public async Task InterceptIncomingMessage_CRCTest()
{
string consumerKey = DateTime.Now.Ticks.ToString();
string crcToken = Guid.NewGuid().ToString();
HttpRequestMessage crcRequestMessage = new HttpRequestMessage(HttpMethod.Get, $"http://localhost?crc_token={crcToken}");
WebhookInterceptor interceptor = new WebhookInterceptor(consumerKey);
InterceptionResult result = await interceptor.InterceptIncomingRequest(crcRequestMessage, null);
Assert.IsTrue(result.IsHandled);
HMACSHA256 hmacSHA256Alog = new HMACSHA256(Encoding.UTF8.GetBytes(consumerKey));
byte[] computedHash = hmacSHA256Alog.ComputeHash(Encoding.UTF8.GetBytes(crcToken));
string expectedToken = $"sha256={Convert.ToBase64String(computedHash)}";
string actuallJson = await result.Response.Content.ReadAsStringAsync();
JObject actuallJsonObject = JObject.Parse(actuallJson);
string actuallToken = actuallJsonObject["response_token"].ToString();
Assert.AreEqual(expectedToken, actuallToken);
Assert.AreEqual(result.RequestMessage, crcRequestMessage);
}
public async Task InterceptIncomingRequestWithEmptyRequestShouldReturnUnhandled()
{
var interceptor = new WebhookInterceptor(consumerSecret);
var response = await interceptor.InterceptIncomingRequest(_testRequest.Object, _testAction.Object);
Assert.IsFalse(response.IsHandled);
}
public WebhookMiddleware(IOptions <TwitterOptions> options, ILogger <WebhookMiddleware> logger, IBot bot,
TwitterAdapter adapter)
{
_logger = logger;
_bot = bot;
_adapter = adapter;
_options = options.Value;
_interceptor = new WebhookInterceptor(_options.ConsumerSecret);
}
public async Task InterceptIncomingRequestWithEmptyConsumerSecretShouldFail()
{
var interceptor = new WebhookInterceptor(string.Empty);
await Assert.ThrowsExceptionAsync <TwitterException>(async() =>
{
await interceptor.InterceptIncomingRequest(_testRequest.Object, _testAction.Object);
});
}
public async Task InterceptIncomingMessage_UnhandledTest()
{
string consumerKey = DateTime.Now.Ticks.ToString();
HttpRequestMessage emptyRequestMessage = new HttpRequestMessage(HttpMethod.Get, $"http://localhost");
WebhookInterceptor interceptor = new WebhookInterceptor(consumerKey);
InterceptionResult result = await interceptor.InterceptIncomingRequest(emptyRequestMessage, null);
Assert.IsFalse(result.IsHandled);
Assert.AreEqual(result.RequestMessage, emptyRequestMessage);
}
public async Task InterceptIncomingRequestPostWithEmptyHeadersShouldReturnUnhandled()
{
var interceptor = new WebhookInterceptor(consumerSecret);
var request = new Mock <HttpRequest>();
request.SetupAllProperties();
request.Object.Method = HttpMethods.Post;
request.Setup(req => req.Headers.TryGetValue("x-twitter-webhooks-signature", out _testValues)).Returns(false);
var response = await interceptor.InterceptIncomingRequest(request.Object, _testAction.Object);
Assert.IsFalse(response.IsHandled);
}
public async Task InterceptIncomingRequestGetAndCrcTokenShouldReturnHandled()
{
var interceptor = new WebhookInterceptor(consumerSecret);
var request = new Mock <HttpRequest>();
request.SetupAllProperties();
request.Object.Method = HttpMethods.Get;
request.Setup(req => req.Query.TryGetValue("crc_token", out _testValues)).Returns(true);
var response = await interceptor.InterceptIncomingRequest(request.Object, _testAction.Object);
Assert.IsTrue(response.IsHandled);
}
public async Task InterceptIncomingRequestGetAndEmptyCrcTokenShouldReturnUnhandled()
{
var interceptor = new WebhookInterceptor(consumerSecret);
var request = new Mock <HttpRequest>();
request.SetupAllProperties();
request.Object.Method = HttpMethods.Get;
request.Object.Query = new Mock <IQueryCollection>().Object;
var response = await interceptor.InterceptIncomingRequest(request.Object, _testAction.Object);
Assert.IsFalse(response.IsHandled);
}
public async Task InterceptIncomingRequestPostWithInvalidSignatureShouldFail()
{
var interceptor = new WebhookInterceptor(consumerSecret);
var request = new Mock <HttpRequest>();
request.SetupAllProperties();
request.Object.Method = HttpMethods.Post;
request.Object.Body = new MemoryStream(Encoding.UTF8.GetBytes("test_body"));
request.Setup(req => req.Headers.TryGetValue("x-twitter-webhooks-signature", out _testValues)).Returns(true);
await Assert.ThrowsExceptionAsync <TwitterException>(
async() =>
{
await interceptor.InterceptIncomingRequest(request.Object, _testAction.Object);
}, "Invalid signature");
}
public async Task InterceptIncomingRequestPostWithValidSignatureShouldReturnHandled()
{
var body = "test_body";
var interceptor = new WebhookInterceptor(consumerSecret);
var hashKeyArray = Encoding.UTF8.GetBytes(consumerSecret);
var hmacSha256Alg = new HMACSHA256(hashKeyArray);
var computedHash = hmacSha256Alg.ComputeHash(Encoding.UTF8.GetBytes(body));
var localHashedSignature = $"sha256={Convert.ToBase64String(computedHash)}";
var values = new StringValues(localHashedSignature);
var request = new Mock <HttpRequest>();
request.SetupAllProperties();
request.Object.Method = HttpMethods.Post;
request.Object.Body = new MemoryStream(Encoding.UTF8.GetBytes(body));
request.Setup(req => req.Headers.TryGetValue("x-twitter-webhooks-signature", out values)).Returns(true);
var response = await interceptor.InterceptIncomingRequest(request.Object, _testAction.Object);
Assert.IsTrue(response.IsHandled);
}
