twilio 5.6.0 → 5.7.0

package/README.md

@@ -274,6 +274,11 @@ If you are using callbacks, error information will be included in the `error` pa
 
 400-level errors are [normal during API operation](https://www.twilio.com/docs/api/rest/request#get-responses) ("Invalid number", "Cannot deliver SMS to that number", for example) and should be handled appropriately.
 
+### Use a Client with PKCV Authentication
+
+twilio-node now supports Public Key Client Validation authentication for Twilio APIs. To use this feature, refer to the [example file](https://github.com/twilio/twilio-node/blob/main/examples/pkcv.js). 
+Additional documentation can be found on [Public Key Client Validation Quickstart](https://twilio.com/docs/iam/pkcv/quickstart).
+
 ### Use a custom HTTP Client
 
 To use a custom HTTP client with this helper library, please see the [advanced example of how to do so](./advanced-examples/custom-http-client.md).

package/lib/base/BaseTwilio.d.ts

@@ -2,6 +2,7 @@
 /// <reference types="node" />
 /// <reference types="node" />
 import RequestClient from "./RequestClient";
+import { ValidationClientOptions } from "./ValidationClient";
 import { HttpMethod } from "../interfaces";
 import { Headers } from "../http/request";
 import AuthStrategy from "../auth_strategy/AuthStrategy";
@@ -19,6 +20,7 @@ declare namespace Twilio {
         autoRetry?: boolean;
         maxRetryDelay?: number;
         maxRetries?: number;
+        validationClient?: ValidationClientOptions;
         /**
          https.Agent options
          */
@@ -60,6 +62,7 @@ declare namespace Twilio {
         autoRetry?: boolean;
         maxRetryDelay?: number;
         maxRetries?: number;
+        validationClient?: ValidationClientOptions;
         /**
          https.Agent options
          */

package/lib/base/BaseTwilio.js

@@ -67,6 +67,7 @@ var Twilio;
             this.autoRetry = this.opts.autoRetry || false;
             this.maxRetryDelay = this.opts.maxRetryDelay;
             this.maxRetries = this.opts.maxRetries;
+            this.validationClient = this.opts.validationClient;
             this.userAgentExtensions = this.opts.userAgentExtensions || [];
             this._httpClient = this.opts.httpClient;
             if (this.opts.lazyLoading === false) {
@@ -108,6 +109,7 @@ var Twilio;
                     autoRetry: this.autoRetry,
                     maxRetryDelay: this.maxRetryDelay,
                     maxRetries: this.maxRetries,
+                    validationClient: this.validationClient,
                 });
             }
             return this._httpClient;
@@ -173,7 +175,8 @@ var Twilio;
                 data: opts.data,
                 timeout: opts.timeout,
                 allowRedirects: opts.allowRedirects,
-                logLevel: opts.logLevel,
+                // use the Twilio client's log-level if the httpClient's log-level is unspecified
+                logLevel: opts.logLevel || this.opts?.logLevel,
             });
         }
         /* jshint ignore:start */

