Flex JWE Token Validator provides an easy way to validate a Flex JWE token.
Install with npm install twilio-flex-token-validator.
You can use this validator either within a Twilio Function, or into any NodeJS application.
First visit Twilio Function Configuration and add twilio-flex-token-validator as an NPM package. On the same page, enable the checkbox Enable ACCOUNT_SID and AUTH_TOKEN.
In your Twilio Function, wrap your main handler with this validator:
const TokenValidator = require('twilio-flex-token-validator').functionValidator;
exports.handler = TokenValidator(function(context, event, callback) {
// Your normal Twilio Function goes here.
// This block will only be called if your token is validated, otherwise it returns a 403.
});This validator assumes that the token is provided as the Token key. The successful result of the token validation is added to event.TokenResult.
Make sure the checkbox Check for valid Twilio signature is disabled. This token validator will handle the authentication of the request instead.
You can also use this validator inside any existing Node servers:
const TokenValidator = require('twilio-flex-token-validator').validator;
TokenValidator(token, accountSid, authToken)
.then(tokenResult => {
// validated
})
.catch(err => {
// validation failed
});The validated token result will contain the following data:
{
"valid": true,
"code": 0,
"message": null,
"expiration": "2018-09-24T23:22:44.240Z",
"realm_user_id": "user@example.com",
"identity": "user_40example_2Dcom",
"roles":[
"agent"
],
"worker_sid": "WKxxx"
}Check out CONTRIBUTING for more information on how to contribute to this project.
Twilio Flex Token Validator is licensed under MIT.