search

twilio / twilio-go

A Go package for communicating with the Twilio API.
MIT License
272 stars 40 forks source link

`PathAccountSid` in `CreateMessageParams` #183

Closed KaranAhlawat closed 1 year ago

KaranAhlawat commented 1 year ago

Issue Summary

Ambiguity regarding the expected behaviour of PathAccountSid parameter on the CreateMessageParams struct. The Twilio client is initialized on application startup, using our organization's Account SID and Auth Token.

Our application requires us to be able to send messages from other accounts as well, which have different phone numbers, Account SIDs and Auth Tokens.

I tried passing the Account SID of the From phone number as the PathAccountSid field, thinking that was the logical thing to do, but since the credentials with which the client was created are different, the Twilio REST API throws an authentication error. The only way I've found to deal with this is to create a new client with the desired Account SID and Auth Token. Since I've found this to be the case so far, I'm unsure as to what the PathAccountSid field is supposed to do.

Steps to Reproduce

  1. Have multiple Twilio accounts (let's say A and B).
  2. Create a REST client with A account's Auth token and Account SID
  3. Try to send SMS from B account's phone number, passing B's account SID as PathAccountSid.
  4. Send request using the client created in step 2

Code Snippet

func NewTwilioClient(username, password string) *TwilioClient {
    twilioClient := twilio.NewRestClientWithParams(twilio.ClientParams{
        Username: username,
        Password: password,
    })
    return &TwilioClient{Twilio: twilioClient}
}

This creates a REST client some account's SID and auth token.

func (r *TwilioClient) CreateTwilioMessage(targetNumber, fromNumber, message string) (*openapi.ApiV2010Message, error) {
    statusCallback := configuration.ServiceURL.Message + "/status"
    otherSid := "xxxx"
    params := &openapi.CreateMessageParams{
        PathAccountSid: &otherSid,
        Body:           &message,
        From:           &fromNumber,
        To:             &targetNumber,
        StatusCallback: &statusCallback,
    }

    messages, err := r.Twilio.Api.CreateMessage(params)
    if err != nil {
        logs.Error("Error while creating message:", err.Error())
        return nil, err
    }
    return messages, nil
}

This tries to create a message using other account's phone number.

Exception/Log

https://www.twilio.com/docs/api/errors/20003

claudiachua commented 1 year ago

Hi @KaranAhlawat , PathAccountSid is not needed when constructing CreateMessageParams. It will be handled by the api with the credentials you entered in NewTwilioClient.

Also, it would be advised to remove the otherSid value from your example above and replace it with 'xxxx'

KaranAhlawat commented 1 year ago

@claudiachua Thanks for the reply, and the advise. Updated my snippet.

As for the question, I understand it is not needed. So would the best possible solution be to recreate the client on each request with the appropriate credentials?

rakatyal commented 1 year ago

@KaranAhlawat : Looks like you need to use a subaccount? https://github.com/twilio/twilio-go#using-subaccount

KaranAhlawat commented 1 year ago

I've adapted my application accordingly. To leave the gist of it for future readers, you can either create a Twilio client on a per-request basis, or have all your numbers under a single account SID. Closing this now.