package/lib/base/RequestClient.d.ts

@@ -1,10 +1,11 @@
 /// <reference types="node" />
 /// <reference types="node" />
 import { HttpMethod } from "../interfaces";
-import { AxiosInstance } from "axios";
+import { AxiosInstance, InternalAxiosRequestConfig } from "axios";
 import Response from "../http/response";
 import Request, { Headers } from "../http/request";
 import AuthStrategy from "../auth_strategy/AuthStrategy";
+import { ValidationClientOptions } from "./ValidationClient";
 declare class RequestClient {
     defaultTimeout: number;
     axios: AxiosInstance;
@@ -27,6 +28,7 @@ declare class RequestClient {
      * @param opts.autoRetry - Enable auto-retry requests with exponential backoff on 429 responses. Defaults to false.
      * @param opts.maxRetryDelay - Max retry delay in milliseconds for 429 Too Many Request response retries. Defaults to 3000.
      * @param opts.maxRetries - Max number of request retries for 429 Too Many Request responses. Defaults to 3.
+     * @param opts.validationClient - Validation client for PKCV
      */
     constructor(opts?: RequestClient.RequestClientOptions);
     /**
@@ -47,6 +49,28 @@ declare class RequestClient {
      */
     request<TData>(opts: RequestClient.RequestOptions<TData>): Promise<Response<TData>>;
     filterLoggingHeaders(headers: Headers): string[];
+    /**
+     * ValidationInterceptor adds the Twilio-Client-Validation header to the request
+     * @param validationClient - The validation client for PKCV
+     * <p>Usage Example:</p>
+     * ```javascript
+     * import axios from "axios";
+     * // Initialize validation client with credentials
+     * const validationClient = {
+     *           accountSid: "ACXXXXXXXXXXXXXXXX",
+     *           credentialSid: "CRXXXXXXXXXXXXXXXX",
+     *           signingKey: "SKXXXXXXXXXXXXXXXX",
+     *           privateKey: "private key",
+     *           algorithm: "PS256",
+     *         }
+     * // construct an axios instance
+     * const instance = axios.create();
+     * instance.interceptors.request.use(
+     *   ValidationInterceptor(opts.validationClient)
+     * );
+     * ```
+     */
+    validationInterceptor(validationClient: ValidationClientOptions): (config: InternalAxiosRequestConfig) => InternalAxiosRequestConfig<any>;
     private logRequest;
 }
 declare namespace RequestClient {
@@ -148,6 +172,17 @@ declare namespace RequestClient {
          * Maximum number of request retries for 429 Error responses. Defaults to 3.
          */
         maxRetries?: number;
+        /**
+         * Validation client for Public Key Client Validation
+         * On setting this with your credentials, Twilio validates:
+         <ul>
+            <li>The request comes from a sender who is in control of the private key.</li>
+            <li>The message has not been modified in transit.</li>
+         </ul>
+         * That the message has not been modified in transit.
+         * Refer our doc for details - https://www.twilio.com/docs/iam/pkcv
+         */
+        validationClient?: ValidationClientOptions;
     }
 }
 export = RequestClient;

package/lib/base/RequestClient.js

@@ -32,6 +32,7 @@ const qs_1 = __importDefault(require("qs"));
 const https = __importStar(require("https"));
 const response_1 = __importDefault(require("../http/response"));
 const request_1 = __importDefault(require("../http/request"));
+const ValidationToken_1 = __importDefault(require("../jwt/validation/ValidationToken"));
 const DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded";
 const DEFAULT_TIMEOUT = 30000;
 const DEFAULT_INITIAL_RETRY_INTERVAL_MILLIS = 100;
@@ -74,6 +75,7 @@ class RequestClient {
      * @param opts.autoRetry - Enable auto-retry requests with exponential backoff on 429 responses. Defaults to false.
      * @param opts.maxRetryDelay - Max retry delay in milliseconds for 429 Too Many Request response retries. Defaults to 3000.
      * @param opts.maxRetries - Max number of request retries for 429 Too Many Request responses. Defaults to 3.
+     * @param opts.validationClient - Validation client for PKCV
      */
     constructor(opts) {
         opts = opts || {};
@@ -118,6 +120,10 @@ class RequestClient {
                 maxRetries: this.maxRetries,
             }));
         }
+        // if validation client is set, intercept the request using ValidationInterceptor
+        if (opts.validationClient) {
+            this.axios.interceptors.request.use(this.validationInterceptor(opts.validationClient));
+        }
     }
     /**
      * Make http request
@@ -213,6 +219,40 @@ class RequestClient {
             return !"authorization".includes(header.toLowerCase());
         });
     }
+    /**
+     * ValidationInterceptor adds the Twilio-Client-Validation header to the request
+     * @param validationClient - The validation client for PKCV
+     * <p>Usage Example:</p>
+     * ```javascript
+     * import axios from "axios";
+     * // Initialize validation client with credentials
+     * const validationClient = {
+     *           accountSid: "ACXXXXXXXXXXXXXXXX",
+     *           credentialSid: "CRXXXXXXXXXXXXXXXX",
+     *           signingKey: "SKXXXXXXXXXXXXXXXX",
+     *           privateKey: "private key",
+     *           algorithm: "PS256",
+     *         }
+     * // construct an axios instance
+     * const instance = axios.create();
+     * instance.interceptors.request.use(
+     *   ValidationInterceptor(opts.validationClient)
+     * );
+     * ```
+     */
+    validationInterceptor(validationClient) {
+        return function (config) {
+            config.headers = config.headers || {};
+            try {
+                config.headers["Twilio-Client-Validation"] = new ValidationToken_1.default(validationClient).fromHttpRequest(config);
+            }
+            catch (err) {
+                console.log("Error creating Twilio-Client-Validation header:", err);
+                throw err;
+            }
+            return config;
+        };
+    }
     logRequest(options) {
         console.log("-- BEGIN Twilio API Request --");
         console.log(`${options.method} ${options.url}`);

