具有基本身份验证的Twilio C#recordingStatusCallback uri

时间:2018-08-08 02:55:26

标签: c# twilio twilio-api

到目前为止,我的整个C#/ Twilio应用程序一直在完美地使用带有基本身份验证的HTTPS。我正在使用C#TwiML包装器类来创建并返回拨号TwiML命令。

    var helper = new UrlHelper(Request.RequestContext);
    var recordingUri = helper.ActionUri("Process", "RecordingCallBack");
    var vr = new VoiceResponse();
    var dial = new Dial("xxx-xxx-xxxx", record: record, timeout: 15,recordingStatusCallback: recordingUri, 
            recordingStatusCallbackEvent: recEvent, recordingStatusCallbackMethod:HttpMethod.Get);
    return TwiML(vr.Append(dial));

问题在于,正在返回401未经授权的recordingStatusCallback,并且永远不会发送具有适当凭据的后续请求。当我将动作移至不受保护的控制器时,请求可以正常处理,但我不想暴露此端点。如何使用基本身份验证配置录音回叫网址?

1 个答案:

答案 0 :(得分:1)

使用@Chetan Ranpariya的上述注释,我创建了以下验证属性:

[AttributeUsage(AttributeTargets.Method)]
public class ValidateTwilioRequestAttribute : ActionFilterAttribute
{
    private readonly RequestValidator _requestValidator;

    public ValidateTwilioRequestAttribute()
    {
        var authToken = ConfigurationManager.AppSettings["TwilioAuthToken"];
        _requestValidator = new RequestValidator(authToken);
    }

    public override void OnActionExecuting(ActionExecutingContext actionContext)
    {
        var context = actionContext.HttpContext;
        if (!IsValidRequest(context.Request))
        {
            actionContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
        }

        base.OnActionExecuting(actionContext);
    }

    private bool IsValidRequest(HttpRequestBase request)
    {
        var signature = request.Headers["X-Twilio-Signature"];
        var requestUrl = request.Url.AbsoluteUri;
        return _requestValidator.Validate(requestUrl, request.Form, signature);
    }
}

并相应地装饰了我的回叫操作:

    [ValidateTwilioRequest]
    public ActionResult Process()
    {
       //do call back work
    }
相关问题
最新问题