chore: add initial discord bot

Author: JayDwee

api/Cargo.lock

@@ -18,4 +18,8 @@ twilight-model = "0.16.0"
 aws-sdk-dynamodb = "1.89.0"
 aws-config = "1.8.5"
 reqwest = { version = "0.12.23", features = ["json", "native-tls-vendored"] }
-chrono = "0.4.41"
+chrono = "0.4.41"
+ed25519-dalek = "2.2.0"
+once_cell = "1.21.3"
+hex = "0.4.3"
+http-body-util = "0.1.3"

api/Cargo.toml

@@ -0,0 +1,89 @@
+use crate::AppState;
+use axum::extract::{Request, State};
+use axum::middleware::Next;
+use axum::response::Response;
+use axum::routing::post;
+use axum::{middleware, Json};
+use ed25519_dalek::{Verifier, VerifyingKey, PUBLIC_KEY_LENGTH};
+use hex::FromHex;
+use http::StatusCode;
+use http_body_util::BodyExt;
+use once_cell::sync::Lazy;
+use serde_json::{json, Value};
+use twilight_model::application::interaction::{Interaction, InteractionType};
+use twilight_model::http::interaction::{InteractionResponse, InteractionResponseType};
+
+static PUB_KEY: Lazy<VerifyingKey> = Lazy::new(|| {
+    VerifyingKey::from_bytes(&<[u8; PUBLIC_KEY_LENGTH] as FromHex>::from_hex("DISCORD_PUBLIC_KEY").unwrap())
+        .unwrap()
+});
+
+pub fn router() -> axum::Router<AppState> {
+    axum::Router::new()
+        .route("/", post(post_interactions))
+        .layer(middleware::from_fn(pubkey_middleware))
+}
+
+pub async fn pubkey_middleware(
+    request: Request,
+    next: Next,
+) -> Result<Response, StatusCode> {
+    let timestamp = if let Some(ts) = request.headers().get("x-signature-timestamp") {
+        ts.to_owned()
+    } else {
+        return Err(StatusCode::BAD_REQUEST);
+    };
+    // Extract the signature to check against.
+    let signature = if let Some(hex_sig) = request
+        .headers()
+        .get("x-signature-ed25519")
+        .and_then(|v| v.to_str().ok())
+    {
+        hex_sig.parse().unwrap()
+    } else {
+        return Err(StatusCode::BAD_REQUEST);
+    };
+
+    let (parts, body) = request.into_parts();
+    let body = body
+        .collect()
+        .await
+        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?
+        .to_bytes();
+
+    if PUB_KEY
+        .verify(
+            [timestamp.as_bytes(), &body].concat().as_ref(),
+            &signature,
+        )
+        .is_err()
+    {
+        return Err(StatusCode::UNAUTHORIZED);
+    }
+    let new_request = Request::from_parts(parts, axum::body::Body::from(body));
+    Ok(next.run(new_request).await)
+}
+
+async fn post_interactions(
+    State(_app_state): State<AppState>,
+    Json(interaction): Json<Interaction>,
+) -> Result<Json<Value>, StatusCode> {
+    match interaction.kind {
+        InteractionType::Ping => {
+            Ok(Json(json!(InteractionResponse {kind: InteractionResponseType::Pong, data: None})))
+        }
+        InteractionType::ApplicationCommand => {
+            Err(StatusCode::NOT_IMPLEMENTED)
+        }
+        InteractionType::MessageComponent => {
+            Err(StatusCode::NOT_IMPLEMENTED)
+        }
+        InteractionType::ApplicationCommandAutocomplete => {
+            Err(StatusCode::NOT_IMPLEMENTED)
+        }
+        InteractionType::ModalSubmit => {
+            Err(StatusCode::NOT_IMPLEMENTED)
+        }
+        _ => Err(StatusCode::BAD_REQUEST)
+    }
+}

api/src/interactions/mod.rs

@@ -13,7 +13,7 @@ mod auth;
 mod dynamo;
 mod users;
 mod guilds;
-
+mod interactions;
 
 #[derive(Clone)]
 pub struct AppState {
@@ -73,6 +73,7 @@ async fn main() -> Result<(), Error> {
         .nest("/guilds", guilds::router())
         .layer(CorsLayer::permissive())
         .route_layer(middleware::from_fn(auth::auth_middleware))
+        .nest("/interactions", interactions::router())
         .with_state(app_state)
         .route("/health", get(health_check))
         .route("/bot", get(get_bot_redirect));

api/src/main.rs

@@ -29,6 +29,7 @@ module "lambda" {
   source         = "./modules/compute/lambda"
   deployment_env = var.deployment_env
   discord_bot_token = var.discord_bot_token
+  discord_public_key = var.discord_public_key
 }
 
 module "s3" {

infra/main.tf

@@ -77,6 +77,7 @@ resource "aws_lambda_function" "lambda_function" {
       API_GATEWAY_BASE_PATH                = "/default"
       DEPLOYMENT_ENV                       = var.deployment_env
       DISCORD_BOT_TOKEN                    = var.discord_bot_token
+      DISCORD_PUBLIC_KEY                  = var.discord_public_key
     }
   }
 }

infra/modules/compute/lambda/main.tf

@@ -5,3 +5,7 @@ variable "deployment_env" {
 variable "discord_bot_token" {
   type = string
 }
+
+variable "discord_public_key" {
+  type = string
+}

infra/modules/compute/lambda/variables.tf

@@ -10,3 +10,7 @@ variable "root_domain_name" {
 variable "discord_bot_token" {
   type = string
 }
+
+variable "discord_public_key" {
+  type = string
+}