def setUp(self):
self.account_sid = "AC123"
self.auth_token = "foobar"
self.workspace_sid = "WS456"
self.capability = WorkspaceCapabilityToken(self.account_sid,
self.auth_token,
self.workspace_sid)
def test_pass_policy_in_constructor(self):
self.capability = WorkspaceCapabilityToken(self.account_sid, self.auth_token,
self.workspace_sid,
allow_update_subresources=True)
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 4)
# confirm the additional policy generated with allow_update_subresources()
policy = policies[3]
self.check_policy('POST', "https://taskrouter.twilio_code.com/v1/Workspaces/WS456/**", policy)
def test_generate_token_with_default_ttl(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
self.assertAlmostEqual(int(time.time()) + 3600, decoded.valid_until, delta=5)
def test_generate_token(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
self.check_decoded(decoded.payload, self.account_sid, self.workspace_sid, self.workspace_sid)
def get_workspace_token(worker_sid):
capability = WorkspaceCapabilityToken(
account_sid=settings.TWILIO_ACCOUNT_SID,
auth_token=settings.TWILIO_AUTH_TOKEN,
workspace_sid=get_workspace().sid,
)
capability.allow_fetch_subresources()
capability.allow_update_subresources()
capability.allow_delete_subresources()
# Expire token in five minutes
expiration = 300
token = capability.to_jwt(ttl=expiration)
# Cache the token, set to expire when the token expires
cache.set('tokens:workspaces:{}'.format(worker_sid), token, expiration)
return token
def test_allow_fetch_subresources(self):
self.capability.allow_fetch_subresources()
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 4)
# confirm the additional policy generated with allow_fetch_subresources()
policy = policies[3]
self.check_policy('GET', "https://taskrouter.twilio_code.com/v1/Workspaces/WS456/**", policy)
def test_default(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 3)
for method, url, policy in [
('GET', "https://event-bridge.twilio_code.com/v1/wschannels/AC123/WS456", policies[0]),
('POST', "https://event-bridge.twilio_code.com/v1/wschannels/AC123/WS456", policies[1]),
('GET', "https://taskrouter.twilio_code.com/v1/Workspaces/WS456", policies[2])
]:
yield self.check_policy, method, url, policy
def get_workspace_token():
workspace_sid = get_workspace().sid
logger.info(f'Generating Workspace token for {workspace_sid}')
token = WorkspaceCapabilityToken(
account_sid=settings.TWILIO_ACCOUNT_SID,
auth_token=settings.TWILIO_AUTH_TOKEN,
workspace_sid=workspace_sid,
)
token.allow_fetch_subresources()
token.allow_update_subresources()
token.allow_delete_subresources()
# Expire token in three minutes
expiration = 180
jwt_token = token.to_jwt(ttl=expiration).decode("utf-8")
# Cache the token, set to expire after the token expires
cache.set(f'tokens:workspaces:{workspace_sid}', jwt_token, expiration)
return jwt_token
class WorkspaceCapabilityTokenTest(unittest.TestCase):
def check_policy(self, method, url, policy):
self.assertEqual(url, policy['url'])
self.assertEqual(method, policy['method'])
self.assertTrue(policy['allow'])
self.assertEqual({}, policy['query_filter'])
self.assertEqual({}, policy['post_filter'])
def check_decoded(self,
decoded,
account_sid,
workspace_sid,
channel_id,
channel_sid=None):
self.assertEqual(decoded["iss"], account_sid)
self.assertEqual(decoded["account_sid"], account_sid)
self.assertEqual(decoded["workspace_sid"], workspace_sid)
self.assertEqual(decoded["channel"], channel_id)
self.assertEqual(decoded["version"], "v1")
self.assertEqual(decoded["friendly_name"], channel_id)
if 'worker_sid' in decoded.keys():
self.assertEqual(decoded['worker_sid'], channel_sid)
if 'taskqueue_sid' in decoded.keys():
self.assertEqual(decoded['taskqueue_sid'], channel_sid)
def setUp(self):
self.account_sid = "AC123"
self.auth_token = "foobar"
self.workspace_sid = "WS456"
self.capability = WorkspaceCapabilityToken(self.account_sid,
self.auth_token,
self.workspace_sid)
