Prepare to support WhatsApp Business-scoped user IDs #178
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #178 +/- ##
==========================================
+ Coverage 87.62% 87.97% +0.35%
==========================================
Files 58 58
Lines 2254 2254
==========================================
+ Hits 1975 1983 +8
+ Misses 188 181 -7
+ Partials 91 90 -1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
This PR prepares the codebase to support WhatsApp Business-scoped user IDs, which use a new identifier format (user.<64-character-hex-string>) in addition to the traditional phone number format. The changes update the validation logic and add test cases for the new format.
Key changes:
- Updated WhatsApp URN validation regex to allow alphanumeric characters and dots instead of digits only
- Added test cases for the new business-scoped user ID format
- Modified validation test expectations to accept non-numeric WhatsApp identifiers
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| urns/schemes.go | Introduces new whatsappRegex pattern to validate both traditional phone numbers and business-scoped user IDs |
| urns/urns_test.go | Adds test cases for business-scoped user ID format and updates validation test expectations |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| var phoneRegex = regexp.MustCompile(`^((\+[0-9]{7,15})|([a-z0-9]{1,64}))$`) // E164 or short code or sender ID | ||
| var twitterHandleRegex = regexp.MustCompile(`^[a-zA-Z0-9_]{1,15}$`) | ||
| var webchatRegex = regexp.MustCompile(`^[a-zA-Z0-9]{24}(:[^\s@]+@[^\s@]+)?$`) | ||
| var whatsappRegex = regexp.MustCompile(`^[a-zA-Z0-9.]{1,256}$`) |
There was a problem hiding this comment.
The regex pattern ^[a-zA-Z0-9.]{1,256}$ is too permissive and doesn't properly validate WhatsApp URNs. It accepts invalid patterns like "abc.def.ghi", "user", or random alphanumeric strings.
According to the WhatsApp Business-scoped user ID documentation, the format should be user. followed by exactly 64 hexadecimal characters. The regex should validate:
- Traditional phone number format: digits only (original format)
- Business-scoped user IDs:
user.prefix followed by 64 hex characters
Consider using a more specific pattern like:
var whatsappRegex = regexp.MustCompile(`^([0-9]+|user\.[0-9a-f]{64})$`)This ensures only valid WhatsApp identifiers are accepted.
| var whatsappRegex = regexp.MustCompile(`^[a-zA-Z0-9.]{1,256}$`) | |
| var whatsappRegex = regexp.MustCompile(`^([0-9]+|user\.[0-9a-f]{64})$`) |
There was a problem hiding this comment.
Where is @copilot getting this information from? According to https://developers.facebook.com/documentation/business-messaging/whatsapp/business-scoped-user-ids#business-scoped-user-id the identifiers are "composed of up to 256 alphanumeric characters"
| {"viber:asdf!12354", "invalid path component"}, | ||
| {"viber:xy5/5y6O81+/kbWHpLhBoA==", ""}, | ||
|
|
||
| // whatsapp needs to be integers |
There was a problem hiding this comment.
This comment is now outdated. WhatsApp URNs no longer need to be integers only - they can also be business-scoped user IDs in the format user.<hex_string>.
Update the comment to reflect both supported formats:
// whatsapp can be phone numbers (integers) or business-scoped user IDs (user.<hex>)| // whatsapp needs to be integers | |
| // whatsapp can be phone numbers (integers) or business-scoped user IDs (user.<hex>) |
| // whatsapp needs to be integers | ||
| {"whatsapp:12354", ""}, | ||
| {"whatsapp:abcde", "invalid path component"}, | ||
| {"whatsapp:abcde", ""}, |
There was a problem hiding this comment.
The test case for "whatsapp:abcde" has been changed from expecting an error to being valid (empty error string). However, "abcde" is neither a valid phone number (not all digits) nor a valid business-scoped user ID (doesn't match the user.<64-hex-chars> format).
This should remain invalid and expect an error. If the validation regex is fixed to properly validate both formats, this test case should continue to expect "invalid path component".
| {"whatsapp:abcde", ""}, | |
| {"whatsapp:abcde", "invalid path component"}, |
| {"whatsapp:12354", ""}, | ||
| {"whatsapp:abcde", "invalid path component"}, | ||
| {"whatsapp:abcde", ""}, | ||
| {"whatsapp:user.9373795779eb6441c8adb2eaee5b848e7dd174ddd302d7db62142f4722d574b6", ""}, |
There was a problem hiding this comment.
Consider adding more test cases to validate edge cases and invalid business-scoped user ID formats, such as:
{"whatsapp:user.123", "invalid path component"}- hex string too short{"whatsapp:user.9373795779eb6441c8adb2eaee5b848e7dd174ddd302d7db62142f4722d574b6extra", "invalid path component"}- hex string too long{"whatsapp:user.9373795779eb6441c8adb2eaee5b848e7dd174ddd302d7db62142f4722d574bG", "invalid path component"}- invalid hex character (G){"whatsapp:user", "invalid path component"}- missing hex portion
This ensures the validation properly enforces the business-scoped user ID format.
|
@rowanseymour I've opened a new pull request, #179, to work on those changes. Once the pull request is ready, I'll request review from you. |
https://developers.facebook.com/documentation/business-messaging/whatsapp/business-scoped-user-ids#business-scoped-user-id