"""企业微信回调验签逻辑测试（不依赖真实 Token/Key）。"""
import pytest
from unittest.mock import patch

from app.services.wecom_crypto import (
    verify_signature,
    verify_and_decrypt_echostr,
    _sha1,
)


def test_sha1():
    h = _sha1("abc")
    assert len(h) == 40
    assert h == "a9993e364706816aba3e25717850c26c9cd0d89d"


def test_verify_signature():
    # 用固定 token 时，签名为 sha1(sort(token, ts, nonce, encrypt))
    with patch("app.services.wecom_crypto.settings") as s:
        s.wecom_token = "mytoken"
        lst = ["mytoken", "123", "456", "echostr"]
        lst.sort()
        expected = _sha1("".join(lst))
        assert verify_signature(expected, "123", "456", "echostr") is True
        assert verify_signature("wrong", "123", "456", "echostr") is False