From 011b573a8e54665cbbecfc882b40294ea13e2e7d Mon Sep 17 00:00:00 2001 From: luckydonald Date: Mon, 18 Jan 2021 00:12:48 +0100 Subject: [PATCH 1/4] Fix leaking the user's phone in the id field of the stats. Improves tdlight-team/tdlight-telegram-bot-api#48 a bit. --- telegram-bot-api/Client.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/telegram-bot-api/Client.cpp b/telegram-bot-api/Client.cpp index 99b5ac85c..f29432d7a 100644 --- a/telegram-bot-api/Client.cpp +++ b/telegram-bot-api/Client.cpp @@ -3670,7 +3670,11 @@ std::size_t Client::get_pending_update_count() const { ServerBotInfo Client::get_bot_info() const { ServerBotInfo res; - res.id_ = bot_token_id_; + if (is_user_) { + res.id_ = td::to_string(my_id_); + } else { + res.id_ = bot_token_id_; + } res.token_ = bot_token_; auto user_info = get_user_info(my_id_); if (user_info != nullptr) { From a6463a9010951f7169f3d7f748cfe6744265e9d8 Mon Sep 17 00:00:00 2001 From: luckydonald Date: Mon, 18 Jan 2021 00:14:56 +0100 Subject: [PATCH 2/4] Improved error message if the authentication is not yet completed. --- telegram-bot-api/Client.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-bot-api/Client.cpp b/telegram-bot-api/Client.cpp index f29432d7a..7daf8ca22 100644 --- a/telegram-bot-api/Client.cpp +++ b/telegram-bot-api/Client.cpp @@ -6575,7 +6575,7 @@ void Client::on_cmd(PromisedQueryPtr query) { } else if (query->method() == "registeruser" && parameters_->allow_users_registration_) { return process_register_user_query(query); } else { - return fail_query(404, "Not Found: method not found", std::move(query)); + return fail_query(404, "Not Found: login not yet completed", std::move(query)); } } From 7e86d31953b5786a08fba37dccdbcd1d9891261c Mon Sep 17 00:00:00 2001 From: luckydonald Date: Mon, 18 Jan 2021 00:15:49 +0100 Subject: [PATCH 3/4] Allow at least the camelcase version, too. Addresses tdlight-team/tdlight-telegram-bot-api#43. --- telegram-bot-api/HttpConnection.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-bot-api/HttpConnection.cpp b/telegram-bot-api/HttpConnection.cpp index 8a3aac143..ab47f5b39 100644 --- a/telegram-bot-api/HttpConnection.cpp +++ b/telegram-bot-api/HttpConnection.cpp @@ -31,7 +31,7 @@ void HttpConnection::handle(td::unique_ptr http_query, bool is_login = false; bool is_user = false; if (url_path_parser.try_skip("/bot")) { - } else if (url_path_parser.try_skip("/userlogin")) { + } else if (url_path_parser.try_skip("/userlogin") || url_path_parser.try_skip("/userLogin")) { is_user = true; is_login = true; } else if (url_path_parser.try_skip("/user")) { From a497ebc5448c86788566bc77dd45092fe7ed6796 Mon Sep 17 00:00:00 2001 From: luckydonald Date: Thu, 21 Jan 2021 15:16:58 +0100 Subject: [PATCH 4/4] Added back the 'method not found' part. As this will also be the error message if you do /bot1231:23123/fooBarXYZ, this should still keep the 'method not found' part. --- telegram-bot-api/Client.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-bot-api/Client.cpp b/telegram-bot-api/Client.cpp index 7daf8ca22..774320bbb 100644 --- a/telegram-bot-api/Client.cpp +++ b/telegram-bot-api/Client.cpp @@ -6575,7 +6575,7 @@ void Client::on_cmd(PromisedQueryPtr query) { } else if (query->method() == "registeruser" && parameters_->allow_users_registration_) { return process_register_user_query(query); } else { - return fail_query(404, "Not Found: login not yet completed", std::move(query)); + return fail_query(404, "Not Found: method not found or login not yet completed", std::move(query)); } }