forked from twilio/twilio-ruby
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
181 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
module Twilio | ||
module Util | ||
class AccessToken | ||
def initialize(account_sid, signing_key_id, secret, ttl=3600, identity=nil) | ||
@account_sid = account_sid | ||
@signing_key_sid = signing_key_id | ||
@secret = secret | ||
@ttl = ttl | ||
@identity = identity | ||
@grants = [] | ||
end | ||
|
||
def add_grant(grant) | ||
@grants.push(grant) | ||
end | ||
|
||
def to_jwt(algorithm='HS256') | ||
now = Time.now.to_i - 1 | ||
headers = { | ||
'cty' => 'twilio-fpa;v=1', | ||
'typ' => 'JWT' | ||
} | ||
|
||
grants = {} | ||
if @identity | ||
grants['identity'] = @identity | ||
end | ||
|
||
@grants.each { |grant| grants[grant.key] = grant.payload } | ||
|
||
payload = { | ||
'jti' => "#{@signing_key_sid}-#{now}", | ||
'iss' => @signing_key_sid, | ||
'sub' => @account_sid, | ||
'nbf' => now, | ||
'exp' => now + @ttl, | ||
'grants' => grants | ||
} | ||
JWT.encode payload, @secret, algorithm, headers | ||
end | ||
|
||
def to_s | ||
to_jwt | ||
end | ||
|
||
class ConversationsGrant | ||
attr_accessor :configuration_profile_sid | ||
|
||
def key | ||
'rtc' | ||
end | ||
|
||
def payload | ||
payload = {} | ||
if @configuration_profile_sid | ||
payload['configuration_profile_sid'] = @configuration_profile_sid | ||
end | ||
|
||
payload | ||
end | ||
|
||
end | ||
|
||
class IpMessagingGrant | ||
attr_accessor :service_sid, | ||
:endpoint_id, | ||
:deployment_role_sid, | ||
:push_credential_sid | ||
|
||
def key | ||
'ip_messaging' | ||
end | ||
|
||
def payload | ||
payload = {} | ||
if @service_sid | ||
payload['service_sid'] = @service_sid | ||
end | ||
if @endpoint_id | ||
payload['endpoint_id'] = @endpoint_id | ||
end | ||
if @role_sid | ||
payload['deployment_role_sid'] = @deployment_role_sid | ||
end | ||
if @credential_sid | ||
payload['push_credential_sid'] = @push_credential_sid | ||
end | ||
|
||
payload | ||
end | ||
|
||
end | ||
|
||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
require 'spec_helper' | ||
|
||
describe Twilio::Util::AccessToken do | ||
|
||
it 'should generate a token for no grants' do | ||
scat = Twilio::Util::AccessToken.new 'AC123', 'SK123','secret' | ||
token = scat.to_s | ||
expect(token).not_to be_nil | ||
payload, header = JWT.decode token, 'secret' | ||
|
||
expect(payload['iss']).to eq('SK123') | ||
expect(payload['sub']).to eq('AC123') | ||
expect(payload['nbf']).not_to be_nil | ||
expect(payload['exp']).not_to be_nil | ||
expect(payload['nbf'] + 3600).to eq(payload['exp']) | ||
expect(payload['jti']).not_to be_nil | ||
expect("#{payload['iss']}-#{payload['nbf']}").to eq(payload['jti']) | ||
expect(payload['grants']).not_to be_nil | ||
expect(payload['grants'].count).to eq(0) | ||
end | ||
|
||
it 'should be able to add conversation grant' do | ||
scat = Twilio::Util::AccessToken.new 'AC123', 'SK123','secret' | ||
scat.add_grant(Twilio::Util::AccessToken::ConversationsGrant.new) | ||
|
||
token = scat.to_s | ||
expect(token).not_to be_nil | ||
payload, header = JWT.decode token, 'secret' | ||
|
||
expect(payload['iss']).to eq('SK123') | ||
expect(payload['sub']).to eq('AC123') | ||
expect(payload['nbf']).not_to be_nil | ||
expect(payload['exp']).not_to be_nil | ||
expect(payload['nbf'] + 3600).to eq(payload['exp']) | ||
expect(payload['jti']).not_to be_nil | ||
expect("#{payload['iss']}-#{payload['nbf']}").to eq(payload['jti']) | ||
expect(payload['grants']).not_to be_nil | ||
expect(payload['grants'].count).to eq(1) | ||
expect(payload['grants']['rtc']).not_to be_nil | ||
end | ||
|
||
it 'should be able to add endpoint grants' do | ||
scat = Twilio::Util::AccessToken.new 'AC123', 'SK123','secret' | ||
scat.add_grant(Twilio::Util::AccessToken::IpMessagingGrant.new) | ||
|
||
token = scat.to_s | ||
expect(token).not_to be_nil | ||
payload, header = JWT.decode token, 'secret' | ||
|
||
expect(payload['iss']).to eq('SK123') | ||
expect(payload['sub']).to eq('AC123') | ||
expect(payload['nbf']).not_to be_nil | ||
expect(payload['exp']).not_to be_nil | ||
expect(payload['nbf'] + 3600).to eq(payload['exp']) | ||
expect(payload['jti']).not_to be_nil | ||
expect("#{payload['iss']}-#{payload['nbf']}").to eq(payload['jti']) | ||
expect(payload['grants']).not_to be_nil | ||
expect(payload['grants'].count).to eq(1) | ||
expect(payload['grants']['ip_messaging']).not_to be_nil | ||
end | ||
|
||
it 'should add rest grants' do | ||
scat = Twilio::Util::AccessToken.new 'AC123', 'SK123','secret' | ||
scat.add_grant(Twilio::Util::AccessToken::ConversationsGrant.new) | ||
scat.add_grant(Twilio::Util::AccessToken::IpMessagingGrant.new) | ||
|
||
token = scat.to_s | ||
expect(token).not_to be_nil | ||
payload, header = JWT.decode token, 'secret' | ||
|
||
expect(payload['iss']).to eq('SK123') | ||
expect(payload['sub']).to eq('AC123') | ||
expect(payload['nbf']).not_to be_nil | ||
expect(payload['exp']).not_to be_nil | ||
expect(payload['nbf'] + 3600).to eq(payload['exp']) | ||
expect(payload['jti']).not_to be_nil | ||
expect("#{payload['iss']}-#{payload['nbf']}").to eq(payload['jti']) | ||
expect(payload['grants']).not_to be_nil | ||
expect(payload['grants'].count).to eq(2) | ||
expect(payload['grants']['rtc']).not_to be_nil | ||
expect(payload['grants']['ip_messaging']).not_to be_nil | ||
end | ||
|
||
end |