package/lib/base/ValidationClient.d.ts

@@ -0,0 +1,10 @@
+declare namespace ValidationClient {
+    interface ValidationClientOptions {
+        accountSid: string;
+        credentialSid: string;
+        signingKey: string;
+        privateKey: string;
+        algorithm?: string;
+    }
+}
+export = ValidationClient;

package/lib/base/ValidationClient.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/http/bearer_token/ApiTokenManager.d.ts

@@ -1,5 +1,5 @@
 import TokenManager from "./TokenManager";
-import { TokenListInstanceCreateOptions } from "../../rest/previewIam/v1/token";
+import { TokenListInstanceCreateOptions } from "../../rest/iam/v1/token";
 export default class ApiTokenManager implements TokenManager {
     private params;
     constructor(params: TokenListInstanceCreateOptions);

package/lib/http/bearer_token/ApiTokenManager.js

@@ -3,9 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const token_1 = require("../../rest/previewIam/v1/token");
-const PreviewIamBase_1 = __importDefault(require("../../rest/PreviewIamBase"));
-const V1_1 = __importDefault(require("../../rest/previewIam/V1"));
+const token_1 = require("../../rest/iam/v1/token");
+const IamBase_1 = __importDefault(require("../../rest/IamBase"));
+const V1_1 = __importDefault(require("../../rest/iam/V1"));
 const NoAuthCredentialProvider_1 = __importDefault(require("../../credential_provider/NoAuthCredentialProvider"));
 const BaseTwilio_1 = require("../../base/BaseTwilio");
 class ApiTokenManager {
@@ -19,7 +19,7 @@ class ApiTokenManager {
         const noAuthCredentialProvider = new NoAuthCredentialProvider_1.default.NoAuthCredentialProvider();
         const client = new BaseTwilio_1.Client();
         client.setCredentialProvider(noAuthCredentialProvider);
-        const tokenListInstance = (0, token_1.TokenListInstance)(new V1_1.default(new PreviewIamBase_1.default(client)));
+        const tokenListInstance = (0, token_1.TokenListInstance)(new V1_1.default(new IamBase_1.default(client)));
         return tokenListInstance
             .create(this.params)
             .then((token) => {

package/lib/http/bearer_token/OrgsTokenManager.d.ts

@@ -1,5 +1,5 @@
 import TokenManager from "./TokenManager";
-import { TokenListInstanceCreateOptions } from "../../rest/previewIam/v1/token";
+import { TokenListInstanceCreateOptions } from "../../rest/iam/v1/token";
 export default class OrgsTokenManager implements TokenManager {
     private readonly params;
     constructor(params: TokenListInstanceCreateOptions);

