mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add new test covering edge case where both insecure_no_sig and _webhook_url are set

Browse source
This commit is contained in:
Mariano Nicolini 2026-04-11 16:29:04 -03:00
parent 1e0b4006ca
commit 5825f2c7e0
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tests/gateway/test_sms.py
View file

@ -474,6 +474,16 @@ class TestWebhookSignatureEnforcement:
resp = await adapter._handle_webhook(request)
assert resp.status == 200
@pytest.mark.asyncio
async def test_insecure_flag_with_url_still_validates(self):
"""When both SMS_WEBHOOK_URL and SMS_INSECURE_NO_SIGNATURE are set,
validation stays active (URL takes precedence)."""
adapter = self._make_adapter(webhook_url="https://example.com/webhooks/twilio")
body = b"From=%2B15551234567&To=%2B15550001111&Body=hello&MessageSid=SM123"
request = self._mock_request(body, headers={})
resp = await adapter._handle_webhook(request)
assert resp.status == 403
@pytest.mark.asyncio
async def test_missing_signature_returns_403(self):
adapter = self._make_adapter(webhook_url="https://example.com/webhooks/twilio")