*^:i3dZddlmZddlmZddlmZmZddlm Z ddl m Z ddl m Z mZed Gd d eZGd d eZGddeZy)z4Tests for Telegram authentication and webhook flows.) annotations)patch)TestCaseoverride_settings)reverse)User)TelegramDataValidationErrorgenerate_signed_init_datatest-bot-token)TELEGRAM_BOT_TOKENceZdZd dZeddZdZeddZeddZeddZ eddZ edd Z edd Z y ) AuthenticateTelegramTestsc|jjtd|d}|j|jd|j S)N telegram-authapplication/jsondata content_type)clientpostr assertEqual status_codejsonselfpayloadresponses T/home/cursorai/projects/telegram-earn/backend/apps/users/tests/test_telegram_auth.py _post_authz$AuthenticateTelegramTests._post_authsM;;## O $+$  --s3}}z,apps.users.views.validate_telegram_init_datac*ddddddd|_|jdd i}|jd ||jd |tjj d }|j |jd|j |jd|j |jd|j |jd|j |jd|j |d d|jy)z5Creates a new user and returns JWTs and profile data.i90aliceAliceTesterenzhttps://img.test/alice.jpg)idusername first_name last_name language_code photo_url init_datazsigned-init-dataaccessrefreshtelegram_user_iduser referral_codeN) return_valuer assertInrobjectsgetrr(r)r*r+r,r3r mock_validatebodyr2s r$test_creates_user_and_returns_tokensz>AuthenticateTelegramTests.test_creates_user_and_returns_tokenss!!!5 & " -?@A h% i&||7 0 '2 2 ++T2 )EF fo68J8JKr!c|jjtdid}|j|jd|j d|j dy)zinit_data must be provided.rrrzinit_data is requirederrorN)rrrrrr5rrrs rtest_rejects_missing_init_dataz8AuthenticateTelegramTests.test_rejects_missing_init_data1s[;;## O $+$  --s3 -x}}w/GHr!ctd|_|jjt dddid}|j |j d|jd|jdy ) z@Invalid init data returns 401 with the validation error message.z bad signaturerr-invalidrrir>N) r side_effectrrrrrr5rrr9rs r(test_rejects_invalid_init_data_signaturezBAuthenticateTelegramTests.test_rejects_invalid_init_data_signature<so%@$P !;;## O $y)+$  --s3 ox}}w'?@r!cddi|_|jjtdddid}|j |j d|j d |jd y ) z8Validation output without an id is treated as bad input.r(noidrr-signedrrr=zInvalid user datar>N)r4rrrrrr5rrDs rtest_rejects_missing_user_idz6AuthenticateTelegramTests.test_rejects_missing_user_idJso'1&%9 ";;## O $x(+$  --s3 )8==?7+CDr!cltjjdddd}dddd |_|j d |j d }tjj d }|j|j|j|j|d d|jy)z.Links referrer by referral_code when provided.referrerRef refcode1234r1r(r)r3iVbobBob)r'r(r)rHr- start_paramr0r2 referred_byN) rr6 create_userr4r r3r7rreferred_by_idr')rr9rLr:new_users r.test_assigns_referral_when_start_param_presentzHAuthenticateTelegramTests.test_assigns_referral_when_start_param_presentXs<<++' , & " "83I3I J <<##U#; 00(++> fm4hkkBr!ctjjddd}tjjdddd }tjjd d d | }d d d|_|j d|j d}|j |j|j|j|j|dd|jy)zDExisting referred_by is preserved even if a new start_param arrives. ref1Ref1)r1r(r) ref2Ref2 OTHERCODErOiexistingExisting)r1r(r)rTr'r(rHrRr2rTN) rr6rUr4r