aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/www')
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index b43b65c6e..1ab0a139c 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -299,12 +299,12 @@ public class SocialLogin {
@GetMapping("/_tglogin")
public String doDurovLogin(@RequestParam Map<String, String> params,
+ @RequestParam String hash,
@RequestHeader(value = "referer", required = false) String referer,
HttpServletRequest request, HttpServletResponse response) {
String dataCheckString = params.entrySet().stream().filter(p -> !p.getKey().equals("hash"))
.sorted(Map.Entry.comparingByKey()).map(p -> p.getKey() + "=" + p.getValue())
.collect(Collectors.joining("\n"));
- String hash = params.get("hash");
byte[] secretKey = DigestUtils.sha256(telegramToken);
String resultString = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, secretKey).hmacHex(dataCheckString);
if (hash.equals(resultString)) {