npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

flex-auth

v2.0.0

Published

Service for authenticating requests from Twilio.

Downloads

61

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

calmoorecalmoore

Keywords

twilioflexauth

Readme

twilio-auth

Service for authenticating requests to/from Twilio.

API

Static Properties

twilioAuthHeaderName: string

The name of the header where the Twilio signature should exist.

twilioUserHeaderName: string

The name of the header where Twilio user tokens should be stored.

constructor(accountSid: string, authToken: string)

Creates a new TwilioAuth instance that will validate requests using authToken as the secret.

| Property | Type | Description | |----------|------|-------------| | accountSid | string | The SID of the Twilio account. | | authToken | string | The secret that should be used to sign requests. |

Methods

async authenticateAWSRequest(event: { body?: string, path: string, headers: { [ name: string ]: string }, queryStringParameters: { [ name: string ]: string } }): Promise

Attempts to authenticate the request received by an AWS Lambda behind an ALB.

Returns a Promise that resolves to true if the request can be authenticated or false if it cannot be authenticated.

| Property | Type | Description | |----------|------|-------------| | event | any | The event object passed to the AWS Lambda |

async authenticateExpressRequest(req: Request): Promise

Attempts to authenticate the request received by an Express server.

Returns a Promise that resolves to true if the request can be authenticated or false if it cannot be authenticated.

| Property | Type | Description | |----------|------|-------------| | req | express.Request | The Express Request object |

async authenticateTwilioRequest({ userToken }: { userToken?: string }): Promise

Authenticates a request to a Twilio Function from an external agent.

Note: Internal requests should be authenticated with the builtin Twilio header check. If HTTP headers are made available, this method may be updated to handle both user- and Twilio-authenticated requests.

Returns a Promise that resolves to true if the user is authenticated and false otherwise.

| Property | Type | Description | |----------|------|-------------| | event | { userToken: string } | The Twilio event object passed to the Function |

createToken(url: string, body?: { [ key: string ]: any }): Promise

Creates a token that can be included in the Twilio auth header.

Returns a Promise that resolves with the token that should be included in the header.

| Property | Type | Description | |----------|------|-------------| | url | string | The full URL of the requested resource | | body | { [ key: string ]: any } | If the request has a body, the body of the request |

isSignatureValid(signature: string, url: string, body?: { [ key: string ]: any }): Promise

Validates the signature in a Twilio-authenticated request.

Returns a Promise that resolves to true iff the the signature is valid.

| Property | Type | Description | |----------|------|-------------| | signature | string | The signature provided in the Twilio auth header | | url | string | The full URL of the requested resource | | body | { [ key: string ]: any } | If the request has a body, the body of the request |

async isUserTokenValid(token: string): Promise

Checks if the user token provided is valid.

Returns a Promise that resolves to true if provided token is valid; otherwise resolves to false

| Property | Type | Description | |----------|------|-------------| | token | string | The user auth token generated by Twilio |

async fetchUserData(token: string): Promise<{workerSid: string, roles: string[], isValid: boolean, expiration: Date, identity: string}>

Fetches the user data attached to the provided token.

| Property | Type | Description | |----------|------|-------------| | token | string | The user auth token generated by Twilio |

Express Middleware

Building off the helper method for authenticating an Express request, we also provide middleware that you can just hook into express app.

Usage

For twilio-auth-middleware to work, the request object must have the following fields added to it:

{
  "twilio": {
    "accountSid": "string",
    "authToken": "string"
  }
}

To add this data to the request object, you might define middleware that is executed before twilio-auth-middlware that loads the required data and adds it to the request object. Your express app might look something like:

import { twilioAuthMiddleware, TwilioRequest } from 'twilio-auth';

app.use(async (req: TwilioRequest, _res: Response, next: NextFunction) => {
  req.twilio = {
    accountSid: await loadAccountSid(),
    authToken:  await loadAuthToken(),
  };

  next();
});

app.use(twilioAuthMiddleware());