r3refresh_from_dbrrVr')rr9original_referrerother_referrerr2r:s r)test_does_not_overwrite_existing_referralzCAuthenticateTelegramTests.test_does_not_overwrite_existing_referralos!LL44&V5 11&VS^2 ||''"!) (  -2z%J "XnFbFbcd  ,,.?.B.BC fm46G6J6JKr!cddd|_|jddd}tjj d}|j |j |j |dd y ) z8Unknown referral codes are ignored without failing auth.inolinkrcrH DOESNOTEXISTrRr0r2rTN)r4r rr6r7 assertIsNonerVr8s r"test_ignores_invalid_referral_codezAuthenticateTelegramTests.test_updates_existing_profile_fieldss||''" ( !! & " h/0   2 %0 0 ++T2r!N)rdictreturnrt) __name__ __module__ __qualname__r rr;r@rErIrXrgrlrsr!rrrs 9:L;L. I 9: A; A 9: E; E 9:C;C, 9:L;L, 9:7;7 9:3;3r!rc(eZdZedddeddZeddZedd Zedddedd Zedddedd Z edddedd Z y )TelegramWebhookTestsr secret-tokenhttps://example.com/app)r TELEGRAM_WEBHOOK_SECRETTELEGRAM_WEBAPP_URLz&apps.users.views.send_telegram_messagecd|_dddiddi}|jjtd|dd }|j |j d |j |j\}}|j |d d|jd ||d ddddd}|j |dy)z?r!c$d|_dddddiidi}|jjtd|d d }|j |j d |j jd ddddd}|j |dy)z)Callback queries use data as start param.Tcallback_query CALLBACKCODErr'i )rrrrr|rrrrrrrz-https://example.com/app?startapp=CALLBACKCODEN)r4rrrrrrr)rrrrrs r"test_webhook_handles_callback_dataz7TelegramWebhookTests.test_webhook_handles_callback_datas"&  &"T3K0 ;;## & '+1? $  --s3((//? KANqQR[\]bc  %TUr!cd|_|jjtddiidd}|j |j d|j |j ddi|jy ) z:Gracefully ack when chat info is missing to avoid retries.Trrrr|rrokN)r4rrrrrrassert_not_called)rrrs r6test_webhook_acknowledges_missing_chat_without_sendingzKTelegramWebhookTests.test_webhook_acknowledges_missing_chat_without_sendingsy"& ;;## & 'R+1? $  --s3 4,7##%r!N) rvrwrxrrrrrrrrryr!rr{r{s+ .5  34P5  P2~>4?4$~>4?4+ .5  34@5  @&+ .5  34V5  V*+ .5  34 &5  &r!r{cPeZdZeddddZeddddZy)DevAuthenticateTelegramTestsT dev-bot-token)DEBUGENABLE_DEV_TELEGRAM_AUTHr ctdddddd}|jjtdd |d id }|j |j d |j }|j |d dd|jd||j |dd|d|j |dd|d|jd|dy)zCDev endpoint returns debug info and authenticates signed init_data.iDevdevuser)r'r)r(rz dev-query)r2 bot_tokenquery_idtelegram-auth-devr-rrrr2r1debug provided_hashhashcalculated_hashdata_check_stringN)r rrrrrrr5)rrHrr:s r8test_dev_auth_validates_signed_payload_and_returns_debugzUDevAuthenticateTelegramTests.test_dev_auth_validates_signed_payload_and_returns_debug5s+U J%   ;;## ' (vk23+$  --s3}} f&895A gt$ g7H g'896&>J )4=9r!Fc|jjtdddid}|j|jdy)z,Dev endpoint returns 404 outside DEBUG mode.rr-anythingrriNrr?s r%test_dev_auth_disabled_when_not_debugzBDevAuthenticateTelegramTests.test_dev_auth_disabled_when_not_debugPsI;;## ' (z*+$  --s3r!N)rvrwrxrrrryr!rrr4sD!%* :  :,!%* 4  4r!rN)__doc__ __future__r unittest.mockr django.testrr django.urlsrapps.users.modelsrutils.telegramr r rr{rryr!rrsZ:"3"Q&67Z3Z38Z3zE&8E&P)48)4r!