twilio-ruby 5.0.0.rc10 → 5.0.0.rc11

data/spec/jwt/task_router_worker_spec.rb

@@ -0,0 +1,146 @@
+require 'spec_helper'
+
+describe Twilio::JWT::WorkerCapability do
+  describe 'with a capability' do
+    before :each do
+      @capability = Twilio::JWT::WorkerCapability.new 'AC123', 'foobar', 'WS456', 'WK789'
+    end
+
+    it 'should return a valid jwt when #generate_token is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['policies']).not_to be_nil
+      expect(decoded['iss']).not_to be_nil
+      expect(decoded['exp']).not_to be_nil
+      expect(decoded['account_sid']).to eq('AC123')
+      expect(decoded['workspace_sid']).to eq('WS456')
+      expect(decoded['worker_sid']).to eq('WK789')
+      expect(decoded['channel']).to eq('WK789')
+    end
+
+    it 'should properly set the iss key in the payload' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['iss']).to eq('AC123')
+    end
+
+    it 'should properly set exp based on the default 1-hour ttl' do
+      seconds = Time.now.to_i
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['exp']).to eq(seconds + 3600)
+    end
+
+    it 'should properly set exp based on the ttl arg to #generate_token' do
+      seconds = Time.now.to_i
+      ttl = rand 10000
+      token = @capability.generate_token ttl
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['exp']).to eq(seconds + ttl)
+    end
+
+    it 'should allow websocket operations and activity list fetches by default' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['policies'].size).to eq(6)
+      get_policy = {
+          "url" => 'https://event-bridge.twilio.com/v1/wschannels/AC123/WK789',
+          "method" => 'GET',
+          "query_filter" => {},
+          "post_filter" => {},
+          "allow" => true
+      }
+      expect(decoded['policies'][0]).to eq(get_policy)
+      post_policy = {
+          "url" => 'https://event-bridge.twilio.com/v1/wschannels/AC123/WK789',
+          "method" => 'POST',
+          "query_filter" => {},
+          "post_filter" => {},
+          "allow" => true
+      }
+      expect(decoded['policies'][1]).to eq(post_policy)
+
+      worker_fetch_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Workers/WK789',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][2]).to eq(worker_fetch_policy)
+
+      activities_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Activities',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][3]).to eq(activities_policy)
+
+      tasks_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Tasks/**',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][4]).to eq(tasks_policy)
+
+      worker_reservations_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Workers/WK789/Reservations/**',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][5]).to eq(worker_reservations_policy)
+    end
+
+    it 'should add a policy when #allow_activity_updates is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      policies_size = decoded['policies'].size
+
+      @capability.allow_activity_updates
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      activity_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Workers/WK789',
+          'method' => 'POST',
+          'query_filter' => {},
+          'post_filter' => {'ActivitySid' => {'required' => true}},
+          'allow' => true
+      }
+      expect(decoded['policies'][-1]).to eq(activity_policy)
+      expect(decoded['policies'].size).to eq(policies_size+1)
+    end
+
+    it 'should add two policies when #allow_reservation_updates is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      policies_size = decoded['policies'].size
+
+      @capability.allow_reservation_updates
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      tasks_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Tasks/**',
+          'method' => 'POST',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][-2]).to eq(tasks_policy)
+      worker_reservations_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/Workers/WK789/Reservations/**',
+          'method' => 'POST',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][-1]).to eq(worker_reservations_policy)
+      expect(decoded['policies'].size).to eq(policies_size+2)
+    end
+  end
+end

