode('ascii'))
raw_data, hmac_hash = data_and_hash[:length], data_and_hash[length:]
if not hmac.compare_digest(hmac.new(secret, raw_data, hashlib.sha256).digest(), hmac_hash):
raise HMACException('Data link has been tampered with.')
return pickle.loads(raw_data)
def encode_data_link(data):
return f'<a href="{URL_BASE}{secure_encode_65536(data, HMAC_SECRET)}">\u200b</a>'
def decode_data_link(url):
return secure_decode_65536(url[len(URL_BASE):], HMAC_SECRET)
def decode_data_entity(entity):
return decode_data_link(entity.url)
def decode_first_data_entity(entities):
for entity in entities:
if entity.type == MessageEntity.TEXT_LINK and entity.url.startswith(URL_BASE):
return decode_data_entity(entity)
def deep_link(bot, data):
return f'https://telegram.me/{bot.username}?start={data}'
class _ReplyDataLinkFilter(BaseFilter):
def filter(self, message):
if message.reply_to_message:
for entity in message.reply_to_message.entities:
if entity.type == MessageEntity.TEXT_LINK:
return entity.url.startswith(URL_BASE)
break
reply_data_link_filter = _ReplyDataLinkFilter()
def link(url, text):
return f'<a href="{url}">{text}</a>'