feat: Webhooks (Aufgaben 6-10) — webhook.py, worker.py, Flask-App, WhatsApp + Telegram Routes + Tests
This commit is contained in:
@@ -0,0 +1,64 @@
|
||||
"""Tests für Webhook-Signatur-Prüfung."""
|
||||
|
||||
import hashlib
|
||||
import hmac
|
||||
import os
|
||||
from unittest.mock import MagicMock
|
||||
|
||||
import pytest
|
||||
|
||||
from src.queue.webhook import (
|
||||
validate_and_enqueue,
|
||||
verify_telegram_signature,
|
||||
verify_whatsapp_signature,
|
||||
)
|
||||
|
||||
|
||||
class TestWhatsAppSignature:
|
||||
"""Tests für WhatsApp-Signatur-Prüfung."""
|
||||
|
||||
def test_korrekte_whatsapp_signatur_ergibt_true(self) -> None:
|
||||
"""Korrekte WhatsApp-Signatur → True."""
|
||||
payload = b'{"object":"whatsapp","entry":[{"id":"123","changes":[{"value":{"messages":[{"from":"491234567890","id":"msg1","text":{"body":"Hallo"}}]}]}]}'
|
||||
secret = "meinsupergeheim"
|
||||
sig = "sha256=" + hmac.new(
|
||||
secret.encode("utf-8"), payload, hashlib.sha256
|
||||
).hexdigest()
|
||||
|
||||
# Test mit direktem Secret
|
||||
assert verify_whatsapp_signature(payload, sig, app_secret=secret) is True
|
||||
|
||||
def test_falsche_whatsapp_signatur_ergibt_false(self) -> None:
|
||||
"""Falsche WhatsApp-Signatur → False."""
|
||||
payload = b'{"object":"whatsapp","entry":[]}'
|
||||
sig = "sha256=falschefakevalue"
|
||||
|
||||
assert verify_whatsapp_signature(
|
||||
payload, sig, app_secret="richtiges_secret"
|
||||
) is False
|
||||
|
||||
def test_fehlender_app_secret_ergibt_false(self) -> None:
|
||||
"""Fehlender App-Secret → False (sicherer Fail)."""
|
||||
# Sichere Fails, wenn weder app_secret noch ENV gesetzt sind
|
||||
alt_secret = os.environ.pop("WHATSAPP_APP_SECRET", None)
|
||||
|
||||
try:
|
||||
assert verify_whatsapp_signature(b"payload", "sha256=xyz") is False
|
||||
assert verify_whatsapp_signature(b"payload", "sha256=xyz", app_secret="") is False
|
||||
finally:
|
||||
if alt_secret:
|
||||
os.environ["WHATSAPP_APP_SECRET"] = alt_secret
|
||||
|
||||
|
||||
class TestTelegramSignature:
|
||||
"""Tests für Telegram-Signatur-Prüfung."""
|
||||
|
||||
def test_korrekter_telegram_token_ergibt_true(self) -> None:
|
||||
"""Korrekter Telegram-Token → Token-Länge > 20."""
|
||||
# Ein Telegram-Token hat typischerweise 40+ Zeichen (Bot:Token-Format)
|
||||
assert verify_telegram_signature(b"", "a" * 40) is True
|
||||
|
||||
def test_zu_kurzer_telegram_token_ergibt_false(self) -> None:
|
||||
"""Ungültiger Telegram-Token (zu kurz) → False."""
|
||||
assert verify_telegram_signature(b"", "abc") is False
|
||||
assert verify_telegram_signature(b"", "") is False
|
||||
Reference in New Issue
Block a user