Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
telegram-test-api
Advanced tools
This is telegram's web server emulator.
It is designed for testing telegram bots without using actual telegram server.
You can either include it your Node.JS test code or start api separately as a service.
Client requests to API can be made via special client, received from code, or via special api (not compatible with telegram client api).
git clone https://github.com/jehy/telegram-test-api.git && cd telegram-test-api
cp config/config.sample.json config/config.json
and edit config/config.json
if you neednpm start
to start serversrc/modules/telegramClient
to emulate a client in any
language you want via simple HTTP API.npm install telegram-test-api
class TestBot {
constructor(bot) {
bot.onText(/\/ping/, (msg, match)=> {
let chatId = msg.from.id;
let opts = {
reply_to_message_id: msg.message_id,
reply_markup: JSON.stringify({
keyboard: [[{text: 'ok 1'}]],
}),
};
bot.sendMessage(chatId, 'pong', opts);
});
}
}
const TelegramServer = require('telegram-test-api');
let serverConfig = {port: 9000};
let server = new TelegramServer(serverConfig);
await server.start();
You can pass options like this:
const serverConfig = {
"port": 9000,
"host": "localhost",
"storage": "RAM",
"storeTimeout": 60
};
let server = new TelegramServer(serverConfig);
options:
port
, host
- pretty self descriptive.storeTimeout
- how many seconds you want to store user and bot messages which were not fetched
by bot or client.storage
- where you want to store messages. Right now, only RAM
option is implemented.You can use any bot API which allows custom Telegram URL like this
(example for node-telegram-bot-api
):
const
TelegramBot = require('node-telegram-bot-api');
let botOptions = {polling: true, baseApiUrl: server.config.apiURL};
telegramBot = new TelegramBot(token, botOptions);
Just set api url to your local instance url - and all done!
Client emulation is very easy. You can use built in client class:
let client = server.getClient(token);
let message = client.makeMessage('/start');
client.sendMessage(message);
client.getUpdates();
Or you can take a look at src/modules/telegramClient
and make client in any
language you want via simple HTTP API.
await server.stop();
Your test code can look like this:
const TelegramServer = require('telegram-test-api');
const TelegramBot = require('node-telegram-bot-api');
describe('Telegram bot test', () => {
let serverConfig = {port: 9001};
const token = 'sampleToken';
let server;
let client;
beforeEach(() => {
server = new TelegramServer(serverConfig);
return server.start().then(() => {
client = server.getClient(token);
});
});
afterEach(function () {
this.slow(2000);
this.timeout(10000);
return server.stop();
});
it('should greet Masha and Sasha', async function testFull() {
this.slow(400);
this.timeout(800);
const message = client.makeMessage('/start');
await client.sendMessage(message);
const botOptions = {polling: true, baseApiUrl: server.config.apiURL};
const telegramBot = new TelegramBot(token, botOptions);
const testBot = new TestBot(telegramBot);
const updates = await client.getUpdates();
console.log(`Client received messages: ${JSON.stringify(updates.result)}`);
if (updates.result.length !== 1) {
throw new Error('updates queue should contain one message!');
}
let keyboard = JSON.parse(updates.result[0].message.reply_markup).keyboard;
const message2 = client.makeMessage(keyboard[0][0].text);
await client.sendMessage(message2);
const updates2 = await client.getUpdates();
console.log(`Client received messages: ${JSON.stringify(updates2.result)}`);
if (updates2.result.length !== 1) {
throw new Error('updates queue should contain one message!');
}
if (updates2.result[0].message.text !== 'Hello, Masha!') {
throw new Error('Wrong greeting message!');
}
return true;
});
});
FAQs
Emulating telegram API
We found that telegram-test-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.