casa icon indicating copy to clipboard operation
casa copied to clipboard
verified publisher icon rubyforgood

Need a way for a an admin to test if their twilio credentials are valid

Open FireLemons opened this issue 3 years ago • 6 comments

What type(s) of user does this feature affect?

  • admins

Description We need a way for an admin to test whether they entered their twilio credentials correctly by checking with twilio servers if the credentials entered are valid.

Screenshots of current behavior, if any
image image

QA Login Details:
Link to QA site

Login Emails:

password for all users: 12345678

Questions? Join Slack!

We highly recommend that you join us in slack https://rubyforgood.herokuapp.com/ #casa channel to ask questions quickly and hear about office hours (currently Tuesday 6-8pm Pacific), stakeholder news, and upcoming new issues.

FireLemons avatar Jun 29 '22 04:06 FireLemons

Doesn't seem like Twilio has a system to vet the credentials. I think attempting to send a live "credential confirmation" SMS, either to the admin or the admin's casa org Twilio number, may be the way to go.

7riumph avatar Jul 06 '22 00:07 7riumph

Hmm sending live sms is not ideal, how about sending a "get past messages" instead of a "send sms"

compwron avatar Jul 06 '22 01:07 compwron

Oh that's true! Regardless of whether the account has a message history it should throw something that confirms the credentials work, more info here https://www.twilio.com/docs/sms/tutorials/how-to-retrieve-and-modify-message-history-ruby

7riumph avatar Jul 06 '22 03:07 7riumph

Maybe there is a way when we save the credentials, we can check whether or not the credentials are good and render an appropriate notice on the page? So we won't need to send anything and thus saving precious twilio credits? @7riumph @compwron

xihai01 avatar Jul 16 '22 14:07 xihai01

I can look into this if you want

xihai01 avatar Jul 16 '22 14:07 xihai01

I messed around with this idea a little bit, and it seems like it would work to use message history or usage. If the authentication fails on the call to the twilio api, it returns code 20003. Proof of concept something like:

require 'twilio-ruby'

TWILIO_AUTHENTICATE_ERROR_CODE = 20003 # Permission denied: https://www.twilio.com/docs/api/errors/20003

account_sid = 'theaccountsid'
auth_token = 'theauthtoken'

@client = Twilio::REST::Client.new(account_sid, auth_token)

begin
  # Make a call to the Twilio API to retrieve or list a resource
  # (Pretty sure these don't cost anything)

  @client.messages.list(limit: 1)
  # https://www.twilio.com/docs/sms/tutorials/how-to-retrieve-and-modify-message-history-ruby
  
  # alternatively - 
  @client.usage.records.this_month.list(limit: 1)
  # https://www.twilio.com/docs/usage/api/usage-record#list-get

  print("Authentication looks good")
rescue Twilio::REST::RestError => twilio_error
  if twilio_error.code == TWILIO_AUTHENTICATE_ERROR_CODE
    print("Twilio credentials invalid. Please double check and try again.")
  else
    print("Some other unknown twilio error")
  end
end

amygurski avatar Sep 02 '22 22:09 amygurski

@FireLemons I can take a crack at this one, what should we do if the credentials are invalid? Should we delete and notify user or just display a message without removing the credentials.

kaysiz avatar Oct 19 '22 13:10 kaysiz

display a message

FireLemons avatar Oct 19 '22 14:10 FireLemons

This issue has been inactive for 250 hours (10.42 days) and will be unassigned after 110 more hours (4.58 days). If you have questions, please visit the #casa channel in slack during Tuesdays 6-8 PM PST. Link: https://rubyforgood.herokuapp.com/

If you are still working on this, comment here to tell the bot to give you more time

github-actions[bot] avatar Oct 30 '22 00:10 github-actions[bot]