data/spec/jwt/task_router_workspace_spec.rb

@@ -0,0 +1,110 @@
+require 'spec_helper'
+
+describe Twilio::JWT::WorkspaceCapability do
+  describe 'with a capability' do
+    before :each do
+      @capability = Twilio::JWT::WorkspaceCapability.new 'AC123', 'foobar', 'WS456'
+    end
+
+    it 'should return a valid jwt when #generate_token is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['policies']).not_to be_nil
+      expect(decoded['iss']).not_to be_nil
+      expect(decoded['exp']).not_to be_nil
+      expect(decoded['account_sid']).to eq('AC123')
+      expect(decoded['workspace_sid']).to eq('WS456')
+      expect(decoded['channel']).to eq('WS456')
+    end
+
+    it 'should properly set the iss key in the payload' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['iss']).to eq('AC123')
+    end
+
+    it 'should properly set exp based on the default 1-hour ttl' do
+      seconds = Time.now.to_i
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['exp']).to eq(seconds + 3600)
+    end
+
+    it 'should properly set exp based on the ttl arg to #generate_token' do
+      seconds = Time.now.to_i
+      ttl = rand 10000
+      token = @capability.generate_token ttl
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['exp']).to eq(seconds + ttl)
+    end
+
+    it 'should allow websocket operations and fetching the workspace by default' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      expect(decoded['policies'].size).to eq(3)
+      get_policy = {
+          "url" => 'https://event-bridge.twilio.com/v1/wschannels/AC123/WS456',
+          "method" => 'GET',
+          "query_filter" => {},
+          "post_filter" => {},
+          "allow" => true
+      }
+      expect(decoded['policies'][0]).to eq(get_policy)
+      post_policy = {
+          "url" => 'https://event-bridge.twilio.com/v1/wschannels/AC123/WS456',
+          "method" => 'POST',
+          "query_filter" => {},
+          "post_filter" => {},
+          "allow" => true
+      }
+      expect(decoded['policies'][1]).to eq(post_policy)
+
+      workspace_fetch_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][2]).to eq(workspace_fetch_policy)
+    end
+
+    it 'should add a policy when #allow_fetch_subresources is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      policies_size = decoded['policies'].size
+
+      @capability.allow_fetch_subresources
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      workspace_fetch_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/**',
+          'method' => 'GET',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][-1]).to eq(workspace_fetch_policy)
+      expect(decoded['policies'].size).to eq(policies_size+1)
+    end
+
+    it 'should add a policy when #allow_update_subresources is called' do
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      policies_size = decoded['policies'].size
+
+      @capability.allow_updates_subresources
+      token = @capability.generate_token
+      decoded, header = JWT.decode token, 'foobar'
+      workspace_update_policy = {
+          'url' => 'https://taskrouter.twilio.com/v1/Workspaces/WS456/**',
+          'method' => 'POST',
+          'query_filter' => {},
+          'post_filter' => {},
+          'allow' => true
+      }
+      expect(decoded['policies'][-1]).to eq(workspace_update_policy)
+      expect(decoded['policies'].size).to eq(policies_size+1)
+    end
+  end
+end

data/spec/rack/twilio_webhook_authentication_spec.rb

@@ -34,7 +34,7 @@ describe Rack::TwilioWebhookAuthentication do
       expect_any_instance_of(Rack::Request).to receive(:POST).and_return({'AccountSid' => account_sid})
       @middleware = Rack::TwilioWebhookAuthentication.new(@app, nil, /\/voice/) { |asid| auth_token}
       request_validator = double('RequestValidator')
-      expect(Twilio::Util::RequestValidator).to receive(:new).with(auth_token).and_return(request_validator)
+      expect(Twilio::Security::RequestValidator).to receive(:new).with(auth_token).and_return(request_validator)
       expect(request_validator).to receive(:validate).and_return(true)
       request = Rack::MockRequest.env_for('/voice')
       status, headers, body = @middleware.call(request)
@@ -50,14 +50,14 @@ describe Rack::TwilioWebhookAuthentication do
     end
 
     it 'should not intercept when the path doesn\'t match' do
-      expect(Twilio::Util::RequestValidator).to_not receive(:validate)
+      expect(Twilio::Security::RequestValidator).to_not receive(:validate)
       request = Rack::MockRequest.env_for('/sms')
       status, headers, body = @middleware.call(request)
       expect(status).to be(200)
     end
 
