chore: add public key client validation #1088
Conversation
|
| @@ -382,6 +412,18 @@ namespace RequestClient { | |||
| * Maximum number of request retries for 429 Error responses. Defaults to 3. | |||
| */ | |||
| maxRetries?: number; | |||
| /** | |||
| * Validation client for PKCV | |||
There was a problem hiding this comment.
Elaborate a bit further the use case for introducing ValidationClient. Give some doc links.
|
|
||
| getCanonicalizedRequestString(): string { | ||
| let canonicalizedRequest = ""; | ||
| canonicalizedRequest += this.getCanonicalizedMethod() + "\n"; |
There was a problem hiding this comment.
Use template literals to do concatenation
| class RequestCanonicalizer { | ||
| method: string; | ||
| uri: string; | ||
| queryParams: any; |
There was a problem hiding this comment.
Suggested changes
queryParams: Record<string, string>
headers: Record<string, string>
Since they are a map of String to String.
| return ""; | ||
| } | ||
| // sort query params on the basis of '{key}={value}' | ||
| const sortedQueryParams = Object.entries(this.queryParams) |
There was a problem hiding this comment.
If we make queryParams of format Racord<String, String>, it will be easier to serialize
| class ValidationToken implements ValidationToken.ValidationTokenOptions { | ||
| static DEFAULT_ALGORITHM: "RS256" = "RS256"; | ||
| static ALGORITHMS = ["RS256", "PS256"]; | ||
| accountSid: string; |
There was a problem hiding this comment.
What is the visibility of these fields?
Please mark them private if it is not be default
|
|
||
| /** | ||
| * @constructor | ||
| * @param opts - The options for the ValidationToken |
There was a problem hiding this comment.
| * @param opts - The options for the ValidationToken | |
| * @param opts - The Options used to configure the ValidationToken |
| this.algorithm = algorithm; | ||
| this.ttl = 300; | ||
| } | ||
|
|
There was a problem hiding this comment.
| /** | |
| * Generates a `RequestCanonicalizer` instance for the given HTTP request. | |
| * | |
| * @param request - The HTTP request object containing details such as headers, URL, method, query parameters, and body. | |
| * @throws {Error} If the request URL or method is missing. | |
| * @returns {RequestCanonicalizer} - An instance of `RequestCanonicalizer` initialized with the canonicalized request details. | |
| */ |
| } | ||
|
|
||
| /** | ||
| * Create JWT token to be added in the request header for PKCV |
There was a problem hiding this comment.
| * Create JWT token to be added in the request header for PKCV | |
| * Generate a JWT token to include in the request header for PKCV |
| function ValidationInterceptor( | ||
| validationClient: RequestClient.ValidationClient | ||
| ) { | ||
| return function (config: InternalAxiosRequestConfig) { |
There was a problem hiding this comment.
Where are we doing the exception handling?
| * @param request - The request object | ||
| * @returns {string} - The JWT token | ||
| */ | ||
| fromHttpRequest(request: any): string { |
There was a problem hiding this comment.
contains no exception handling
Fixes
Adds support for PKCV in Node. Reference doc.
ValidationClientto BaseTwilio ClientValidationClientis set, add request interceptor for adding Twilio client Validation headerValidationTokencreates the JWT token required to be added for Request Validation using keys and credentials.RequestCanonicalizercanonicalizes the request as per the examples/pkcv.js given in the PKCV docexamples/pkcv.jsfile for example use caseChecklist
If you have questions, please file a support ticket, or create a GitHub Issue in this repository.