package/lib/http/bearer_token/OrgsTokenManager.js

@@ -3,9 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const token_1 = require("../../rest/previewIam/v1/token");
-const PreviewIamBase_1 = __importDefault(require("../../rest/PreviewIamBase"));
-const V1_1 = __importDefault(require("../../rest/previewIam/V1"));
+const token_1 = require("../../rest/iam/v1/token");
+const IamBase_1 = __importDefault(require("../../rest/IamBase"));
+const V1_1 = __importDefault(require("../../rest/iam/V1"));
 const NoAuthCredentialProvider_1 = __importDefault(require("../../credential_provider/NoAuthCredentialProvider"));
 const BaseTwilio_1 = require("../../base/BaseTwilio");
 class OrgsTokenManager {
@@ -19,7 +19,7 @@ class OrgsTokenManager {
         const noAuthCredentialProvider = new NoAuthCredentialProvider_1.default.NoAuthCredentialProvider();
         const client = new BaseTwilio_1.Client();
         client.setCredentialProvider(noAuthCredentialProvider);
-        const tokenListInstance = (0, token_1.TokenListInstance)(new V1_1.default(new PreviewIamBase_1.default(client)));
+        const tokenListInstance = (0, token_1.TokenListInstance)(new V1_1.default(new IamBase_1.default(client)));
         return tokenListInstance
             .create(this.params)
             .then((token) => {

package/lib/index.d.ts

@@ -3,6 +3,7 @@ import * as webhooks from "./webhooks/webhooks";
 import IRequestClient from "./base/RequestClient";
 import type { ClientOpts as IClientOpts } from "./base/BaseTwilio";
 import IAccessToken from "./jwt/AccessToken";
+import IValidationToken from "./jwt/validation/ValidationToken";
 import IClientCapability from "./jwt/ClientCapability";
 import ITaskRouterCapability from "./jwt/taskrouter/TaskRouterCapability";
 import * as taskRouterUtil from "./jwt/taskrouter/util";
@@ -19,6 +20,8 @@ declare namespace TwilioSDK {
     namespace jwt {
         type AccessToken = IAccessToken;
         const AccessToken: typeof IAccessToken;
+        type ValidationToken = IValidationToken;
+        const ValidationToken: typeof IValidationToken;
         type ClientCapability = IClientCapability;
         const ClientCapability: typeof IClientCapability;
         namespace taskrouter {

package/lib/index.js

@@ -29,6 +29,7 @@ const Twilio_1 = __importDefault(require("./rest/Twilio"));
 const webhooks = __importStar(require("./webhooks/webhooks"));
 const RequestClient_1 = __importDefault(require("./base/RequestClient"));
 const AccessToken_1 = __importDefault(require("./jwt/AccessToken"));
+const ValidationToken_1 = __importDefault(require("./jwt/validation/ValidationToken"));
 const ClientCapability_1 = __importDefault(require("./jwt/ClientCapability"));
 const TaskRouterCapability_1 = __importDefault(require("./jwt/taskrouter/TaskRouterCapability"));
 const taskRouterUtil = __importStar(require("./jwt/taskrouter/util"));
@@ -47,6 +48,7 @@ function TwilioSDK(accountSid, authToken, opts) {
     let jwt;
     (function (jwt) {
         jwt.AccessToken = AccessToken_1.default;
+        jwt.ValidationToken = ValidationToken_1.default;
         jwt.ClientCapability = ClientCapability_1.default;
         let taskrouter;
         (function (taskrouter) {

package/lib/jwt/validation/RequestCanonicalizer.d.ts

@@ -0,0 +1,20 @@
+declare class RequestCanonicalizer {
+    method: string;
+    uri: string;
+    queryParams: Record<string, string>;
+    requestBody: any;
+    headers: Record<string, string>;
+    constructor(method: string, uri: string, queryParams: Record<string, string>, requestBody: any, headers: Record<string, string>);
+    getCanonicalizedMethod(): string;
+    customEncode(str: string): string;
+    ASCIICompare(a: string, b: string): number;
+    getCanonicalizedPath(): string;
+    getCanonicalizedQueryParams(): string;
+    getCanonicalizedHeaders(): string;
+    getCanonicalizedHashedHeaders(): string;
+    getCanonicalizedRequestBody(): string;
+    sha256Hex(body: string): string;
+    getCanonicalizedRequestString(): string;
+    create(): string;
+}
+export default RequestCanonicalizer;

