Auth example - Githubissues

apburnes / hapi-auth-twilio-signature

Hapi.js plugin to authenticate Twilio webhooks requests.

1 stars 0 forks source link

Auth example #1

Open chrisblossom opened 10 years ago

chrisblossom commented 10 years ago

I am unable to get this plugin to work using the example. Any suggestions/help would be much appreciated!

apburnes commented 10 years ago

Where are you having trouble?

Throw up the code/error

chrisblossom commented 10 years ago

I first get:

Uncaught error: url is not defined

Then I define url and parms and end up with the following error:

Debug: hapi, internal, implementation, error
    TypeError: Uncaught error: Object.keys called on non-object

What I end up with (roughly): http://pastebin.com/ftyrnZqZ

apburnes commented 10 years ago

What are you using for a webhooks server?

I use https://ngrok.com/

I may have time tomorrow night to get into the nitty gritty because I have a side project I need to use the twilio auth with and its a good reason to get it working. Ideally, I want to open source a twilio webhook plugin route for hapi.

chrisblossom commented 10 years ago

ngrok, Version 1.7/1.6 (copied from the app).

The Twilio auth solution found here: https://github.com/crabasa/node-hapi-twilio-part1 but seems kinda messy with several routes.

apburnes commented 10 years ago

Your validate function should only take two arguments. The first one is the signature used to validate the the twilio request and the second is the callback. Remove the request arg. The request is handled via the handler function.

apburnes commented 10 years ago

Checkout the test's validateFunc

https://github.com/apburnes/hapi-auth-twilio-signature/blob/master/test/index.js#L14-L34

chrisblossom commented 10 years ago

I removed the request as you suggested, but I am still getting the 'TypeError: Uncaught error: Object.keys called on non-object' error.

var validate = function (signature, callback) {
    var url  = config.twilio.messagingUrl
    var params = 'webhooks'

    if (!signature) {
        return callback(null, false);
    }

    var credentials = twilio.validateRequest(token, signature, url, params);

    if (twilio.validateRequest(token, signature, url, params)) {
        callback(null, true, credentials);
    }
};

apburnes commented 10 years ago

If you console.log(signature) are you receiving the token from Twilio?

chrisblossom commented 10 years ago

Yes, I placed it right after signature was defined and it prints out the signature as expected, followed by the error.

...
  function authenticate(request, reply){
    var signature = request.headers[twilioSignature];
    console.log(signature);
    if(!signature){
      return reply(boom.badRequest('X-Twilio-Signature is not set', 'Twilio-Signature'));
    }
...

Also, when not using Twilio the plugin works as expected without error:

{"statusCode":400,"error":"Bad Request","message":"X-Twilio-Signature is not set"}

apburnes commented 10 years ago

Also, the twilio.validateRequest will return a boolean but hapi expects the credentials to be an object so that's probably where your getting the non-object error.