Gathering detailed insights and metrics for twilio-flex-token-validator
Gathering detailed insights and metrics for twilio-flex-token-validator
Installations
npm install twilio-flex-token-validatorDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10
Node Version
16.20.0
NPM Version
8.19.4
Releases
Unable to fetch releases
Languages
3
TypeScript
JavaScript
Shell
TypeScript (91.79%)
JavaScript (6.95%)
Shell (1.26%)
Developer
twilio
Download Statistics
Total Downloads
3,149,442
Last Day
5,525
Last Week
30,943
Last Month
129,605
Last Year
1,024,767
GitHub Statistics
MIT License
17 Stars
84 Commits
12 Forks
10 Watchers
4 Branches
16 Contributors
Updated on Jul 21, 2023
Bundle Size
3.67 kB
Minified
1.66 kB
Minified + Gzipped
Package Meta Information
Latest Version
1.6.0
Package Id
twilio-flex-token-validator@1.6.0
Unpacked Size
18.62 kB
Size
6.11 kB
File Count
6
NPM Version
8.19.4
Node Version
16.20.0
Published on
Jun 21, 2024
Total Downloads
Cumulative downloads
Total Downloads
3,149,442
Last Day
60.5%
5,525
Compared to previous day
Last Week
6.3%
30,943
Compared to previous week
Last Month
-18.1%
129,605
Compared to previous month
Last Year
16.2%
1,024,767
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Twilio Flex Token Validator
Flex JWE Token Validator provides an easy way to validate a Flex JWE token.
Usage
Install with npm install twilio-flex-token-validator.
You can use this validator either within a Twilio Function, or into any NodeJS application.
Using in Twilio Function
First visit Twilio Function Configuration and add twilio-flex-token-validator as an NPM package. On the same page, enable the checkbox Enable ACCOUNT_SID and AUTH_TOKEN.
In your Twilio Function, wrap your main handler with this validator:
1const TokenValidator = require('twilio-flex-token-validator').functionValidator; 2 3exports.handler = TokenValidator(function(context, event, callback) { 4 // Your normal Twilio Function goes here. 5 // This block will only be called if your token is validated, otherwise it returns a 403. 6});
This validator assumes that the token is provided as the Token key. The successful result of the token validation is added to event.TokenResult.
Make sure the checkbox Check for valid Twilio signature is disabled. This token validator will handle the authentication of the request instead.
Using in any NodeJS application
You can also use this validator inside any existing Node servers:
1const TokenValidator = require('twilio-flex-token-validator').validator; 2 3TokenValidator(token, accountSid, authToken) 4 .then(tokenResult => { 5 // validated 6 }) 7 .catch(err => { 8 // validation failed 9 });
Token Result
The validated token result will contain the following data:
1{ 2 "valid": true, 3 "code": 0, 4 "message": null, 5 "expiration": "2018-09-24T23:22:44.240Z", 6 "realm_user_id": "user@example.com", 7 "identity": "user_40example_2Dcom", 8 "roles":[ 9 "agent" 10 ], 11 "worker_sid": "WKxxx" 12}
Contributing
Check out CONTRIBUTING for more information on how to contribute to this project.
License
Twilio Flex Token Validator is licensed under MIT.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 7/17 approved changesets -- score normalized to 4
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 20 are checked with a SAST tool
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.6
/10
Last Scanned on 2025-04-28
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More