package/lib/jwt/validation/RequestCanonicalizer.js

@@ -0,0 +1,97 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto_1 = __importDefault(require("crypto"));
+class RequestCanonicalizer {
+    constructor(method, uri, queryParams, requestBody, headers) {
+        this.method = method;
+        this.uri = uri;
+        this.queryParams = queryParams;
+        this.requestBody = requestBody;
+        this.headers = headers;
+    }
+    getCanonicalizedMethod() {
+        return this.method.toUpperCase();
+    }
+    customEncode(str) {
+        return encodeURIComponent(decodeURIComponent(str))
+            .replace(/\*/g, "%2A")
+            .replace(/%7E/g, "~");
+    }
+    ASCIICompare(a, b) {
+        if (a < b)
+            return -1;
+        return a > b ? 1 : 0;
+    }
+    getCanonicalizedPath() {
+        // Remove query string from path
+        const path = this.uri.split("?")[0];
+        // Normalize duplicate slashes (but preserve the leading one)
+        const normalizedPath = path.replace(/\/+/g, "/");
+        // We must preserve slashes (as path delimiters) but encode each segment
+        // Split and encode, but first decode each segment to avoid double-encoding
+        return normalizedPath
+            .split("/")
+            .map((segment) => this.customEncode(segment))
+            .join("/");
+    }
+    getCanonicalizedQueryParams() {
+        if (!this.queryParams) {
+            return "";
+        }
+        // sort query params on the basis of '{key}={value}'
+        const sortedQueryParams = Object.entries(this.queryParams)
+            .map(([key, value]) => {
+            return `${key}=${value}`;
+        })
+            .sort((a, b) => this.ASCIICompare(a, b)) // forces ASCII sorting using custom compare
+            .map((param) => {
+            const [key, value] = param.split("=");
+            return `${this.customEncode(key)}=${this.customEncode(value)}`; // encode and concatenate as `key=value`
+        });
+        return sortedQueryParams.join("&");
+    }
+    getCanonicalizedHeaders() {
+        // sort headers on the basis of '{key}:{value}'
+        const sortedHeaders = Object.keys(this.headers)
+            .map((key) => {
+            if (!this.headers[key]) {
+                return `${key.toLowerCase()}:`;
+            }
+            return `${key.toLowerCase()}:${this.headers[key].trim()}`;
+        })
+            .sort((a, b) => this.ASCIICompare(a, b)); // forces ASCII sorting using custom compare
+        return `${sortedHeaders.join("\n")}\n`;
+    }
+    getCanonicalizedHashedHeaders() {
+        const sortedHeaders = Object.keys(this.headers).sort((a, b) => this.ASCIICompare(a, b)); // forces ASCII sorting using custom compare
+        return sortedHeaders.join(";");
+    }
+    getCanonicalizedRequestBody() {
+        if (!this.requestBody) {
+            return "";
+        }
+        if (typeof this.requestBody === "string") {
+            return this.sha256Hex(this.requestBody);
+        }
+        else
+            return this.sha256Hex(JSON.stringify(this.requestBody));
+    }
+    sha256Hex(body) {
+        return crypto_1.default.createHash("sha256").update(body).digest("hex");
+    }
+    getCanonicalizedRequestString() {
+        return `${this.getCanonicalizedMethod()}
+${this.getCanonicalizedPath()}
+${this.getCanonicalizedQueryParams()}
+${this.getCanonicalizedHeaders()}
+${this.getCanonicalizedHashedHeaders()}
+${this.getCanonicalizedRequestBody()}`;
+    }
+    create() {
+        return this.sha256Hex(this.getCanonicalizedRequestString());
+    }
+}
+exports.default = RequestCanonicalizer;

