Merge pull request #105 from twilio-labs/releases/v7

Merge v7 changes into main

README.md

@@ -374,6 +374,46 @@ app.MapPost("/sms", () => ...)
     .AddEndpointFilter<ValidateTwilioRequestFilter>();
 ```
 
+##### ASP.NET Core Middleware
+When you can't use the `[ValidateRequest]` filter or `ValidateTwilioRequestFilter`, you can use the `ValidateTwilioRequestMiddleware` instead.
+You can add add the `ValidateTwilioRequestFilter` like this:
+
+```csharp
+app.UseTwilioRequestValidation();
+// or the equivalent: app.UseMiddleware<ValidateTwilioRequestMiddleware>();
+```
+
+This middleware will perform the validation for all requests. 
+If you don't want to apply the validation to all requests, you can use `app.UseWhen()` to run the middleware conditionally.
+
+Here's an example of how to validate requests that start with path _/twilio-media_, as to protect media files that only the Twilio Proxy should be able to access:
+
+```csharp
+using System.Net;
+using Microsoft.Extensions.FileProviders;
+using Microsoft.Extensions.Options;
+using Twilio.AspNet.Core;
+
+var builder = WebApplication.CreateBuilder(args);
+
+builder.Services.AddTwilioRequestValidation();
+
+var app = builder.Build();
+
+app.UseWhen(
+    context => context.Request.Path.StartsWithSegments("/twilio-media", StringComparison.OrdinalIgnoreCase),
+    app => app.UseTwilioRequestValidation()
+);
+
+app.UseStaticFiles(new StaticFileOptions
+{
+    FileProvider = new PhysicalFileProvider(Path.Combine(builder.Environment.ContentRootPath, "TwilioMedia")),
+    RequestPath = "/twilio-media"
+});
+
+app.Run();
+```
+
 #### Validate requests in ASP.NET MVC on .NET Framework
 
 In your _Web.config_ you can configure request validation like shown below:
@@ -441,7 +481,7 @@ public class SmsController : TwilioController
 }
 ```
 
-#### Validate requests outside of MVC
+#### Validate requests using the RequestValidationHelper
 
 The `[ValidateRequest]` attribute only works for MVC. If you need to validate requests outside of MVC, you can use the `RequestValidationHelper` class provided by `Twilio.AspNet`.
 Alternatively, the `RequestValidator` class from the [Twilio SDK](https://github.com/twilio/twilio-csharp) can also help you with this.
@@ -487,8 +527,7 @@ bool IsValidTwilioRequest(HttpContext httpContext)
         urlOverride = $"{options.BaseUrlOverride.TrimEnd('/')}{request.Path}{request.QueryString}";
     }
 
-    var validator = new RequestValidationHelper();
-    return validator.IsValidRequest(httpContext, options.AuthToken, urlOverride, options.AllowLocal ?? true);
+    return RequestValidationHelper.IsValidRequest(httpContext, options.AuthToken, urlOverride, options.AllowLocal ?? true);
 }
 ```
 

src/Twilio.AspNet.Common/SmsRequest.cs

@@ -3,11 +3,16 @@ namespace Twilio.AspNet.Common
     /// <summary>
     /// This class can be used as the parameter on your SMS action. Incoming parameters will be bound here.
     /// </summary>
-    /// <remarks>http://www.twilio.com/docs/api/twiml/sms/twilio_request</remarks>
+    /// <remarks>https://www.twilio.com/docs/messaging/guides/webhook-request</remarks>
     public class SmsRequest : TwilioRequest
     {
         /// <summary>
-        /// A 34 character unique identifier for the message. May be used to later retrieve this message from the REST API
+        /// A 34 character unique identifier for the message. May be used to later retrieve this message from the REST API.
+        /// </summary>
+        public string MessageSid { get; set; }
+
+        /// <summary>
+        /// Same value as MessageSid. Deprecated and included for backward compatibility.
         /// </summary>
         public string SmsSid { get; set; }
 
@@ -30,6 +35,15 @@ public class SmsRequest : TwilioRequest
         /// A unique identifier of the messaging service
         /// </summary>
         public string MessagingServiceSid { get; set; }
-
+
+        /// <summary>
+        /// The number of media items associated with your message
+        /// </summary>
+        public int NumMedia { get; set; }
+
+        /// <summary>
+        /// The number of media items associated with a "Click to WhatsApp" advertisement.
