Skip to content

Update middleware to validate incoming request from Discord Service #2409

New issue
New issue
Open
0 of 1 issue completed
Open
Update middleware to validate incoming request from Discord Service#2409
0 of 1 issue completed
@joyguptaa

Description

@joyguptaa
joyguptaa
opened on Apr 29, 2025

Description:

The current middleware verifyDiscordBot requires an update to properly validate incoming requests from the Discord service. Right now, it partially handles this by checking the x-service-name header and verifying the token, but lacks complete validation logic specific to Discord's expected signature-based request validation (if applicable).

Proposed Changes:

  • Ensure the middleware performs complete validation of incoming requests from Discord, including:
  • Verifying the authorization header format.
  • Confirming x-service-name equals DISCORD_SERVICE.
  • If x-service-name is DISCORD_SERVICE, ensure botVerification.verifyDiscordService(token) returns a valid result and implements any additional checks Discord requires (e.g., signature verification).
  • Maintain compatibility with existing token-based validation from Cloudflare Worker (CLOUDFLARE_WORKER).
  • Improve error handling and response messages for clarity.

Sub-issues

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions