Sha256: 5594493ae7330bf9bb167f1b40d022a0d63db7baf61e7ac12b7eb9fb3eb90a61
Contents?: true
Size: 1.64 KB
Versions: 44
Compression:
Stored size: 1.64 KB
Contents
module Rack # Middleware that authenticates webhooks from Twilio using the request # validator. # # The middleware takes an auth token with which to set up the request # validator and any number of paths. When a path matches the incoming request # path, the request will be checked for authentication. # # Example: # # require 'rack' # use Rack::TwilioWebhookAuthentication, ENV['AUTH_TOKEN'], /\/messages/ # # The above appends this middleware to the stack, using an auth token saved in # the ENV and only against paths that match /\/messages/. If the request # validates then it gets passed on to the action as normal. If the request # doesn't validate then the middleware responds immediately with a 403 status. class TwilioWebhookAuthentication def initialize(app, auth_token, *paths, &auth_token_lookup) @app = app @auth_token = auth_token define_singleton_method(:get_auth_token, auth_token_lookup) if block_given? @path_regex = Regexp.union(paths) end def call(env) return @app.call(env) unless env["PATH_INFO"].match(@path_regex) request = Rack::Request.new(env) original_url = request.url params = request.post? ? request.POST : {} auth_token = @auth_token || get_auth_token(params['AccountSid']) validator = Twilio::Util::RequestValidator.new(auth_token) signature = env['HTTP_X_TWILIO_SIGNATURE'] || "" if validator.validate(original_url, params, signature) @app.call(env) else [ 403, {'Content-Type' => 'text/plain'}, ["Twilio Request Validation Failed."] ] end end end end
Version data entries
44 entries across 44 versions & 1 rubygems