def test_generate_token(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
self.check_decoded(decoded.payload, self.account_sid,
self.workspace_sid, self.workspace_sid)
def test_generate_token_with_default_ttl(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
self.assertAlmostEqual(int(time.time()) + 3600,
decoded.valid_until,
delta=5)
def test_generate_token_with_custom_ttl(self):
ttl = 10000
token = self.capability.to_jwt(ttl=ttl)
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
self.assertAlmostEqual(int(time.time()) + 10000,
decoded.valid_until,
delta=5)
def test_default(self):
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 3)
for method, url, policy in [
('GET',
"https://event-bridge.twilio.com/v1/wschannels/AC123/WS456",
policies[0]),
('POST',
"https://event-bridge.twilio.com/v1/wschannels/AC123/WS456",
policies[1]),
('GET', "https://taskrouter.twilio.com/v1/Workspaces/WS456",
policies[2])
]:
yield self.check_policy, method, url, policy
def test_allow_fetch_subresources(self):
self.capability.allow_fetch_subresources()
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 4)
# confirm the additional policy generated with allow_fetch_subresources()
policy = policies[3]
self.check_policy(
'GET', "https://taskrouter.twilio.com/v1/Workspaces/WS456/**",
policy)
def test_allow_updates_subresources(self):
self.capability.allow_update_subresources()
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 4)
# confirm the additional policy generated with allow_update_subresources()
policy = policies[3]
self.check_policy(
'POST', "https://taskrouter.twilio.com/v1/Workspaces/WS456/**",
policy)
def test_pass_policy_in_constructor(self):
self.capability = WorkspaceCapabilityToken(
self.account_sid,
self.auth_token,
self.workspace_sid,
allow_update_subresources=True)
token = self.capability.to_jwt()
self.assertNotEqual(None, token)
decoded = WorkspaceCapabilityToken.from_jwt(token, self.auth_token)
self.assertNotEqual(None, decoded)
policies = decoded.payload['policies']
self.assertEqual(len(policies), 4)
# confirm the additional policy generated with allow_update_subresources()
policy = policies[3]
self.check_policy(
'POST', "https://taskrouter.twilio.com/v1/Workspaces/WS456/**",
policy)
# Download the Python helper library from twilio.com/docs/python/install
from twilio.jwt.taskrouter.capabilities import WorkspaceCapabilityToken
# Your Account Sid and Auth Token from twilio.com/user/account
account_sid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
auth_token = "your_auth_token"
workspace_sid = "WSXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
capability = WorkspaceCapabilityToken(account_sid=account_sid,
auth_token=auth_token,
workspace_sid=workspace_sid)
capability.allow_fetch_subresources()
capability.allow_update_subresources()
capability.allow_delete_subresources()
token = capability.to_jwt()
# By default, tokens are good for one hour.
# Override this default timeout by specifiying a new value (in seconds).
# For example, to generate a token good for 8 hours:
# 60 * 60 * 8 = 28800
token = capability.to_jwt(ttl=28800)
print(token)
# Download the Python helper library from twilio.com/docs/python/install
from twilio.jwt.taskrouter.capabilities import WorkspaceCapabilityToken
# Your Account Sid and Auth Token from twilio.com/user/account
account_sid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
auth_token = "your_auth_token"
workspace_sid = "WSXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
capability = WorkspaceCapabilityToken(
account_sid=account_sid,
auth_token=auth_token,
workspace_sid=workspace_sid
)
capability.allow_fetch_subresources()
capability.allow_update_subresources()
capability.allow_delete_subresources()
token = capability.to_jwt()
# By default, tokens are good for one hour.
# Override this default timeout by specifiying a new value (in seconds).
# For example, to generate a token good for 8 hours:
# 60 * 60 * 8 = 28800
token = capability.to_jwt(ttl=28800)
print(token)