Merge pull request #131 from twilio-labs/trim-trailing-slash

Swimburger · web-flow · commit f02901dda7cd · 2023-05-11T17:08:47.000-04:00
Trim trailing slash from BaseUrlOverride
diff --git a/src/Twilio.AspNet.Core.UnitTests/ValidateTwilioRequestTests.cs b/src/Twilio.AspNet.Core.UnitTests/ValidateTwilioRequestTests.cs
@@ -27,7 +27,7 @@ public class ValidateTwilioRequestTests
         {
             AuthToken = "My Twilio:RequestValidation:AuthToken",
             AllowLocal = false,
-            BaseUrlOverride = "https://example.localhost"
+            BaseUrlOverride = "https://example.localhost/"
         }
     };
 
@@ -55,7 +55,7 @@ public async Task Validate_Request_Successfully(Type type)
             });
             c.Request.Headers.Add(
                 "X-Twilio-Signature", ValidationHelper.CalculateSignature(
-                    $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",
+                    $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",
                     ValidTwilioOptions.RequestValidation.AuthToken,
                     c.Request.Form
                 )
@@ -123,7 +123,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)
             });
             c.Request.Headers.Add(
                 "X-Twilio-Signature", ValidationHelper.CalculateSignature(
-                    $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",
+                    $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",
                     ValidTwilioOptions.RequestValidation.AuthToken,
                     c.Request.Form
                 )
@@ -138,7 +138,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)
             {
                 AuthToken = "My Twilio:RequestValidation:Updated Auth Token",
                 AllowLocal = false,
-                BaseUrlOverride = "https://example.local"
+                BaseUrlOverride = "https://example.local/"
             }
         };
 
@@ -160,7 +160,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)
             });
             c.Request.Headers.Add(
                 "X-Twilio-Signature", ValidationHelper.CalculateSignature(
-                    $"{updatedOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",
+                    $"{updatedOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",
                     updatedOptions.RequestValidation.AuthToken,
                     c.Request.Form
                 )
diff --git a/src/Twilio.AspNet.Core/RequestValidationDependencyInjectionExtensions.cs b/src/Twilio.AspNet.Core/RequestValidationDependencyInjectionExtensions.cs
@@ -20,21 +20,17 @@ public static IServiceCollection AddTwilioRequestValidation(this IServiceCollect
 
                 var requestValidationSection = config.GetSection("Twilio:RequestValidation");
                 requestValidationSection.Bind(options);
-                if (options.AuthToken == "") options.AuthToken = null;
-                if (options.BaseUrlOverride == "") options.BaseUrlOverride = null;
 
                 var authTokenFallback = twilioSection["AuthToken"];
-                if (options.AuthToken == null && string.IsNullOrEmpty(authTokenFallback) == false) 
+                if (string.IsNullOrEmpty(options.AuthToken) && !string.IsNullOrEmpty(authTokenFallback))
                     options.AuthToken = authTokenFallback;
             });
-            
             optionsBuilder.Services.AddSingleton<
                 IOptionsChangeTokenSource<TwilioRequestValidationOptions>,
                 ConfigurationChangeTokenSource<TwilioRequestValidationOptions>
             >();
-
-            Validate(optionsBuilder);
-
+            Sanitize(optionsBuilder); 
+            Validate(optionsBuilder); 
             return services;
         }
 
@@ -46,6 +42,7 @@ IConfiguration namedConfigurationSection
             var optionsBuilder = services.AddOptions<TwilioRequestValidationOptions>();
             optionsBuilder.Bind(namedConfigurationSection);
             Validate(optionsBuilder);
+            Sanitize(optionsBuilder);
             return services;
         }
 
@@ -55,14 +52,15 @@ public static IServiceCollection AddTwilioRequestValidation(
             Action<TwilioRequestValidationOptions> configureOptions
         )
             => AddTwilioRequestValidation(services, (_, options) => configureOptions(options));
-        
+
         public static IServiceCollection AddTwilioRequestValidation(
             this IServiceCollection services,
             Action<IServiceProvider, TwilioRequestValidationOptions> configureOptions
         )
         {
             var optionsBuilder = services.AddOptions<TwilioRequestValidationOptions>();
             optionsBuilder.Configure<IServiceProvider>((options, provider) => configureOptions(provider, options));
+            Sanitize(optionsBuilder);
             Validate(optionsBuilder);
             return services;
         }
@@ -79,11 +77,21 @@ TwilioRequestValidationOptions options
                 optionsToConfigure.AllowLocal = options.AllowLocal;
                 optionsToConfigure.BaseUrlOverride = options.BaseUrlOverride;
             });
-            
+            Sanitize(optionsBuilder);
             Validate(optionsBuilder);
             return services;
         }
 
