Telegram.Bot
Telegram.Bot copied to clipboard
Created Secret token validator middleware
resolve issue #1112
First of all, @BlueXTX thank you for your contribution! Though I have a few concerns about this change:
- The biggest issue is ASP.NET dependencies. I'm not sure how they play out for legacy platforms, covered by .netstandard2.0 target. It might be safer to introduce this change under
#if DOTNET6_OR_GREATERdirective to avoid collision with older .NET frameworks. - I don't see a way to differentiate between controllers for this middleware. If I have other endpoints in my app, they would require
X-Telegram-Bot-Api-Secret-Tokenheader too. - IMO helper functions and middleware classes would greatly benefit from some level of XML documentation on them.
@tuscen WDYT?
First of all, @BlueXTX thank you for your contribution! Though I have a few concerns about this change:
- The biggest issue is ASP.NET dependencies. I'm not sure how they play out for legacy platforms, covered by .netstandard2.0 target. It might be safer to introduce this change under
#if DOTNET6_OR_GREATERdirective to avoid collision with older .NET frameworks.- I don't see a way to differentiate between controllers for this middleware. If I have other endpoints in my app, they would require
X-Telegram-Bot-Api-Secret-Tokenheader too.- IMO helper functions and middleware classes would greatly benefit from some level of XML documentation on them.
@tuscen WDYT?
- Microsoft.Extensions.Options and Microsoft.AspNetCore.Http.Abstractions have support for netstandard2.0.
- Will it be enough if I add configuration like this?
app.UseWhen(context => context.Request.Path.StartsWithSegments("/YourPath"), appBuilder => { appBuilder.UseMiddleware<SecretTokenValidatorMiddleware>(); });
I don't think we should take dependency on M.E.x libraries in the core package. It's ok to make a separate package for ASP.NET Core integration though.
Thanks for your contribution @BlueXTX For now, I think it's simpler to do without such middleware (see #1112)