package/lib/jwt/validation/ValidationToken.d.ts

@@ -0,0 +1,45 @@
+import { ValidationClientOptions } from "../../base/ValidationClient";
+import RequestCanonicalizer from "./RequestCanonicalizer";
+import jwt, { Algorithm } from "jsonwebtoken";
+declare class ValidationToken {
+    static readonly DEFAULT_ALGORITHM: "RS256";
+    static readonly ALGORITHMS: readonly [jwt.Algorithm, jwt.Algorithm];
+    private readonly _accountSid;
+    private readonly _credentialSid;
+    private readonly _signingKey;
+    private readonly _privateKey;
+    private readonly _algorithm;
+    ttl: number;
+    get accountSid(): string;
+    get credentialSid(): string;
+    get signingKey(): string;
+    get privateKey(): string;
+    get algorithm(): Algorithm;
+    /**
+     * @constructor
+     * @param opts - The Options used to configure the ValidationToken
+     * @param opts.accountSid - The account SID
+     * @param opts.credentialSid - The credential SID for public key submitted to Twilio
+     * @param opts.signingKey - The signing key
+     * @param opts.privateKey - The private key for signing the token
+     * @param opts.algorithm - The algorithm to use for signing the token
+     * @param opts.ttl - The time to live for the token in seconds
+     */
+    constructor(opts: ValidationClientOptions);
+    /**
+     * Generates a `RequestCanonicalizer` instance for the given HTTP request.
+     *
+     * @param request - The HTTP request object containing details such as headers, URL, method, query parameters, and body.
+     * @throws {Error} If the request URL or method is missing.
+     * @returns {RequestCanonicalizer} - An instance of `RequestCanonicalizer` initialized with the canonicalized request details.
+     */
+    getRequestCanonicalizer(request: any): RequestCanonicalizer;
+    /**
+     * Generate a JWT token to include in the request header for PKCV
+     * @param request - The request object
+     * @returns {string} - The JWT token
+     */
+    fromHttpRequest(request: any): string;
+}
+declare namespace ValidationToken { }
+export = ValidationToken;

