At the moment it possible to call the Webhook server with any path. As long as the host:port is correct, any message/command will be handled. But I want to make sure that the bot can only be called by the telegram server.
The telegram bot quide recommend to listen on a path which contains the token. So my simple approach would be just to check that in the Jetty Handler implementation.
Hi @vitaB! Checkout 1.2.2 version
upd: checkout 1.2.3 - added useTokenBasedPathSpec to webhook bot option params. set it to true in order to enable token based request path.
At the moment it possible to call the Webhook server with any path. As long as the host:port is correct, any message/command will be handled. But I want to make sure that the bot can only be called by the telegram server.
The telegram bot quide recommend to listen on a path which contains the token. So my simple approach would be just to check that in the Jetty Handler implementation.
Maybe you have a better idea.