+        /// </summary>
+        public int ReferralNumMedia { get; set; }
     }
 }

src/Twilio.AspNet.Common/SmsStatusCallbackRequest.cs

@@ -7,7 +7,7 @@ public class SmsStatusCallbackRequest: SmsRequest
         /// status is failed or undelivered, the ErrorCode can give you more information 
         /// about the failure. If the message was delivered successfully, no ErrorCode 
         /// will be present. Find the possible values here:
-        /// https://www.twilio.com/docs/sms/api/message#delivery-related-errors
+        /// https://www.twilio.com/docs/sms/api/message-resource#delivery-related-errors
         /// </summary>
         public string ErrorCode { get; set; }
 

src/Twilio.AspNet.Common/StatusCallbackRequest.cs

@@ -3,7 +3,7 @@
     /// <summary>
     /// This class can be used as the parameter on your StatusCallback action. Incoming parameters will be bound here.
     /// </summary>
-    /// <remarks>http://www.twilio.com/docs/api/twiml/twilio_request#asynchronous</remarks>
+    /// <remarks>https://www.twilio.com/docs/voice/twiml#ending-the-call-callback-requests</remarks>
     public class StatusCallbackRequest : VoiceRequest
     {
         /// <summary>

src/Twilio.AspNet.Common/TwilioRequest.cs

@@ -26,7 +26,6 @@ public abstract class TwilioRequest
         /// </remarks>
         public string To { get; set; }
 
-
         /// <summary>
         /// The city of the caller
         /// </summary>

src/Twilio.AspNet.Common/VoiceRequest.cs

@@ -3,7 +3,7 @@
     /// <summary>
     /// This class can be used as the parameter on your voice action. Incoming parameters will be bound here.
     /// </summary>
-    /// <remarks>http://www.twilio.com/docs/api/twiml/twilio_request</remarks>
+    /// <remarks>https://www.twilio.com/docs/usage/webhooks/voice-webhooks</remarks>
     public class VoiceRequest : TwilioRequest
     {
         /// <summary>
@@ -35,7 +35,15 @@ public class VoiceRequest : TwilioRequest
         /// This parameter is set when the IncomingPhoneNumber that received the call has had its VoiceCallerIdLookup value set to true.
         /// </summary>
         public string CallerName { get; set; }
-
+
+        /// <summary>
+        /// A unique identifier for the call that created this leg. This parameter is not passed if this is the first leg of a call.
+        /// </summary>
+        public string ParentCallSid { get; set; }
+
+        /// <summary>A token string needed to invoke a forwarded call.</summary>
+        public string CallToken { get; set; }
+
         #region Gather & Record Parameters
 
         /// <summary>

src/Twilio.AspNet.Core.UnitTests/MinimalApiTwiMLResultTests.cs

@@ -1,13 +1,11 @@
 using System.IO;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
-using Twilio.AspNet.Core.MinimalApi;
 using Twilio.TwiML;
 using Xunit;
 
 namespace Twilio.AspNet.Core.UnitTests;
 
-// ReSharper disable once InconsistentNaming
 public class MinimalApiTwiMLResultTests
 {
     [Fact]
@@ -32,6 +30,6 @@ private static async Task ValidateTwimlResultWritesToResponseBody(TwiML.TwiML tw
         Assert.Equal(twiMlResponse.ToString(), responseBody);
     }
 
-    private static VoiceResponse GetVoiceResponse() => new VoiceResponse().Say("Hello World");
-    private static MessagingResponse GetMessagingResponse() => new MessagingResponse().Message("Hello World");
+    private static VoiceResponse GetVoiceResponse() => new VoiceResponse().Say("Ahoy!");
+    private static MessagingResponse GetMessagingResponse() => new MessagingResponse().Message("Ahoy!");
 }

src/Twilio.AspNet.Core.UnitTests/RequestValidationHelperTests.cs

@@ -15,11 +15,11 @@ public class ContextMocks
     public Moq.Mock<HttpContext> HttpContext { get; set; }
     public Moq.Mock<HttpRequest> Request { get; set; }
 
-    public ContextMocks(bool isLocal, FormCollection? form = null, bool isProxied = false) : this("", isLocal, form, isProxied)
+    public ContextMocks(bool isLocal, FormCollection form = null, bool isProxied = false) : this("", isLocal, form, isProxied)
     {
     }
 
-    public ContextMocks(string urlOverride, bool isLocal, FormCollection? form = null, bool isProxied = false)
+    public ContextMocks(string urlOverride, bool isLocal, FormCollection form = null, bool isProxied = false)
     {
         var headers = new HeaderDictionary();
         headers.Add("X-Twilio-Signature", CalculateSignature(urlOverride, form));
@@ -55,7 +55,7 @@ public ContextMocks(string urlOverride, bool isLocal, FormCollection? form = nul
     public static string fakeUrl = "https://api.example.com/webhook";
     public static string fakeAuthToken = "thisisafakeauthtoken";
 
-    private string CalculateSignature(string urlOverride, FormCollection? form)
+    private string CalculateSignature(string urlOverride, FormCollection form)
     {
         var value = new StringBuilder();
         value.Append(string.IsNullOrEmpty(urlOverride) ? ContextMocks.fakeUrl : urlOverride);

src/Twilio.AspNet.Core.UnitTests/Twilio.AspNet.Core.UnitTests.csproj

@@ -1,8 +1,8 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <TargetFramework>net7.0</TargetFramework>
-    <Nullable>enable</Nullable>
     <IsPackable>false</IsPackable>
+    <Nullable>disable</Nullable>
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.11.0" />

src/Twilio.AspNet.Core.UnitTests/TwilioClientTests.cs

@@ -213,10 +213,10 @@ public void AddTwilioClient_With_ApiKeyOptions_Should_Match_Properties()
         Assert.Equal(ValidTwilioOptions.Client.AccountSid, client.AccountSid);
         Assert.Equal(ValidTwilioOptions.Client.LogLevel, client.LogLevel);
         Assert.Equal(ValidTwilioOptions.Client.ApiKeySid,
-            typeof(TwilioRestClient).GetField("_username", BindingFlags.NonPublic | BindingFlags.Instance)
+            typeof(TwilioRestClient).GetField("_username", BindingFlags.NonPublic | BindingFlags.Instance)!
