LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: add reauth flow for wa embedded signup (#11940)

Browse Source 
# Pull Request Template

## Description

Please include a summary of the change and issue(s) fixed. Also, mention
relevant motivation, context, and any dependencies that this change
requires.
Fixes # (issue)

## Type of change

Please delete options that are not relevant.

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality not to work as expected)
- [ ] This change requires a documentation update

## How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration.


## Checklist:

- [ ] My code follows the style guidelines of this project
- [ ] I have performed a self-review of my code
- [ ] I have commented on my code, particularly in hard-to-understand
areas
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published in downstream
modules

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
This commit is contained in:
Tanmay Deep Sharma
2025-08-08 01:48:45 +05:30
committed by GitHub
parent 462ab5241c
commit d2583d32e9
17 changed files with 890 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
spec/controllers/api/v1/accounts/whatsapp/authorizations_controller_spec.rb
View File

@@ -119,19 +119,18 @@ RSpec.describe 'WhatsApp Authorization API', type: :request do
expect(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
code: 'test_code',
business_id: 'test_business_id',
waba_id: 'test_waba_id',
phone_number_id: 'test_phone_id'
params: {
code: 'test_code',
business_id: 'test_business_id',
waba_id: 'test_waba_id',
phone_number_id: 'test_phone_id'
},
inbox_id: nil
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform).and_return(whatsapp_channel)
allow(whatsapp_channel).to receive(:inbox).and_return(inbox)
# Stub webhook setup service
webhook_service = instance_double(Whatsapp::WebhookSetupService)
allow(Whatsapp::WebhookSetupService).to receive(:new).and_return(webhook_service)
allow(webhook_service).to receive(:perform)
allow(Whatsapp::WebhookSetupService).to receive(:new).and_return(instance_double(Whatsapp::WebhookSetupService, perform: true))
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: {
@@ -151,19 +150,17 @@ RSpec.describe 'WhatsApp Authorization API', type: :request do
expect(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
code: 'test_code',
business_id: 'test_business_id',
waba_id: 'test_waba_id',
phone_number_id: nil
params: {
code: 'test_code',
business_id: 'test_business_id',
waba_id: 'test_waba_id'
},
inbox_id: nil
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform).and_return(whatsapp_channel)
allow(whatsapp_channel).to receive(:inbox).and_return(inbox)
# Stub webhook setup service
webhook_service = instance_double(Whatsapp::WebhookSetupService)
allow(Whatsapp::WebhookSetupService).to receive(:new).and_return(webhook_service)
allow(webhook_service).to receive(:perform)
allow(Whatsapp::WebhookSetupService).to receive(:new).and_return(instance_double(Whatsapp::WebhookSetupService, perform: true))
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: {
@@ -300,4 +297,236 @@ RSpec.describe 'WhatsApp Authorization API', type: :request do
end
end
end
describe 'POST /api/v1/accounts/{account.id}/whatsapp/authorization with inbox_id (reauthorization)' do
let(:whatsapp_channel) do
channel = build(:channel_whatsapp, account: account, provider: 'whatsapp_cloud',
provider_config: {
'api_key' => 'test_token',
'phone_number_id' => '123456',
'business_account_id' => '654321',
'source' => 'embedded_signup'
})
allow(channel).to receive(:validate_provider_config).and_return(true)
allow(channel).to receive(:sync_templates).and_return(true)
allow(channel).to receive(:setup_webhooks).and_return(true)
channel.save!
# Call authorization_error! twice to reach the threshold
channel.authorization_error!
channel.authorization_error!
channel
end
let(:whatsapp_inbox) { create(:inbox, channel: whatsapp_channel, account: account) }
context 'when user is an administrator' do
let(:administrator) { create(:user, account: account, role: :administrator) }
before do
account.enable_features!(:whatsapp_embedded_signup)
end
context 'with valid parameters' do
let(:valid_params) do
{
code: 'auth_code_123',
business_id: 'business_123',
waba_id: 'waba_123',
phone_number_id: 'phone_123'
}
end
it 'reauthorizes the WhatsApp channel successfully' do
allow(whatsapp_channel).to receive(:reauthorization_required?).and_return(true)
embedded_signup_service = instance_double(Whatsapp::EmbeddedSignupService)
allow(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
params: {
code: 'auth_code_123',
business_id: 'business_123',
waba_id: 'waba_123',
phone_number_id: 'phone_123'
},
inbox_id: whatsapp_inbox.id
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform).and_return(whatsapp_channel)
allow(whatsapp_channel).to receive(:inbox).and_return(whatsapp_inbox)
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: valid_params.merge(inbox_id: whatsapp_inbox.id),
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:success)
json_response = response.parsed_body
expect(json_response['success']).to be true
