"""Tests for webhook adapter dynamic route loading.""" import json import os import pytest from pathlib import Path from gateway.config import PlatformConfig from gateway.platforms.webhook import ( WebhookAdapter, _DYNAMIC_ROUTES_FILENAME, _INSECURE_NO_AUTH, ) def _make_adapter(routes=None, extra=None): _extra = extra or {} if routes: _extra["routes"] = routes _extra.setdefault("secret", "test-global-secret") config = PlatformConfig(enabled=True, extra=_extra) return WebhookAdapter(config) @pytest.fixture(autouse=True) def _isolate(tmp_path, monkeypatch): monkeypatch.setenv("HERMES_HOME", str(tmp_path)) class TestDynamicRouteLoading: def test_no_dynamic_file(self): adapter = _make_adapter(routes={"static": {"secret": "s"}}) adapter._reload_dynamic_routes() assert "static" in adapter._routes assert len(adapter._dynamic_routes) == 0 def test_loads_dynamic_routes(self, tmp_path): subs = {"my-hook": {"secret": "dynamic-secret", "prompt": "test", "events": []}} (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text(json.dumps(subs)) adapter = _make_adapter(routes={"static": {"secret": "s"}}) adapter._reload_dynamic_routes() assert "my-hook" in adapter._routes assert "static" in adapter._routes def test_static_takes_precedence(self, tmp_path): (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"conflict": {"secret": "dynamic", "prompt": "dyn"}}) ) adapter = _make_adapter(routes={"conflict": {"secret": "static", "prompt": "stat"}}) adapter._reload_dynamic_routes() assert adapter._routes["conflict"]["secret"] == "static" def test_mtime_gated(self, tmp_path): import time path = tmp_path / _DYNAMIC_ROUTES_FILENAME path.write_text(json.dumps({"v1": {"secret": "s"}})) adapter = _make_adapter() adapter._reload_dynamic_routes() assert "v1" in adapter._dynamic_routes # Same mtime — no reload adapter._dynamic_routes["injected"] = True adapter._reload_dynamic_routes() assert "injected" in adapter._dynamic_routes # New write — reloads time.sleep(0.05) path.write_text(json.dumps({"v2": {"secret": "s"}})) adapter._reload_dynamic_routes() assert "v2" in adapter._dynamic_routes assert "v1" not in adapter._dynamic_routes def test_file_removal_clears(self, tmp_path): path = tmp_path / _DYNAMIC_ROUTES_FILENAME path.write_text(json.dumps({"temp": {"secret": "s"}})) adapter = _make_adapter() adapter._reload_dynamic_routes() assert "temp" in adapter._dynamic_routes path.unlink() adapter._reload_dynamic_routes() assert len(adapter._dynamic_routes) == 0 def test_corrupted_file(self, tmp_path): (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text("not json") adapter = _make_adapter(routes={"static": {"secret": "s"}}) adapter._reload_dynamic_routes() assert "static" in adapter._routes assert len(adapter._dynamic_routes) == 0 class TestDynamicRouteSecretValidation: """Empty/missing secrets must be rejected during hot-reload. Regression for HMAC bypass: prior to the fix, an agent-induced dynamic route with `"secret": ""` would be merged into self._routes by _reload_dynamic_routes(), then _handle_webhook's `if secret and secret != _INSECURE_NO_AUTH` would skip signature validation because empty string is falsy. Unauthenticated POSTs would then execute the webhook prompt. """ def test_empty_secret_rejected(self, tmp_path): # Explicit empty-string secret must NOT fall back to the global # secret, and the route must be skipped entirely. (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"evil": {"secret": "", "prompt": "rm -rf"}}) ) adapter = _make_adapter() # has global secret adapter._reload_dynamic_routes() assert "evil" not in adapter._routes assert "evil" not in adapter._dynamic_routes def test_missing_secret_no_global_rejected(self, tmp_path): (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"orphan": {"prompt": "test"}}) ) # No global secret configured adapter = _make_adapter(extra={"secret": ""}) adapter._reload_dynamic_routes() assert "orphan" not in adapter._routes assert "orphan" not in adapter._dynamic_routes def test_missing_secret_inherits_global(self, tmp_path): # No per-route secret but a global one is set → route is kept, # the global secret protects it. Preserves existing fallback. (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"valid": {"prompt": "ok"}}) ) adapter = _make_adapter() # global secret set adapter._reload_dynamic_routes() assert "valid" in adapter._routes def test_insecure_no_auth_preserved(self, tmp_path): # Explicit opt-in escape hatch for local testing — must still load. (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"test": {"secret": _INSECURE_NO_AUTH, "prompt": "p"}}) ) adapter = _make_adapter(extra={"host": "127.0.0.1"}) adapter._reload_dynamic_routes() assert "test" in adapter._routes def test_insecure_no_auth_rejected_on_non_loopback_bind(self, tmp_path): # Dynamic INSECURE_NO_AUTH routes are only valid on loopback hosts. (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"pub": {"secret": _INSECURE_NO_AUTH, "prompt": "p"}}) ) adapter = _make_adapter(extra={"host": "0.0.0.0"}) adapter._reload_dynamic_routes() assert "pub" not in adapter._routes assert "pub" not in adapter._dynamic_routes def test_warning_logged_on_skip(self, tmp_path, caplog): import logging (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({"silent": {"secret": "", "prompt": "x"}}) ) adapter = _make_adapter() with caplog.at_level(logging.WARNING, logger="gateway.platforms.webhook"): adapter._reload_dynamic_routes() assert any("silent" in rec.message for rec in caplog.records) def test_partial_skip(self, tmp_path): # One route bad, one route good — only the bad one is dropped. (tmp_path / _DYNAMIC_ROUTES_FILENAME).write_text( json.dumps({ "bad": {"secret": "", "prompt": "x"}, "good": {"secret": "valid-secret", "prompt": "y"}, }) ) adapter = _make_adapter() adapter._reload_dynamic_routes() assert "good" in adapter._routes assert "bad" not in adapter._routes