6b42ff8d39
## Reference https://github.com/chatwoot/chatwoot/pull/12149#issuecomment-3178108388 ## Description setup_webhook was done before the save, and hence the meta webhook validation might fail because of a race condition where the facebook validation is done before we saving the entry to the database. ## Type of change Please delete options that are not relevant. - [ ] Bug fix (non-breaking change which fixes an issue) ## How Has This Been Tested? - New inbox creation, webhook validation - Existing inbox update, webhook validation - <img width="614" height="674" alt="image" src="https://github.com/user-attachments/assets/be223945-deed-475a-82e5-3ae9c54a13fa" /> ## Checklist: - [ ] My code follows the style guidelines of this project - [ ] I have performed a self-review of my code - [ ] I have commented on my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published in downstream modules --------- Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
240 lines
10 KiB
Ruby
240 lines
10 KiB
Ruby
require 'rails_helper'
|
|
|
|
describe Whatsapp::WebhookSetupService do
|
|
let(:channel) do
|
|
create(:channel_whatsapp,
|
|
phone_number: '+1234567890',
|
|
provider_config: {
|
|
'phone_number_id' => '123456789',
|
|
'webhook_verify_token' => 'test_verify_token'
|
|
},
|
|
provider: 'whatsapp_cloud',
|
|
sync_templates: false,
|
|
validate_provider_config: false)
|
|
end
|
|
let(:waba_id) { 'test_waba_id' }
|
|
let(:access_token) { 'test_access_token' }
|
|
let(:service) { described_class.new(channel, waba_id, access_token) }
|
|
let(:api_client) { instance_double(Whatsapp::FacebookApiClient) }
|
|
|
|
before do
|
|
# Stub webhook teardown to prevent HTTP calls during cleanup
|
|
stub_request(:delete, /graph.facebook.com/).to_return(status: 200, body: '{}', headers: {})
|
|
|
|
# Clean up any existing channels to avoid phone number conflicts
|
|
Channel::Whatsapp.destroy_all
|
|
allow(Whatsapp::FacebookApiClient).to receive(:new).and_return(api_client)
|
|
# Default stub for phone_number_verified? with any argument
|
|
allow(api_client).to receive(:phone_number_verified?).and_return(false)
|
|
end
|
|
|
|
describe '#perform' do
|
|
context 'when phone number is NOT verified (should register)' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(false)
|
|
allow(SecureRandom).to receive(:random_number).with(900_000).and_return(123_456)
|
|
allow(api_client).to receive(:register_phone_number).with('123456789', 223_456)
|
|
allow(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, anything, 'test_verify_token').and_return({ 'success' => true })
|
|
allow(channel).to receive(:save!)
|
|
end
|
|
|
|
it 'registers the phone number and sets up webhook' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:register_phone_number).with('123456789', 223_456)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, 'https://app.chatwoot.com/webhooks/whatsapp/+1234567890', 'test_verify_token')
|
|
service.perform
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when phone number IS verified (should NOT register)' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(true)
|
|
allow(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, anything, 'test_verify_token').and_return({ 'success' => true })
|
|
end
|
|
|
|
it 'does NOT register phone, but sets up webhook' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).not_to receive(:register_phone_number)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, 'https://app.chatwoot.com/webhooks/whatsapp/+1234567890', 'test_verify_token')
|
|
service.perform
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when phone_number_verified? raises error' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_raise('API down')
|
|
allow(SecureRandom).to receive(:random_number).with(900_000).and_return(123_456)
|
|
allow(api_client).to receive(:register_phone_number)
|
|
allow(api_client).to receive(:subscribe_waba_webhook).and_return({ 'success' => true })
|
|
allow(channel).to receive(:save!)
|
|
end
|
|
|
|
it 'tries to register phone and proceeds with webhook setup' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:register_phone_number)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
expect { service.perform }.not_to raise_error
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when phone registration fails (not blocking)' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(false)
|
|
allow(SecureRandom).to receive(:random_number).with(900_000).and_return(123_456)
|
|
allow(api_client).to receive(:register_phone_number).and_raise('Registration failed')
|
|
allow(api_client).to receive(:subscribe_waba_webhook).and_return({ 'success' => true })
|
|
allow(channel).to receive(:save!)
