LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
61d10044a04f84252e038c1f5a1cce287063435e
leadchat/spec/services/whatsapp/facebook_api_client_spec.rb
Tanmay Deep Sharma 61d10044a0 feat: Whatsapp embedded signup (#11612) 
## Description

This PR introduces WhatsApp Embedded Signup functionality, enabling
users to connect their WhatsApp Business accounts through Meta's
streamlined OAuth flow without manual webhook configuration. This
significantly improves the user experience by automating the entire
setup process.

**Key Features:**

- Embedded signup flow using Facebook SDK and Meta's OAuth 2.0
- Automatic webhook registration and phone number configuration
- Enhanced provider selection UI with card-based design
- Real-time progress tracking during signup process
- Comprehensive error handling and user feedback


## Required Configuration

The following environment variables must be configured by administrators
before this feature can be used:
Super Admin Configuration (via
super_admin/app_config?config=whatsapp_embedded)

- `WHATSAPP_APP_ID`: The Facebook App ID for WhatsApp Business API
integration
- `WHATSAPP_CONFIGURATION_ID`: The Configuration ID for WhatsApp
Embedded Signup flow (obtained from Meta Developer Portal)
- `WHATSAPP_APP_SECRET`: The App Secret for WhatsApp Embedded Signup
flow (required for token exchange)
![Screenshot 2025-06-09 at 11 21
08 AM](https://github.com/user-attachments/assets/1615fb0d-27fc-4d9e-b193-9be7894ea93a)


## How Has This Been Tested?

#### Backend Tests (RSpec):

- Authentication validation for embedded signup endpoints
- Authorization code validation and error handling
- Missing business parameter validation
- Proper response format for configuration endpoint
- Unauthorized access prevention

#### Manual Test Cases:

- Complete embedded signup flow (happy path)
- Provider selection UI navigation
- Facebook authentication popup handling
- Error scenarios (cancelled auth, invalid business data, API failures)
- Configuration presence/absence behavior

## Related Screenshots:

![Screenshot 2025-06-09 at 7 48
18 PM](https://github.com/user-attachments/assets/34001425-df11-4d78-9424-334461e3178f)
![Screenshot 2025-06-09 at 7 48
22 PM](https://github.com/user-attachments/assets/c09f4964-3aba-4c39-9285-d1e8e37d0e33)
![Screenshot 2025-06-09 at 7 48
32 PM](https://github.com/user-attachments/assets/a34d5382-7a91-4e1c-906e-dc2d570c864a)
![Screenshot 2025-06-09 at 10 43
05 AM](https://github.com/user-attachments/assets/a15840d8-8223-4513-82e4-b08f23c95927)
![Screenshot 2025-06-09 at 10 42
56 AM](https://github.com/user-attachments/assets/8c345022-38b5-44c4-aba2-0cda81389c69)


Fixes
https://linear.app/chatwoot/issue/CW-2131/spec-for-whatsapp-cloud-channels-sign-in-with-facebook

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>
2025-07-14 21:37:06 -07:00

