lib/rack/twilio_webhook_authentication.rb in twilio-ruby-3.14.3 vs lib/rack/twilio_webhook_authentication.rb in twilio-ruby-3.14.4

@@ -15,22 +15,24 @@
   # the ENV and only against paths that match /\/messages/. If the request
   # validates then it gets passed on to the action as normal. If the request
   # doesn't validate then the middleware responds immediately with a 403 status.
 
   class TwilioWebhookAuthentication
-    def initialize(app, auth_token, *paths)
+    def initialize(app, auth_token, *paths, &auth_token_lookup)
       @app = app
       @auth_token = auth_token
+      define_singleton_method(:get_auth_token, auth_token_lookup) if block_given?
       @path_regex = Regexp.union(paths)
     end
 
     def call(env)
       return @app.call(env) unless env["PATH_INFO"].match(@path_regex)
-      validator = Twilio::Util::RequestValidator.new(@auth_token)
       request = Rack::Request.new(env)
       original_url = request.url
       params = request.post? ? request.POST : {}
+      auth_token = @auth_token || get_auth_token(params['AccountSid'])
+      validator = Twilio::Util::RequestValidator.new(auth_token)
       signature = env['HTTP_X_TWILIO_SIGNATURE'] || ""
       if validator.validate(original_url, params, signature)
         @app.call(env)
       else
         [
@@ -39,6 +41,7 @@
           ["Twilio Request Validation Failed."]
         ]
       end
     end
   end
+
 end