|
|
end
|
|
|
|
it 'continues with webhook setup even if registration fails' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:register_phone_number)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
expect { service.perform }.not_to raise_error
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when webhook setup fails (should raise)' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(false)
|
|
allow(SecureRandom).to receive(:random_number).with(900_000).and_return(123_456)
|
|
allow(api_client).to receive(:register_phone_number)
|
|
allow(api_client).to receive(:subscribe_waba_webhook).and_raise('Webhook failed')
|
|
end
|
|
|
|
it 'raises an error' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:register_phone_number)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
expect { service.perform }.to raise_error(/Webhook setup failed/)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when required parameters are missing' do
|
|
it 'raises error when channel is nil' do
|
|
service_invalid = described_class.new(nil, waba_id, access_token)
|
|
expect { service_invalid.perform }.to raise_error(ArgumentError, 'Channel is required')
|
|
end
|
|
|
|
it 'raises error when waba_id is blank' do
|
|
service_invalid = described_class.new(channel, '', access_token)
|
|
expect { service_invalid.perform }.to raise_error(ArgumentError, 'WABA ID is required')
|
|
end
|
|
|
|
it 'raises error when access_token is blank' do
|
|
service_invalid = described_class.new(channel, waba_id, '')
|
|
expect { service_invalid.perform }.to raise_error(ArgumentError, 'Access token is required')
|
|
end
|
|
end
|
|
|
|
context 'when PIN already exists' do
|
|
before do
|
|
channel.provider_config['verification_pin'] = 123_456
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(false)
|
|
allow(api_client).to receive(:register_phone_number)
|
|
allow(api_client).to receive(:subscribe_waba_webhook).and_return({ 'success' => true })
|
|
allow(channel).to receive(:save!)
|
|
end
|
|
|
|
it 'reuses existing PIN' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:register_phone_number).with('123456789', 123_456)
|
|
expect(SecureRandom).not_to receive(:random_number)
|
|
service.perform
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when webhook setup fails and should trigger reauthorization' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(true)
|
|
allow(api_client).to receive(:subscribe_waba_webhook).and_raise('Invalid access token')
|
|
end
|
|
|
|
it 'raises error with webhook setup failure message' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect { service.perform }.to raise_error(/Webhook setup failed: Invalid access token/)
|
|
end
|
|
end
|
|
|
|
it 'logs the webhook setup failure' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(Rails.logger).to receive(:error).with('[WHATSAPP] Webhook setup failed: Invalid access token')
|
|
expect { service.perform }.to raise_error(/Webhook setup failed/)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when used during reauthorization flow' do
|
|
let(:existing_channel) do
|
|
create(:channel_whatsapp,
|
|
phone_number: '+1234567890',
|
|
provider_config: {
|
|
'phone_number_id' => '123456789',
|
|
'webhook_verify_token' => 'existing_verify_token',
|
|
'business_id' => 'existing_business_id',
|
|
'waba_id' => 'existing_waba_id'
|
|
},
|
|
provider: 'whatsapp_cloud',
|
|
sync_templates: false,
|
|
validate_provider_config: false)
|
|
end
|
|
let(:new_access_token) { 'new_access_token' }
|
|
let(:service_reauth) { described_class.new(existing_channel, waba_id, new_access_token) }
|
|
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(true)
|
|
allow(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, anything, 'existing_verify_token').and_return({ 'success' => true })
|
|
end
|
|
|
|
it 'successfully reauthorizes with new access token' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).not_to receive(:register_phone_number)
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, 'https://app.chatwoot.com/webhooks/whatsapp/+1234567890', 'existing_verify_token')
|
|
service_reauth.perform
|
|
end
|
|
end
|
|
|
|
it 'uses the existing webhook verify token during reauthorization' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, anything, 'existing_verify_token')
|
|
service_reauth.perform
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when webhook setup is successful in creation flow' do
|
|
before do
|
|
allow(api_client).to receive(:phone_number_verified?).with('123456789').and_return(true)
|
|
allow(api_client).to receive(:subscribe_waba_webhook)
|
|
.with(waba_id, anything, 'test_verify_token').and_return({ 'success' => true })
|
|
end
|
|
|
|
it 'completes successfully without errors' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect { service.perform }.not_to raise_error
|
|
end
|
|
end
|
|
|
|
it 'does not log any errors' do
|
|
with_modified_env FRONTEND_URL: 'https://app.chatwoot.com' do
|
|
expect(Rails.logger).not_to receive(:error)
|
|
service.perform
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|