youys
/
Discord.Net
Not watched
1
0
Fork 0
Code
Releases 34 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 373393a309
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '373393a309'
${ noResults }
Discord.Net/src/Discord.Net.Core/Utils/TokenUtils.cs

102 lines
4.5 kB
Raw Blame History 

  1. using System;

  2. using System.Text;

  3. 

  4. namespace Discord

  5. {

  6.     /// <summary>

  7.     ///     Provides a series of helper methods for handling Discord login tokens.

  8.     /// </summary>

  9.     public static class TokenUtils

  10.     {

  11.         /// <summary>

  12.         ///     The minimum length of a Bot token.

  13.         /// </summary>

  14.         /// <remarks>

  15.         ///     This value was determined by comparing against the examples in the Discord

  16.         ///     documentation, and pre-existing tokens.

  17.         /// </remarks>

  18.         internal const int MinBotTokenLength = 58;

  19. 

  20.         /// <summary>

  21.         ///     Checks the validity of a bot token by attempting to decode a ulong userid

  22.         ///     from the bot token.

  23.         /// </summary>

  24.         /// <param name="message">

  25.         ///     The bot token to validate.

  26.         /// </param>

  27.         /// <returns>

  28.         ///     True if the bot token was valid, false if it was not.

  29.         /// </returns>

  30.         internal static bool CheckBotTokenValidity(string message)

  31.         {

  32.             if (string.IsNullOrWhiteSpace(message))

  33.                 return false;

  34. 

  35.             // split each component of the JWT

  36.             var segments = message.Split('.');

  37. 

  38.             // ensure that there are three parts

  39.             if (segments.Length != 3)

  40.                 return false;

  41. 

  42.             try

  43.             {

  44.                 // decode the first segment as base64

  45.                 var bytes = Convert.FromBase64String(segments[0]);

  46.                 var idStr = Encoding.UTF8.GetString(bytes);

  47.                 // discard id

  48.                 return ulong.TryParse(idStr, out var id);

  49.             }

  50.             catch (FormatException)

  51.             {

  52.                 // ignore exception, if contains invalid base64 characters return false

  53.                 return false;

  54.             }

  55.             catch (ArgumentException)

  56.             {

  57.                 // ignore exceptions thrown by BitConverter

  58.                 return false;

  59.             }

  60.         }

  61. 

  62.         /// <summary>

  63.         ///     Checks the validity of the supplied token of a specific type.

  64.         /// </summary>

  65.         /// <param name="tokenType"> The type of token to validate. </param>

  66.         /// <param name="token"> The token value to validate. </param>

  67.         /// <exception cref="ArgumentNullException"> Thrown when the supplied token string is <c>null</c>, empty, or contains only whitespace.</exception>

  68.         /// <exception cref="ArgumentException"> Thrown when the supplied <see cref="TokenType"/> or token value is invalid. </exception>

  69.         public static void ValidateToken(TokenType tokenType, string token)

  70.         {

  71.             // A Null or WhiteSpace token of any type is invalid.

  72.             if (string.IsNullOrWhiteSpace(token))

  73.                 throw new ArgumentNullException(paramName: nameof(token), message: "A token cannot be null, empty, or contain only whitespace.");

  74. 

  75.             switch (tokenType)

  76.             {

  77.                 case TokenType.Webhook:

  78.                     // no validation is performed on Webhook tokens

  79.                     break;

  80.                 case TokenType.Bearer:

  81.                     // no validation is performed on Bearer tokens

  82.                     break;

  83.                 case TokenType.Bot:

  84.                     // bot tokens are assumed to be at least 58 characters in length

  85.                     // this value was determined by referencing examples in the discord documentation, and by comparing with

  86.                     // pre-existing tokens

  87.                     if (token.Length < MinBotTokenLength)

  88.                         throw new ArgumentException(message: $"A Bot token must be at least {MinBotTokenLength} characters in length. " +

  89.                             "Ensure that the Bot Token provided is not an OAuth client secret.", paramName: nameof(token));

  90.                     // check the validity of the bot token by decoding the ulong userid from the jwt

  91.                     if (!CheckBotTokenValidity(token))

  92.                         throw new ArgumentException(message: "The Bot token was invalid. " +

  93.                             "Ensure that the Bot Token provided is not an OAuth client secret.", paramName: nameof(token));

  94.                     break;

  95.                 default:

  96.                     // All unrecognized TokenTypes (including User tokens) are considered to be invalid.

  97.                     throw new ArgumentException(message: "Unrecognized TokenType.", paramName: nameof(token));

  98.             }

  99.         }

  100.     }

  101. }