198 lines
7.0 KiB
Ruby
Raw Blame History

require 'rails_helper'
describe Whatsapp::FacebookApiClient do
let(:access_token) { 'test_access_token' }
let(:api_client) { described_class.new(access_token) }
let(:api_version) { 'v22.0' }
let(:app_id) { 'test_app_id' }
let(:app_secret) { 'test_app_secret' }
before do
allow(GlobalConfigService).to receive(:load).with('WHATSAPP_API_VERSION', 'v22.0').and_return(api_version)
allow(GlobalConfigService).to receive(:load).with('WHATSAPP_APP_ID', '').and_return(app_id)
allow(GlobalConfigService).to receive(:load).with('WHATSAPP_APP_SECRET', '').and_return(app_secret)
end
describe '#exchange_code_for_token' do
let(:code) { 'test_code' }
context 'when successful' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/oauth/access_token")
.with(query: { client_id: app_id, client_secret: app_secret, code: code })
.to_return(
status: 200,
body: { access_token: 'new_token' }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'returns the response data' do
result = api_client.exchange_code_for_token(code)
expect(result['access_token']).to eq('new_token')
end
end
context 'when failed' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/oauth/access_token")
.with(query: { client_id: app_id, client_secret: app_secret, code: code })
.to_return(status: 400, body: { error: 'Invalid code' }.to_json)
end
it 'raises an error' do
expect { api_client.exchange_code_for_token(code) }.to raise_error(/Token exchange failed/)
end
end
end
describe '#fetch_phone_numbers' do
let(:waba_id) { 'test_waba_id' }
context 'when successful' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/#{waba_id}/phone_numbers")
.with(query: { access_token: access_token })
.to_return(
status: 200,
body: { data: [{ id: '123', display_phone_number: '1234567890' }] }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'returns the phone numbers data' do
result = api_client.fetch_phone_numbers(waba_id)
expect(result['data']).to be_an(Array)
expect(result['data'].first['id']).to eq('123')
end
end
context 'when failed' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/#{waba_id}/phone_numbers")
.with(query: { access_token: access_token })
.to_return(status: 403, body: { error: 'Access denied' }.to_json)
end
it 'raises an error' do
expect { api_client.fetch_phone_numbers(waba_id) }.to raise_error(/WABA phone numbers fetch failed/)
end
end
end
describe '#debug_token' do
let(:input_token) { 'test_input_token' }
let(:app_access_token) { "#{app_id}|#{app_secret}" }
context 'when successful' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/debug_token")
.with(query: { input_token: input_token, access_token: app_access_token })
.to_return(
status: 200,
body: { data: { app_id: app_id, is_valid: true } }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'returns the debug token data' do
result = api_client.debug_token(input_token)
expect(result['data']['is_valid']).to be(true)
end
end
context 'when failed' do
before do
stub_request(:get, "https://graph.facebook.com/#{api_version}/debug_token")
.with(query: { input_token: input_token, access_token: app_access_token })
.to_return(status: 400, body: { error: 'Invalid token' }.to_json)
end
it 'raises an error' do
expect { api_client.debug_token(input_token) }.to raise_error(/Token validation failed/)
end
end
end
describe '#register_phone_number' do
let(:phone_number_id) { 'test_phone_id' }
let(:pin) { '123456' }
context 'when successful' do
before do
stub_request(:post, "https://graph.facebook.com/#{api_version}/#{phone_number_id}/register")
.with(
headers: { 'Authorization' => "Bearer #{access_token}", 'Content-Type' => 'application/json' },
body: { messaging_product: 'whatsapp', pin: pin }.to_json
)
.to_return(
status: 200,
body: { success: true }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'returns success response' do
result = api_client.register_phone_number(phone_number_id, pin)
expect(result['success']).to be(true)
end
end
context 'when failed' do
before do
stub_request(:post, "https://graph.facebook.com/#{api_version}/#{phone_number_id}/register")
.with(
headers: { 'Authorization' => "Bearer #{access_token}", 'Content-Type' => 'application/json' },
body: { messaging_product: 'whatsapp', pin: pin }.to_json
)
.to_return(status: 400, body: { error: 'Registration failed' }.to_json)
end
it 'raises an error' do
expect { api_client.register_phone_number(phone_number_id, pin) }.to raise_error(/Phone registration failed/)
end
end
end
describe '#subscribe_waba_webhook' do
let(:waba_id) { 'test_waba_id' }
let(:callback_url) { 'https://example.com/webhook' }
let(:verify_token) { 'test_verify_token' }
context 'when successful' do
before do
stub_request(:post, "https://graph.facebook.com/#{api_version}/#{waba_id}/subscribed_apps")
.with(
headers: { 'Authorization' => "Bearer #{access_token}", 'Content-Type' => 'application/json' },
body: { override_callback_uri: callback_url, verify_token: verify_token }.to_json
)
.to_return(
status: 200,
body: { success: true }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'returns success response' do
result = api_client.subscribe_waba_webhook(waba_id, callback_url, verify_token)
expect(result['success']).to be(true)
end
end
context 'when failed' do
before do
stub_request(:post, "https://graph.facebook.com/#{api_version}/#{waba_id}/subscribed_apps")
.with(
headers: { 'Authorization' => "Bearer #{access_token}", 'Content-Type' => 'application/json' },
body: { override_callback_uri: callback_url, verify_token: verify_token }.to_json
)
.to_return(status: 400, body: { error: 'Webhook subscription failed' }.to_json)
end
it 'raises an error' do
expect { api_client.subscribe_waba_webhook(waba_id, callback_url, verify_token) }.to raise_error(/Webhook subscription failed/)
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink