feat: Queue-Worker mit Batch-Verarbeitung und Fehlertoleranz
This commit is contained in:
@@ -0,0 +1,46 @@
|
||||
"""Tests für Webhook-Signatur-Prüfung."""
|
||||
|
||||
import hashlib
|
||||
import hmac
|
||||
import os
|
||||
|
||||
import pytest
|
||||
|
||||
from src.queue.webhook import (
|
||||
verify_telegram_signature,
|
||||
verify_whatsapp_signature,
|
||||
)
|
||||
|
||||
os.environ["WHATSAPP_APP_SECRET"] = "test" # noqa: S105
|
||||
os.environ["TELEGRAM_BOT_TOKEN"] = "1234567890:ABCdefGHIjklMNOpqrsTUVwxyz" # noqa: S105
|
||||
|
||||
SECRET = "test" # noqa: S105
|
||||
PAYLOAD = b'{"message_id": "123", "absender": "+491234", "text": "Hallo"}'
|
||||
EXPECTED_HMAC = hmac.new(SECRET.encode(), PAYLOAD, hashlib.sha256).hexdigest()
|
||||
VALID_SIGNATURE = f"sha256={EXPECTED_HMAC}"
|
||||
|
||||
|
||||
def test_correct_whatsapp_signature_returns_true() -> None:
|
||||
"""Korrekte WhatsApp-Signatur → True."""
|
||||
assert verify_whatsapp_signature(PAYLOAD, VALID_SIGNATURE) is True
|
||||
|
||||
|
||||
def test_wrong_whatsapp_signature_returns_false() -> None:
|
||||
"""Falsche WhatsApp-Signatur → False."""
|
||||
assert verify_whatsapp_signature(PAYLOAD, "sha256=wrongsignature") is False
|
||||
|
||||
|
||||
def test_missing_app_secret_returns_false(monkeypatch: pytest.MonkeyPatch) -> None:
|
||||
"""Fehlender App-Secret → False (sicherer Fail)."""
|
||||
monkeypatch.delenv("WHATSAPP_APP_SECRET", raising=False)
|
||||
assert verify_whatsapp_signature(PAYLOAD, VALID_SIGNATURE) is False
|
||||
|
||||
|
||||
def test_correct_telegram_token_returns_true() -> None:
|
||||
"""Korrekter Telegram-Token → True."""
|
||||
assert verify_telegram_signature() is True
|
||||
|
||||
|
||||
def test_invalid_telegram_token_too_short_returns_false() -> None:
|
||||
"""Ungültiger Telegram-Token (zu kurz) → False."""
|
||||
assert verify_telegram_signature(token="short") is False # noqa: S106
|
||||
Reference in New Issue
Block a user