evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Stop processing when we hit bad encryption in mobile app (#88150)

Browse source 
* Stop processing when we hit bad encryption

* Accept webhook payload that is a list

* Rename functions because we import them

* Revert a debug thing

---------

Co-authored-by: epenet <6771947+epenet@users.noreply.github.com>
This commit is contained in:
Paulus Schoutsen 2023-02-16 13:05:16 -05:00 committed by GitHub
parent 57738fbb8c
commit bc2b35765e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

27
tests/components/mobile_app/test_webhook.py
View file

@ -421,9 +421,8 @@ async def test_webhook_handle_decryption_fail(
)
assert resp.status == HTTPStatus.OK
webhook_json = await resp.json()
assert decrypt_payload(key, webhook_json["encrypted_data"]) == {}
assert "Ignoring invalid encrypted payload" in caplog.text
assert await resp.json() == {}
assert "Ignoring invalid JSON in encrypted payload" in caplog.text
caplog.clear()
# Break the key, and send JSON data
@ -434,8 +433,7 @@ async def test_webhook_handle_decryption_fail(
)
assert resp.status == HTTPStatus.OK
webhook_json = await resp.json()
assert decrypt_payload(key, webhook_json["encrypted_data"]) == {}
assert await resp.json() == {}
assert "Ignoring encrypted payload because unable to decrypt" in caplog.text
@ -466,9 +464,8 @@ async def test_webhook_handle_decryption_legacy_fail(
)
assert resp.status == HTTPStatus.OK
webhook_json = await resp.json()
assert decrypt_payload_legacy(key, webhook_json["encrypted_data"]) == {}
assert "Ignoring invalid encrypted payload" in caplog.text
assert await resp.json() == {}
assert "Ignoring invalid JSON in encrypted payload" in caplog.text
caplog.clear()
# Break the key, and send JSON data
@ -479,8 +476,7 @@ async def test_webhook_handle_decryption_legacy_fail(
)
assert resp.status == HTTPStatus.OK
webhook_json = await resp.json()
assert decrypt_payload_legacy(key, webhook_json["encrypted_data"]) == {}
assert await resp.json() == {}
assert "Ignoring encrypted payload because unable to decrypt" in caplog.text
@ -536,16 +532,7 @@ async def test_webhook_handle_decryption_legacy_upgrade(
)
assert resp.status == HTTPStatus.OK
webhook_json = await resp.json()
assert "encrypted_data" in webhook_json
# The response should be empty, encrypted with the new method
with pytest.raises(Exception):
decrypt_payload_legacy(key, webhook_json["encrypted_data"])
decrypted_data = decrypt_payload(key, webhook_json["encrypted_data"])
assert decrypted_data == {}
assert await resp.json() == {}
async def test_webhook_requires_encryption(