package/lib/jwt/validation/ValidationToken.js

@@ -0,0 +1,121 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+const RequestCanonicalizer_1 = __importDefault(require("./RequestCanonicalizer"));
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+class ValidationToken {
+    get accountSid() {
+        return this._accountSid;
+    }
+    get credentialSid() {
+        return this._credentialSid;
+    }
+    get signingKey() {
+        return this._signingKey;
+    }
+    get privateKey() {
+        return this._privateKey;
+    }
+    get algorithm() {
+        return this._algorithm;
+    }
+    /**
+     * @constructor
+     * @param opts - The Options used to configure the ValidationToken
+     * @param opts.accountSid - The account SID
+     * @param opts.credentialSid - The credential SID for public key submitted to Twilio
+     * @param opts.signingKey - The signing key
+     * @param opts.privateKey - The private key for signing the token
+     * @param opts.algorithm - The algorithm to use for signing the token
+     * @param opts.ttl - The time to live for the token in seconds
+     */
+    constructor(opts) {
+        if (!opts.accountSid) {
+            throw new Error("accountSid is required");
+        }
+        if (!opts.credentialSid) {
+            throw new Error("credentialSid is required");
+        }
+        if (!opts.signingKey) {
+            throw new Error("signingKey is required");
+        }
+        if (!opts.privateKey) {
+            throw new Error("privateKey is required");
+        }
+        const algorithm = opts.algorithm ?? ValidationToken.DEFAULT_ALGORITHM; // default to RS256;
+        if (!ValidationToken.ALGORITHMS.includes(algorithm)) {
+            throw new Error("Algorithm not supported. Allowed values are " +
+                ValidationToken.ALGORITHMS.join(", "));
+        }
+        this._accountSid = opts.accountSid;
+        this._credentialSid = opts.credentialSid;
+        this._signingKey = opts.signingKey;
+        this._privateKey = opts.privateKey;
+        this._algorithm = algorithm;
+        this.ttl = 300;
+    }
+    /**
+     * Generates a `RequestCanonicalizer` instance for the given HTTP request.
+     *
+     * @param request - The HTTP request object containing details such as headers, URL, method, query parameters, and body.
+     * @throws {Error} If the request URL or method is missing.
+     * @returns {RequestCanonicalizer} - An instance of `RequestCanonicalizer` initialized with the canonicalized request details.
+     */
+    getRequestCanonicalizer(request) {
+        const headers = request.headers ?? {};
+        const requestUrl = request.url;
+        const method = request.method;
+        const queryParams = request.params;
+        const requestBody = request.data;
+        if (!requestUrl) {
+            throw new Error("Url is required");
+        }
+        if (!method) {
+            throw new Error("Method is required");
+        }
+        const url = new URL(requestUrl);
+        let signedHeaders = {
+            host: url.host,
+            authorization: headers["Authorization"],
+        };
+        return new RequestCanonicalizer_1.default(method, url.pathname, queryParams, requestBody, signedHeaders);
+    }
+    /**
+     * Generate a JWT token to include in the request header for PKCV
+     * @param request - The request object
+     * @returns {string} - The JWT token
+     */
+    fromHttpRequest(request) {
+        try {
+            const requestCanonicalizer = this.getRequestCanonicalizer(request);
+            const canonicalizedRequest = requestCanonicalizer.create();
+            const header = {
+                cty: "twilio-pkrv;v=1",
+                typ: "JWT",
+                alg: this._algorithm,
+                kid: this._credentialSid,
+            };
+            const payload = {
+                iss: this._signingKey,
+                sub: this._accountSid,
+                hrh: requestCanonicalizer.getCanonicalizedHashedHeaders(),
+                rqh: canonicalizedRequest,
+            };
+            return jsonwebtoken_1.default.sign(payload, this._privateKey, {
+                header: header,
+                algorithm: this._algorithm,
+                expiresIn: this.ttl,
+            });
+        }
+        catch (err) {
+            throw new Error("Error generating JWT token " + err);
+        }
+    }
+}
+ValidationToken.DEFAULT_ALGORITHM = "RS256";
+ValidationToken.ALGORITHMS = [
+    "RS256",
+    "PS256",
+];
+module.exports = ValidationToken;

package/lib/rest/accounts/v1/bulkConsents.d.ts

@@ -5,7 +5,7 @@ import V1 from "../V1";
  * Options to pass to create a BulkConsentsInstance
  */
 export interface BulkConsentsListInstanceCreateOptions {
-    /** This is a list of objects that describes a contact\\\'s opt-in status. Each object contains the following fields: `contact_id`, which must be a string representing phone number in [E.164 format](https://www.twilio.com/docs/glossary/what-e164); `correlation_id`, a unique 32-character UUID used to uniquely map the request item with the response item; `sender_id`, which can be either a valid messaging service SID or a from phone number; `status`, a string representing the consent status. Can be one of [`opt-in`, `opt-out`]; and `source`, a string indicating the medium through which the consent was collected. Can be one of [`website`, `offline`, `opt-in-message`, `opt-out-message`, `others`]. */
+    /** This is a list of objects that describes a contact\\\'s opt-in status. Each object contains the following fields: `contact_id`, which must be a string representing phone number in [E.164 format](https://www.twilio.com/docs/glossary/what-e164); `correlation_id`, a unique 32-character UUID used to uniquely map the request item with the response item; `sender_id`, which can be either a valid messaging service SID or a from phone number; `status`, a string representing the consent status. Can be one of [`opt-in`, `opt-out`]; `source`, a string indicating the medium through which the consent was collected. Can be one of [`website`, `offline`, `opt-in-message`, `opt-out-message`, `others`]; `date_of_consent`, an optional datetime string field in ISO-8601 format that captures the exact date and time when the user gave or revoked consent. If not provided, it will be empty. */
     items: Array<object>;
 }
 export interface BulkConsentsSolution {