expect(json_response['id']).to eq(whatsapp_inbox.id)
end
it 'handles reauthorization failure' do
embedded_signup_service = instance_double(Whatsapp::EmbeddedSignupService)
allow(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
params: {
code: 'auth_code_123',
business_id: 'business_123',
waba_id: 'waba_123',
phone_number_id: 'phone_123'
},
inbox_id: whatsapp_inbox.id
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform)
.and_raise(StandardError, 'Token exchange failed')
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: valid_params.merge(inbox_id: whatsapp_inbox.id),
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
json_response = response.parsed_body
expect(json_response['success']).to be false
expect(json_response['error']).to eq('Token exchange failed')
end
it 'handles phone number mismatch error' do
embedded_signup_service = instance_double(Whatsapp::EmbeddedSignupService)
allow(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
params: {
code: 'auth_code_123',
business_id: 'business_123',
waba_id: 'waba_123',
phone_number_id: 'phone_123'
},
inbox_id: whatsapp_inbox.id
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform)
.and_raise(StandardError, 'Phone number mismatch. The new phone number (+1234567890) does not match ' \
'the existing phone number (+15551234567). Please use the same WhatsApp ' \
'Business Account that was originally connected.')
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: valid_params.merge(inbox_id: whatsapp_inbox.id),
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
json_response = response.parsed_body
expect(json_response['success']).to be false
expect(json_response['error']).to include('Phone number mismatch')
end
end
context 'when inbox does not exist' do
it 'returns not found error' do
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: { inbox_id: 0, code: 'test', business_id: 'test', waba_id: 'test' },
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:not_found)
end
end
context 'when reauthorization is not required' do
let(:fresh_channel) do
channel = build(:channel_whatsapp, account: account, provider: 'whatsapp_cloud',
provider_config: {
'api_key' => 'test_token',
'phone_number_id' => '123456',
'business_account_id' => '654321',
'source' => 'embedded_signup'
})
allow(channel).to receive(:validate_provider_config).and_return(true)
allow(channel).to receive(:sync_templates).and_return(true)
allow(channel).to receive(:setup_webhooks).and_return(true)
channel.save!
# Do NOT call authorization_error! - channel is working fine
channel
end
let(:fresh_inbox) { create(:inbox, channel: fresh_channel, account: account) }
it 'returns unprocessable entity error' do
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: { inbox_id: fresh_inbox.id },
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
json_response = response.parsed_body
expect(json_response['success']).to be false
end
end
context 'when channel is not WhatsApp' do
let(:facebook_channel) do
stub_request(:post, 'https://graph.facebook.com/v3.2/me/subscribed_apps')
.to_return(status: 200, body: '{}', headers: {})
channel = create(:channel_facebook_page, account: account)
# Call authorization_error! twice to reach the threshold
channel.authorization_error!
channel.authorization_error!
channel
end
let(:facebook_inbox) { create(:inbox, channel: facebook_channel, account: account) }
it 'returns unprocessable entity error' do
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: { inbox_id: facebook_inbox.id },
headers: administrator.create_new_auth_token,
as: :json
expect(response).to have_http_status(:unprocessable_entity)
json_response = response.parsed_body
expect(json_response['success']).to be false
end
end
end
context 'when user is an agent' do
let(:agent) { create(:user, account: account, role: :agent) }
before do
account.enable_features!(:whatsapp_embedded_signup)
create(:inbox_member, inbox: whatsapp_inbox, user: agent)
end
it 'returns unprocessable_entity error' do
allow(whatsapp_channel).to receive(:reauthorization_required?).and_return(true)
# Stub the embedded signup service to prevent HTTP calls
embedded_signup_service = instance_double(Whatsapp::EmbeddedSignupService)
allow(Whatsapp::EmbeddedSignupService).to receive(:new).with(
account: account,
params: {
code: 'test',
business_id: 'test',
waba_id: 'test'
},
inbox_id: whatsapp_inbox.id
).and_return(embedded_signup_service)
allow(embedded_signup_service).to receive(:perform).and_return(whatsapp_channel)
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: { inbox_id: whatsapp_inbox.id, code: 'test', business_id: 'test', waba_id: 'test' },
headers: agent.create_new_auth_token,
as: :json
# Agents should get unprocessable_entity since they can find the inbox but channel doesn't need reauth
expect(response).to have_http_status(:unprocessable_entity)
end
end
context 'when user is not authenticated' do
it 'returns unauthorized error' do
post "/api/v1/accounts/#{account.id}/whatsapp/authorization",
params: { inbox_id: whatsapp_inbox.id },
as: :json
expect(response).to have_http_status(:unauthorized)
end
end
end
end