                 .GetValue(client));
         Assert.Equal(ValidTwilioOptions.Client.ApiKeySecret,
-            typeof(TwilioRestClient).GetField("_password", BindingFlags.NonPublic | BindingFlags.Instance)
+            typeof(TwilioRestClient).GetField("_password", BindingFlags.NonPublic | BindingFlags.Instance)!
                 .GetValue(client));
     }
 
@@ -236,10 +236,10 @@ public void AddTwilioClient_With_AuthTokenOptions_Should_Match_Properties()
         Assert.Equal(ValidTwilioOptions.Client.AccountSid, client.AccountSid);
         Assert.Equal(ValidTwilioOptions.Client.LogLevel, client.LogLevel);
         Assert.Equal(ValidTwilioOptions.Client.AccountSid,
-            typeof(TwilioRestClient).GetField("_username", BindingFlags.NonPublic | BindingFlags.Instance)
+            typeof(TwilioRestClient).GetField("_username", BindingFlags.NonPublic | BindingFlags.Instance)!
                 .GetValue(client));
         Assert.Equal(ValidTwilioOptions.Client.AuthToken,
-            typeof(TwilioRestClient).GetField("_password", BindingFlags.NonPublic | BindingFlags.Instance)
+            typeof(TwilioRestClient).GetField("_password", BindingFlags.NonPublic | BindingFlags.Instance)!
                 .GetValue(client));
     }
     [Fact]
@@ -257,7 +257,7 @@ public void AddTwilioClient_Without_HttpClientProvider_Should_Named_HttpClient()
         var twilioRestClient = scope.ServiceProvider.GetService<TwilioRestClient>();
 
         var actualHttpClient = (System.Net.Http.HttpClient) typeof(SystemNetHttpClient)
-            .GetField("_httpClient", BindingFlags.NonPublic | BindingFlags.Instance)
+            .GetField("_httpClient", BindingFlags.NonPublic | BindingFlags.Instance)!
             .GetValue(twilioRestClient.HttpClient);
 
         Assert.NotNull(actualHttpClient);
@@ -271,14 +271,15 @@ public void AddTwilioClient_With_HttpClientProvider_Should_Use_HttpClient()
         serviceCollection.AddSingleton(BuildValidConfiguration());
 
         using var httpClient = new System.Net.Http.HttpClient();
+        // ReSharper disable once AccessToDisposedClosure
         serviceCollection.AddTwilioClient(_ => httpClient);
 
         var serviceProvider = serviceCollection.BuildServiceProvider();
         using var scope = serviceProvider.CreateScope();
 
         var twilioRestClient = scope.ServiceProvider.GetService<TwilioRestClient>();
         var httpClientFromTwilioClient = (System.Net.Http.HttpClient) typeof(SystemNetHttpClient)
-            .GetField("_httpClient", BindingFlags.NonPublic | BindingFlags.Instance)
+            .GetField("_httpClient", BindingFlags.NonPublic | BindingFlags.Instance)!
