Files
BSN-Livesystem/tests/test_whatsapp.py
T

75 lines
2.4 KiB
Python

"""Tests für WhatsApp-Webhook-Blueprint."""
import hashlib
import hmac
from flask import Flask
from src.routes.whatsapp import whatsapp_bp
class TestWhatsAppWebhook:
"""Tests für WhatsApp-Webhook-Endpunkt."""
def setup_method(self) -> None:
"""Erstellt Flask-App mit registriertem Blueprint."""
self.app = Flask(__name__)
self.app.register_blueprint(whatsapp_bp)
self.client = self.app.test_client()
def test_get_mit_korrektem_verify_token(self) -> None:
"""GET mit korrektem verify_token → 200 + Challenge."""
response = self.client.get(
"/webhook/whatsapp",
query_string={
"hub.mode": "subscribe",
"hub.verify_token": "bsn_verify_token",
"hub.challenge": "12345",
},
)
assert response.status_code == 200
assert response.data.decode() == "12345"
def test_get_mit_falschem_verify_token(self) -> None:
"""GET mit falschem verify_token → 403."""
response = self.client.get(
"/webhook/whatsapp",
query_string={
"hub.mode": "subscribe",
"hub.verify_token": "falscher_token",
"hub.challenge": "12345",
},
)
assert response.status_code == 403
def test_post_mit_korrekter_signatur(self) -> None:
"""POST mit korrekter Signatur → 200."""
payload = b'{"object":"whatsapp","entry":[]}'
sig = "sha256=" + hmac.new(
b"test_app_secret_123", payload, hashlib.sha256
).hexdigest()
response = self.client.post(
"/webhook/whatsapp",
data=payload,
headers={"X-Hub-Signature-256": sig},
content_type="application/json",
)
assert response.status_code == 200
data = response.get_json()
assert data["status"] == "accepted"
def test_post_mit_falscher_signatur(self) -> None:
"""POST mit falscher Signatur → 401."""
payload = b'{"object":"whatsapp","entry":[]}'
response = self.client.post(
"/webhook/whatsapp",
data=payload,
headers={"X-Hub-Signature-256": "sha256=falsch"},
content_type="application/json",
)
assert response.status_code == 401
data = response.get_json()
assert "error" in data