UNPKG

@merqva/telegram-passport

Version:

Decrypt/Parse incoming Telegram Passport data

github.com/merqva/telegram-passport

merqva/telegram-passport

109 lines (73 loc) 3.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# Telegram Passport ### Parse/Decrypt incoming [Telegram Passport](https://core.telegram.org/passport) data<br/><br/> #### \* Note: All the type definitions on this library are in compliance with those defined in the Telegram API specification<br/><br/> ## What does this library do? ### Provided your Bot's Private Key, this library will: - Decrypt the [EncryptedCredentials](https://core.telegram.org/bots/api#encryptedcredentials) object from the `credentials` field in [PassportData](https://core.telegram.org/bots/api#passportdata) - Parse the fields on each [EncryptedPassportElement](https://core.telegram.org/bots/api#encryptedpassportelement) from the `data` field in PassportData - Decrypt de `data` field (if present) from the EncryptedPassportElement - Validate the integrity of the decryted data ## What doesn't this library do? - Get the encrypted files corresponding to the requested fields<br/>\* Download the encrypted files using the [getFile](https://core.telegram.org/bots/api#getfile) API endpoint, then use the `decryptData` method to decrypt them <br/><br/> ## Usage - First, create a new instance of the `TelegramPassport` class ```typescript const telegramPassport = new TelegramPassport("<bot_private_key>"); ``` - Parse and decryp de data of all the elements shared with the bot ```typescript const data = telegramPassport.decryptPassportData(     update.message.passport_data ); // the nonce is retuned within the RequestedFields object const nonce = data.nonce; ``` #### \* `update` is the object representing the incoming [Update](https://core.telegram.org/bots/api#update) that was sent to the Bot<br/><br/> - Decryting files ```typescript /* get the data corresponding to the file you want to decryp for example, the front side of the id card */ const id_frontSide = data.identity_card.front_side; // download the file using the getFile API endpoint ... // decryp the file const file = telegramPassport.decryptData( downloaded_file_data, id_fronSide.secret, id_fronSide.file_hash, ); ``` - Depending on the fields you requested, you might not need to process the whole `PassportData` object; for example, the "phone_number" and "email" fields are not encrypted. Thus, you only need to decrypt the credentials to obtain the nonce, then, you can get "phone_number" and "email" from `passport_data.data` ```typescript /* in this case, data will look like this data: [ { "type": "phone_number", "phone_number": "XXXXXXXXXXX", "hash": "the_base64-encoded_hash", }, { "type": "email", "email": "johndoe@example.com", "hash": "the_base64-encoded_hash" }, ] */ // decrypt the credentials const credentials = telegramPassport.decryptPassportCredentials( update.message.passport_data.credentials, ); ``` #### \* `update` is the object representing the incoming [Update](https://core.telegram.org/bots/api#update) that was sent to the Bot<br/><br/> ## What can be inproved? - The type "handling" in the `decryptData` method<br/>\* Need a TS guru that can give me a hand with that, go check the code<br/><br/> ## Found a bug? ### Open an [issue](https://github.com/merqva/telegram-passport/issues) (PRs are welcome) #### \* be patient, I might be busy<br/><br/> ## Stay in touch - Author - [Yoel Navas](mailto:yn4v4s@gmail.com) - Website - [merqva.com](https://merqva.com/)