WIP: logging_config, import orders, test refactoring (phase 3 context)

This commit is contained in:
hermes
2026-06-22 10:24:35 +00:00
parent 021cc561f1
commit 5eaeaabb43
10 changed files with 108 additions and 102 deletions
+43 -29
View File
@@ -3,12 +3,10 @@
import hashlib
import hmac
import os
from unittest.mock import MagicMock
import pytest
from src.queue.webhook import (
validate_and_enqueue,
verify_telegram_signature,
verify_whatsapp_signature,
)
@@ -17,48 +15,64 @@ from src.queue.webhook import (
class TestWhatsAppSignature:
"""Tests für WhatsApp-Signatur-Prüfung."""
def test_korrekte_whatsapp_signatur_ergibt_true(self) -> None:
def setup_method(self) -> None:
"""Setze Test-secret per Environment var."""
self._old_secret = os.environ.pop("WHATSAPP_APP_SECRET", None)
os.environ["WHATSAPP_APP_SECRET"] = "test_app_secret_123"
def teardown_method(self) -> None:
"""Environment bereinigen."""
if self._old_secret:
os.environ["WHATSAPP_APP_SECRET"] = self._old_secret
else:
os.environ.pop("WHATSAPP_APP_SECRET", None)
def test_korrekte_whatsapp_signatur(self) -> None:
"""Korrekte WhatsApp-Signatur → True."""
payload = b'{"object":"whatsapp","entry":[{"id":"123","changes":[{"value":{"messages":[{"from":"491234567890","id":"msg1","text":{"body":"Hallo"}}]}]}]}'
secret = "meinsupergeheim"
sig = "sha256=" + hmac.new(
secret.encode("utf-8"), payload, hashlib.sha256
payload = b'{"object":"whatsapp","entry":[]}'
signature = "sha256=" + hmac.new(
b"test_app_secret_123", payload, hashlib.sha256
).hexdigest()
# Test mit direktem Secret
assert verify_whatsapp_signature(payload, sig, app_secret=secret) is True
assert verify_whatsapp_signature(payload, signature) is True
def test_falsche_whatsapp_signatur_ergibt_false(self) -> None:
def test_falsche_whatsapp_signatur(self) -> None:
"""Falsche WhatsApp-Signatur → False."""
payload = b'{"object":"whatsapp","entry":[]}'
sig = "sha256=falschefakevalue"
signature = "sha256=falschfalschfalschfalschfalschfalsch"
assert verify_whatsapp_signature(
payload, sig, app_secret="richtiges_secret"
) is False
assert verify_whatsapp_signature(payload, signature) is False
def test_fehlender_app_secret_ergibt_false(self) -> None:
def test_fehlender_app_secret(self) -> None:
"""Fehlender App-Secret → False (sicherer Fail)."""
# Sichere Fails, wenn weder app_secret noch ENV gesetzt sind
alt_secret = os.environ.pop("WHATSAPP_APP_SECRET", None)
os.environ.pop("WHATSAPP_APP_SECRET", None)
try:
assert verify_whatsapp_signature(b"payload", "sha256=xyz") is False
assert verify_whatsapp_signature(b"payload", "sha256=xyz", app_secret="") is False
finally:
if alt_secret:
os.environ["WHATSAPP_APP_SECRET"] = alt_secret
assert verify_whatsapp_signature(b"payload", "sha256=xyz") is False
assert verify_whatsapp_signature(b"payload", "sha256=xyz", app_secret="") is False
class TestTelegramSignature:
"""Tests für Telegram-Signatur-Prüfung."""
def test_korrekter_telegram_token_ergibt_true(self) -> None:
"""Korrekter Telegram-Token → Token-Länge > 20."""
# Ein Telegram-Token hat typischerweise 40+ Zeichen (Bot:Token-Format)
assert verify_telegram_signature(b"", "a" * 40) is True
def setup_method(self) -> None:
"""Setze Test-token per Environment var."""
self._old_token = os.environ.pop("TELEGRAM_BOT_TOKEN", None)
os.environ["TELEGRAM_BOT_TOKEN"] = "1234567890:***"
def test_zu_kurzer_telegram_token_ergibt_false(self) -> None:
def teardown_method(self) -> None:
"""Environment bereinigen."""
if self._old_token:
os.environ["TELEGRAM_BOT_TOKEN"] = self._old_token
else:
os.environ.pop("TELEGRAM_BOT_TOKEN", None)
def test_korrekter_telegram_token(self) -> None:
"""Korrekter Telegram-Token → True (Länge > 20)."""
assert verify_telegram_signature(b"payload", "some_hash") is True
def test_zu_kurzer_telegram_token(self) -> None:
"""Ungültiger Telegram-Token (zu kurz) → False."""
assert verify_telegram_signature(b"", "abc") is False
os.environ.pop("TELEGRAM_BOT_TOKEN", None)
assert verify_telegram_signature(b"payload", "short") is False
assert verify_telegram_signature(b"", "") is False