     it 'should allow a request through if it validates' do
-      expect_any_instance_of(Twilio::Util::RequestValidator).to(
+      expect_any_instance_of(Twilio::Security::RequestValidator).to(
         receive(:validate).and_return(true)
       )
       request = Rack::MockRequest.env_for('/voice')
@@ -66,7 +66,7 @@ describe Rack::TwilioWebhookAuthentication do
     end
 
     it 'should short circuit a request to 403 if it does not validate' do
-      expect_any_instance_of(Twilio::Util::RequestValidator).to(
+      expect_any_instance_of(Twilio::Security::RequestValidator).to(
         receive(:validate).and_return(false)
       )
       request = Rack::MockRequest.env_for('/voice')
@@ -83,14 +83,14 @@ describe Rack::TwilioWebhookAuthentication do
     end
 
     it 'should not intercept when the path doesn\'t match' do
-      expect(Twilio::Util::RequestValidator).to_not receive(:validate)
+      expect(Twilio::Security::RequestValidator).to_not receive(:validate)
       request = Rack::MockRequest.env_for('icesms')
       status, headers, body = @middleware.call(request)
       expect(status).to be(200)
     end
 
     it 'shold allow a request through if it validates' do
-      expect_any_instance_of(Twilio::Util::RequestValidator).to(
+      expect_any_instance_of(Twilio::Security::RequestValidator).to(
         receive(:validate).and_return(true)
       )
       request = Rack::MockRequest.env_for('/sms')
@@ -99,7 +99,7 @@ describe Rack::TwilioWebhookAuthentication do
     end
 
     it 'should short circuit a request to 403 if it does not validate' do
-      expect_any_instance_of(Twilio::Util::RequestValidator).to(
+      expect_any_instance_of(Twilio::Security::RequestValidator).to(
         receive(:validate).and_return(false)
       )
       request = Rack::MockRequest.env_for('/sms')

data/spec/{util → security}/request_validator_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Twilio::Util::RequestValidator do
+describe Twilio::Security::RequestValidator do
   describe 'configuration' do
     after(:each) do
       Twilio.instance_variable_set('@configuration', nil)
@@ -11,7 +11,7 @@ describe Twilio::Util::RequestValidator do
         config.auth_token = 'someToken'
       end
 
-      validator = Twilio::Util::RequestValidator.new
+      validator = Twilio::Security::RequestValidator.new
       expect(validator.instance_variable_get('@auth_token')).to eq('someToken')
     end
 
@@ -20,19 +20,19 @@ describe Twilio::Util::RequestValidator do
         config.auth_token = 'someToken'
       end
 
-      validator = Twilio::Util::RequestValidator.new 'otherToken'
+      validator = Twilio::Security::RequestValidator.new 'otherToken'
       expect(validator.instance_variable_get('@auth_token')).to eq('otherToken')
     end
 
     it 'should throw an argument error if the auth token isn\'t set' do
-      expect { Twilio::Util::RequestValidator.new }.to raise_error(ArgumentError)
+      expect { Twilio::Security::RequestValidator.new }.to raise_error(ArgumentError)
     end
   end
 
   describe 'validations' do
     let(:token) { '2bd9e9638872de601313dc77410d3b23' }
 
-    let(:validator) { Twilio::Util::RequestValidator.new token }
+    let(:validator) { Twilio::Security::RequestValidator.new token }
 
     let(:voice_url) { 'http://twiliotests.heroku.com/validate/voice' }
 

data/twilio-ruby.gemspec

@@ -23,7 +23,6 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency('builder', '>= 2.1.2')
   spec.add_dependency('jwt', '~> 1.0')
-  spec.add_dependency('activesupport', '~> 4.2')
   spec.add_dependency('faraday', '~>0.9')
   spec.add_dependency('jruby-openssl') if RUBY_PLATFORM == 'java'
   # Workaround for RBX <= 2.2.1, should be fixed in next version

