Checking authorization data hash for Telegram Login widget or Redirecting by LoginUrl from inline button keyboard

main.dart

  /// see more details here
  /// https://core.telegram.org/widgets/login#checking-authorization
  
  import 'package:crypto/crypto.dart'; //. https://pub.dev/packages/crypto
  
  static const String botToken =
      'XXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
       
  bool checkTelegramRegistrationData({
    required final String id,
    required final String firstName,
    required final String lastName,
    required final String userName,
    required final String photoUrl,
    required final String authDate,
    required final String hash,
  }) {
    final fields = <String, String?>{
      'id': id,
      'first_name': firstName,
      'last_name': lastName,
      'username': userName,
      'photo_url': photoUrl,
      'auth_date': authDate,
    };
    final fieldsString = Map.fromEntries(
      fields.entries.where((e) => e.value != null).toList()
        ..sort(
          (e1, e2) => e1.key.compareTo(e2.key),
        ),
    ).entries.map((e) => '${e.key}=${e.value}').join('\n');

    final secretKey = sha256.convert(utf8.encode(botToken));
    final hmacSha256 = Hmac(sha256, secretKey.bytes);

    final calculatedHash = hmacSha256.convert(utf8.encode(fieldsString));
    return calculatedHash.toString() == hash;
  }

start