+        private static void Sanitize(OptionsBuilder<TwilioRequestValidationOptions> optionsBuilder)
+        {
+            optionsBuilder.PostConfigure(options =>
+            {
+                if (options.AuthToken == "") options.AuthToken = null;
+                if (options.BaseUrlOverride == "") options.BaseUrlOverride = null;
+                if (options.BaseUrlOverride != null) options.BaseUrlOverride = options.BaseUrlOverride.TrimEnd('/');
+            });
+        }
+
         private static void Validate(OptionsBuilder<TwilioRequestValidationOptions> optionsBuilder)
         {
             optionsBuilder.Validate(
diff --git a/src/Twilio.AspNet.Core/RequestValidationHelper.cs b/src/Twilio.AspNet.Core/RequestValidationHelper.cs
@@ -1,4 +1,5 @@
-﻿using System.Collections.Generic;
+﻿using System;
+using System.Collections.Generic;
 using System.Linq;
 using System.Net;
 using System.Threading.Tasks;
diff --git a/src/Twilio.AspNet.Core/TwilioClientDependencyInjectionExtensions.cs b/src/Twilio.AspNet.Core/TwilioClientDependencyInjectionExtensions.cs
@@ -15,12 +15,10 @@ public static class TwilioClientDependencyInjectionExtensions
         public static IServiceCollection AddTwilioClient(this IServiceCollection services)
         {
             var optionsBuilder = services.AddOptions<TwilioClientOptions>();
-
             ConfigureDefaultOptions(optionsBuilder);
             PostConfigure(optionsBuilder);
             Validate(optionsBuilder);
             AddServices(services);
-
             return services;
         }
 
@@ -34,7 +32,6 @@ IConfiguration namedConfigurationSection
             PostConfigure(optionsBuilder);
             Validate(optionsBuilder);
             AddServices(services);
-
             return services;
         }
 
@@ -51,12 +48,10 @@ Action<IServiceProvider, TwilioClientOptions> configureOptions
         )
         {
             var optionsBuilder = services.AddOptions<TwilioClientOptions>();
-
             optionsBuilder.Configure<IServiceProvider>((options, provider) => configureOptions(provider, options));
             PostConfigure(optionsBuilder);
             Validate(optionsBuilder);
             AddServices(services);
-
             return services;
         }
 
@@ -82,7 +77,6 @@ TwilioClientOptions options
             PostConfigure(optionsBuilder);
             Validate(optionsBuilder);
             AddServices(services);
-
             return services;
         }
 
@@ -103,16 +97,9 @@ private static void ConfigureDefaultOptions(OptionsBuilder<TwilioClientOptions>
                 }
 
                 clientSection.Bind(options);
-                if (options.AccountSid == "") options.AccountSid = null;
-                if (options.AuthToken == "") options.AuthToken = null;
-                if (options.ApiKeySid == "") options.ApiKeySid = null;
-                if (options.ApiKeySecret == "") options.ApiKeySecret = null;
-                if (options.Region == "") options.Region = null;
-                if (options.Edge == "") options.Edge = null;
-                if (options.LogLevel == "") options.LogLevel = null;
 
                 var authTokenFallback = twilioSection["AuthToken"];
-                if (options.AuthToken == null && string.IsNullOrEmpty(authTokenFallback) == false) 
+                if (string.IsNullOrEmpty(options.AuthToken) && !string.IsNullOrEmpty(authTokenFallback)) 
                     options.AuthToken = authTokenFallback;
             });
             optionsBuilder.Services.AddSingleton<
@@ -122,7 +109,9 @@ private static void ConfigureDefaultOptions(OptionsBuilder<TwilioClientOptions>
         }
 
         private static void PostConfigure(OptionsBuilder<TwilioClientOptions> optionsBuilder)
-            => optionsBuilder.PostConfigure(ConfigureCredentialType);
+            => optionsBuilder
+                .PostConfigure(Sanitize)
+                .PostConfigure(ConfigureCredentialType);
 
         private static void AddServices(IServiceCollection services)
         {
@@ -137,6 +126,17 @@ private static void AddServices(IServiceCollection services)
             services.AddScoped<TwilioRestClient>(CreateTwilioClient);
         }
 
