New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add secret_token support to telegram_bot component #100869
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please fix the lint errors, your PR will not be merged unless they are fixed.
If you follow the development guide, the linters are automatically run when you commit.
Also, why do we need to store a token in a store, why don't we just generate a new one every time Home Assistant is restarted?
Please take a look at the requested changes, and use the Ready for review button when you are done, thanks 👍 |
The code has been reformatted accordingly. Indeed, it's possible to generate a new secret token for the webhook each time Home Assistant restarts. I've modified the code to eliminate the need for storage; now, the secret token will simply be retained in memory for the duration of each session. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks @zehuanli 👍
Tests are failing. You can for example patch - response = await client.post(TELEGRAM_WEBHOOK_URL, json=update_message_text)
+ response = await client.post(
+ TELEGRAM_WEBHOOK_URL,
+ json=update_message_text,
+ headers={"X-Telegram-Bot-Api-Secret-Token": `secret_token`},
+ ) If it's unclear how to achieve this, comment here or contact me on discord ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One more suggestion. Tests also need to be fixed.
I'm not sure if this is necessary. For the setWebhook API, the token is sent as HTTP POST data, not a header. I think the test failed because the header |
Right, it originally failed because of that. Hence, you need to fix the tests as I suggested earlier such that the correct secret token is included in the requests. Also, tests should be added to show that:
|
Ah, I see what you mean now. I'll look into this. |
The tests have been fixed to incorporate the secret token. As you pointed out, two new tests have been added:
I removed the check for the secret token variable since it's created unconditionally. |
Patching method has been changed; use |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, @zehuanli 👍
Nice first PR! 🎉
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please address the comment in a new PR. Thanks!
pushbot = PushBot(hass, bot, config) | ||
|
||
# Generate an ephemeral secret token | ||
alphabet = string.ascii_letters + string.digits + "-_" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use f-strings instead of string concatenation.
Proposed change
This is an updated PR over #100787. There will be no changes to the YAML configuration. In fact, the creation of Telegram Bot webhook secret token does not need user's entry or any other interactions. The secret token is generated automatically if not exists, and will be stored in Store.
Below is the original proposal in the previous PR.
Type of change
Additional information
Checklist
black --fast homeassistant tests
)If user exposed functionality or configuration variables are added/changed:
If the code communicates with devices, web services, or third-party tools:
Updated and included derived files by running:
python3 -m script.hassfest
.requirements_all.txt
.Updated by running
python3 -m script.gen_requirements_all
..coveragerc
.To help with the load of incoming pull requests: