Home Explore Help
Sign In
thisnthat
/
discordgo
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 90531dc713
Branches Tags
discordgo
/
interactions.go

interactions.go 1.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 
  1. package discordgo
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"crypto/ed25519"
    6. 

  6. 	"encoding/hex"
    7. 

  7. 	"io"
    8. 

  8. 	"io/ioutil"
    9. 

  9. 	"net/http"
    10. 

  10. )
    11. 

  11. 

  12. // VerifyInteraction implements message verification of the discord interactions api
    13. 

  13. // signing algorithm, as documented here:
    14. 

  14. // https://discord.com/developers/docs/interactions/slash-commands#security-and-authorization
    15. 

  15. func VerifyInteraction(r *http.Request, key ed25519.PublicKey) bool {
    16. 

  16. 	var msg bytes.Buffer
    17. 

  17. 

  18. 	signature := r.Header.Get("X-Signature-Ed25519")
    19. 

  19. 	if signature == "" {
    20. 

  20. 		return false
    21. 

  21. 	}
    22. 

  22. 

  23. 	sig, err := hex.DecodeString(signature)
    24. 

  24. 	if err != nil {
    25. 

  25. 		return false
    26. 

  26. 	}
    27. 

  27. 

  28. 	if len(sig) != ed25519.SignatureSize {
    29. 

  29. 		return false
    30. 

  30. 	}
    31. 

  31. 

  32. 	timestamp := r.Header.Get("X-Signature-Timestamp")
    33. 

  33. 	if timestamp == "" {
    34. 

  34. 		return false
    35. 

  35. 	}
    36. 

  36. 

  37. 	msg.WriteString(timestamp)
    38. 

  38. 

  39. 	defer r.Body.Close()
    40. 

  40. 	var body bytes.Buffer
    41. 

  41. 

  42. 	// at the end of the function, copy the original body back into the request
    43. 

  43. 	defer func() {
    44. 

  44. 		r.Body = ioutil.NopCloser(&body)
    45. 

  45. 	}()
    46. 

  46. 

  47. 	// copy body into buffers
    48. 

  48. 	_, err = io.Copy(&msg, io.TeeReader(r.Body, &body))
    49. 

  49. 	if err != nil {
    50. 

  50. 		return false
    51. 

  51. 	}
    52. 

  52. 

  53. 	return ed25519.Verify(key, msg.Bytes(), sig)
    54. 

  54. }
    55.