             .GetValue(twilioRestClient.HttpClient);
 
         Assert.Equal(httpClient, httpClientFromTwilioClient);

src/Twilio.AspNet.Core.UnitTests/TwilioControllerExtensionTests.cs

@@ -1,5 +1,6 @@
 using System.IO;
 using System.Threading.Tasks;
+using System.Xml.Linq;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Abstractions;
@@ -17,8 +18,8 @@ public class TwilioControllerExtensionTests
     [Fact]
     public async Task TwimlResult_Should_Write_VoiceResponse_To_ResponseBody()
     {
-        var twiml = new VoiceResponse().Say("Hello World");
-        var result = TwilioControllerExtensions.TwiML(Mock.Of<ControllerBase>(), twiml);
+        var twiml = new VoiceResponse().Say("Ahoy!");
+        var result = Mock.Of<ControllerBase>().TwiML(twiml);
         var actionContext = CreateActionContext();
         await result.ExecuteResultAsync(actionContext);
 
@@ -27,12 +28,26 @@ public async Task TwimlResult_Should_Write_VoiceResponse_To_ResponseBody()
         var responseBody = await reader.ReadToEndAsync();
         Assert.Equal(twiml.ToString(), responseBody);
     }
+
+    [Fact]
+    public async Task TwimlResult_Should_Write_VoiceResponse_To_ResponseBody_Unformatted()
+    {
+        var twiml = new VoiceResponse().Say("Ahoy!");
+        var result = Mock.Of<ControllerBase>().TwiML(twiml, SaveOptions.DisableFormatting);
+        var actionContext = CreateActionContext();
+        await result.ExecuteResultAsync(actionContext);
+
+        actionContext.HttpContext.Response.Body.Seek(0, SeekOrigin.Begin);
+        var reader = new StreamReader(actionContext.HttpContext.Response.Body);
+        var responseBody = await reader.ReadToEndAsync();
+        Assert.Equal(twiml.ToString(SaveOptions.DisableFormatting), responseBody);
+    }
 
     [Fact]
     public async Task TwimlResult_Should_Write_MessagingResponse_To_ResponseBody()
     {
-        var twiml = new MessagingResponse().Message("Hello World");
-        var result = TwilioControllerExtensions.TwiML(Mock.Of<ControllerBase>(), twiml);
+        var twiml = new MessagingResponse().Message("Ahoy!");
+        var result = Mock.Of<ControllerBase>().TwiML(twiml);
         var actionContext = CreateActionContext();
         await result.ExecuteResultAsync(actionContext);
 

src/Twilio.AspNet.Core.UnitTests/ValidateRequestAttributeTests.cs

@@ -2,9 +2,7 @@
 using System.Collections.Generic;
 using System.Net;
 using System.Text.Json;
-using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http.HttpResults;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Abstractions;
 using Microsoft.AspNetCore.Mvc.Filters;
@@ -128,13 +126,13 @@ public void ValidateRequestAttribute_Validates_Request_Successfully()
         var actionExecutingContext = new ActionExecutingContext(
             new ActionContext(fakeContext, new RouteData(), new ActionDescriptor()),
             new List<IFilterMetadata>(),
-            new Dictionary<string, object?>(),
+            new Dictionary<string, object>(),
             new object()
         );
 
         attribute.OnActionExecuting(actionExecutingContext);
 
-        Assert.Equal(null, actionExecutingContext.Result);
+        Assert.Null(actionExecutingContext.Result);
     }
 
     [Fact]
@@ -156,13 +154,13 @@ public void ValidateRequestFilter_Validates_Request_Forbid()
         var actionExecutingContext = new ActionExecutingContext(
             new ActionContext(fakeContext, new RouteData(), new ActionDescriptor()),
             new List<IFilterMetadata>(),
-            new Dictionary<string, object?>(),
+            new Dictionary<string, object>(),
             new object()
         );
 
         attribute.OnActionExecuting(actionExecutingContext);
 
-        var statusCodeResult = (HttpStatusCodeResult)actionExecutingContext.Result!;
+        var statusCodeResult = (StatusCodeResult)actionExecutingContext.Result!;
         Assert.NotNull(statusCodeResult);
         Assert.Equal((int)HttpStatusCode.Forbidden, statusCodeResult.StatusCode);
     }

src/Twilio.AspNet.Core.UnitTests/ValidateTwilioRequestFilterTests.cs

@@ -75,7 +75,7 @@ public async Task ValidateRequestFilter_Validates_Request_Successfully()
 
         var result = await filter.InvokeAsync(
             new DefaultEndpointFilterInvocationContext(fakeContext), 
-            _ => ValueTask.FromResult<object?>(Results.Ok())
+            _ => ValueTask.FromResult<object>(Results.Ok())
         );
 
         Assert.IsType<Ok>(result);
@@ -103,7 +103,7 @@ public async Task ValidateRequestFilter_Validates_Request_Forbid()
 
         var result = await filter.InvokeAsync(
             new DefaultEndpointFilterInvocationContext(fakeContext), 
-            _ => ValueTask.FromResult<object?>(Results.Ok())
+            _ => ValueTask.FromResult<object>(Results.Ok())
         );
 
         var statusCodeResult = (StatusCodeHttpResult)result!;