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: twilio-ruby
 version: !ruby/object:Gem::Version
-  version: 5.0.0.rc10
+  version: 5.0.0.rc11
 platform: ruby
 authors:
 - Andrew Benton
@@ -38,20 +38,6 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '4.2'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -115,6 +101,9 @@ files:
 - lib/twilio-ruby/framework/twilio_response.rb
 - lib/twilio-ruby/framework/version.rb
 - lib/twilio-ruby/http/http_client.rb
+- lib/twilio-ruby/jwt/access_token.rb
+- lib/twilio-ruby/jwt/capability.rb
+- lib/twilio-ruby/jwt/task_router.rb
 - lib/twilio-ruby/rest/api.rb
 - lib/twilio-ruby/rest/api/v2010.rb
 - lib/twilio-ruby/rest/api/v2010/account.rb
@@ -238,15 +227,10 @@ files:
 - lib/twilio-ruby/rest/trunking/v1/trunk/ip_access_control_list.rb
 - lib/twilio-ruby/rest/trunking/v1/trunk/origination_url.rb
 - lib/twilio-ruby/rest/trunking/v1/trunk/phone_number.rb
-- lib/twilio-ruby/task_router.rb
-- lib/twilio-ruby/task_router/capability.rb
+- lib/twilio-ruby/security/request_validator.rb
 - lib/twilio-ruby/twiml/response.rb
 - lib/twilio-ruby/util.rb
-- lib/twilio-ruby/util/access_token.rb
-- lib/twilio-ruby/util/capability.rb
-- lib/twilio-ruby/util/client_config.rb
 - lib/twilio-ruby/util/configuration.rb
-- lib/twilio-ruby/util/request_validator.rb
 - lib/twilio-ruby/version.rb
 - spec/framework/serialize_spec.rb
 - spec/holodeck/holodeck.rb
@@ -355,16 +339,18 @@ files:
 - spec/integration/trunking/v1/trunk/origination_url_spec.rb
 - spec/integration/trunking/v1/trunk/phone_number_spec.rb
 - spec/integration/trunking/v1/trunk_spec.rb
+- spec/jwt/access_token_spec.rb
+- spec/jwt/capability_spec.rb
+- spec/jwt/task_router_spec.rb
+- spec/jwt/task_router_taskqueue_spec.rb
+- spec/jwt/task_router_worker_spec.rb
+- spec/jwt/task_router_workspace_spec.rb
 - spec/rack/twilio_webhook_authentication_spec.rb
+- spec/security/request_validator_spec.rb
 - spec/spec_helper.rb
 - spec/support/fakeweb.rb
-- spec/task_router_spec.rb
 - spec/twilio_spec.rb
-- spec/util/access_token_spec.rb
-- spec/util/capability_spec.rb
-- spec/util/client_config_spec.rb
 - spec/util/configuration_spec.rb
-- spec/util/request_validator_spec.rb
 - spec/util/url_encode_spec.rb
 - twilio-ruby.gemspec
 homepage: http://github.com/twilio/twilio-ruby
@@ -506,14 +492,16 @@ test_files:
 - spec/integration/trunking/v1/trunk/origination_url_spec.rb
 - spec/integration/trunking/v1/trunk/phone_number_spec.rb
 - spec/integration/trunking/v1/trunk_spec.rb
+- spec/jwt/access_token_spec.rb
+- spec/jwt/capability_spec.rb
+- spec/jwt/task_router_spec.rb
+- spec/jwt/task_router_taskqueue_spec.rb
+- spec/jwt/task_router_worker_spec.rb
+- spec/jwt/task_router_workspace_spec.rb
 - spec/rack/twilio_webhook_authentication_spec.rb
+- spec/security/request_validator_spec.rb
 - spec/spec_helper.rb
 - spec/support/fakeweb.rb
-- spec/task_router_spec.rb
 - spec/twilio_spec.rb
-- spec/util/access_token_spec.rb
-- spec/util/capability_spec.rb
-- spec/util/client_config_spec.rb
 - spec/util/configuration_spec.rb
-- spec/util/request_validator_spec.rb
 - spec/util/url_encode_spec.rb