+        private static void Sanitize(TwilioClientOptions options)
+        {
+            if (options.AccountSid == "") options.AccountSid = null;
+            if (options.AuthToken == "") options.AuthToken = null;
+            if (options.ApiKeySid == "") options.ApiKeySid = null;
+            if (options.ApiKeySecret == "") options.ApiKeySecret = null;
+            if (options.Region == "") options.Region = null;
+            if (options.Edge == "") options.Edge = null;
+            if (options.LogLevel == "") options.LogLevel = null;
+        }
+        
         private static void Validate(OptionsBuilder<TwilioClientOptions> optionsBuilder)
         {
             optionsBuilder.Validate(
diff --git a/src/Twilio.AspNet.Mvc/ValidateRequestAttribute.cs b/src/Twilio.AspNet.Mvc/ValidateRequestAttribute.cs
@@ -42,15 +42,15 @@ protected virtual void ConfigureProperties()
                         ?? requestValidationConfiguration?.AuthToken
                         ?? throw new Exception("Twilio Auth Token not configured");
 
-            BaseUrlOverride = appSettings["twilio:requestValidation:baseUrlOverride"]
-                              ?? requestValidationConfiguration?.BaseUrlOverride;
-            if (BaseUrlOverride != null) BaseUrlOverride = BaseUrlOverride.TrimEnd('/');
+            BaseUrlOverride = (appSettings["twilio:requestValidation:baseUrlOverride"]
+                               ?? requestValidationConfiguration?.BaseUrlOverride)
+                ?.TrimEnd('/');
 
             var allowLocalAppSetting = appSettings["twilio:requestValidation:allowLocal"];
             AllowLocal = allowLocalAppSetting != null
                 ? bool.Parse(allowLocalAppSetting)
                 : requestValidationConfiguration?.AllowLocal
-                ?? false;
+                  ?? false;
         }
 
         public override void OnActionExecuting(ActionExecutingContext filterContext)

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ public class ValidateTwilioRequestTests`
`27`	`27`	`{`
`28`	`28`	`AuthToken = "My Twilio:RequestValidation:AuthToken",`
`29`	`29`	`AllowLocal = false,`
`30`		`- BaseUrlOverride = "https://example.localhost"`
	`30`	`+ BaseUrlOverride = "https://example.localhost/"`
`31`	`31`	`}`
`32`	`32`	`};`
`33`	`33`
`@@ -55,7 +55,7 @@ public async Task Validate_Request_Successfully(Type type)`
`55`	`55`	`});`
`56`	`56`	`c.Request.Headers.Add(`
`57`	`57`	`"X-Twilio-Signature", ValidationHelper.CalculateSignature(`
`58`		`- $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",`
	`58`	`+ $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",`
`59`	`59`	`ValidTwilioOptions.RequestValidation.AuthToken,`
`60`	`60`	`c.Request.Form`
`61`	`61`	`)`
`@@ -123,7 +123,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)`
`123`	`123`	`});`
`124`	`124`	`c.Request.Headers.Add(`
`125`	`125`	`"X-Twilio-Signature", ValidationHelper.CalculateSignature(`
`126`		`- $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",`
	`126`	`+ $"{ValidTwilioOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",`
`127`	`127`	`ValidTwilioOptions.RequestValidation.AuthToken,`
`128`	`128`	`c.Request.Form`
`129`	`129`	`)`
`@@ -138,7 +138,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)`
`138`	`138`	`{`
`139`	`139`	`AuthToken = "My Twilio:RequestValidation:Updated Auth Token",`
`140`	`140`	`AllowLocal = false,`
`141`		`- BaseUrlOverride = "https://example.local"`
	`141`	`+ BaseUrlOverride = "https://example.local/"`
`142`	`142`	`}`
`143`	`143`	`};`
`144`	`144`
`@@ -160,7 +160,7 @@ public async Task Validate_Request_With_ReloadOnChange(Type type)`
`160`	`160`	`});`
`161`	`161`	`c.Request.Headers.Add(`
`162`	`162`	`"X-Twilio-Signature", ValidationHelper.CalculateSignature(`
`163`		`- $"{updatedOptions.RequestValidation.BaseUrlOverride}{c.Request.Path}",`
	`163`	`+ $"{updatedOptions.RequestValidation.BaseUrlOverride.TrimEnd('/')}{c.Request.Path}",`
`164`	`164`	`updatedOptions.RequestValidation.AuthToken,`
`165`	`165`	`c.Request.Form`
`166`	`166`	`)`