SOLVED Twilio Webhook for Incoming SMS

Status
Not open for further replies.
Caleb

Caleb

Member
Sep 12, 2017
42
17
8
WA, USA
For anyone who has gone through the process of setting up SMS in FusionPBX using Twilio, you may have found that Twilio doesn't use consistent IPs for contacting the Webhook, and so FusionPBX's check_acl() function will almost always result in an "access denied" message. Using Twilio's Signature Validation can solve this issue if you don't want to just accept all incoming webhook notifications (which you shouldn't).

After setting up SMS in FusionPBX, downloading Twilio's PHP SDK and unzipping it in <fusionbpx dir>/app/sms/resources/, I edited <fusionbpx dir>/app/sms/hook/sms_hook_twilio.php as follows:
<?php

include "../root.php";

require_once "resources/require.php";
require_once "../sms_hook_common.php";

// twilio validation stuff
require_once "../resources/twilio-php-master/Twilio/autoload.php";
use Twilio\Security\RequestValidator;
$twilio_token = $_SESSION['sms']['twilio_secret_key']['text'];
$twilio_sig = $_SERVER["HTTP_X_TWILIO_SIGNATURE"];
$validator = new RequestValidator($twilio_token);
$url = "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$post_vars = $_POST;

if (check_acl() || $validator->validate($twilio_sig, $url, $post_vars)) {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($debug) {
error_log('[SMS] REQUEST: ' . print_r($_REQUEST, true));
}
route_and_send_sms($_REQUEST['From'], str_replace("+","",$_REQUEST['To']), $_REQUEST['Body']);
} else {
die("no");
}
} else {
error_log('ACCESS DENIED [SMS]: ' . print_r($_SERVER['REMOTE_ADDR'], true));
die("access denied again");
}
?>
 
  • Like
Reactions: DigitalDaz
Caleb

Caleb

Member
Sep 12, 2017
42
17
8
WA, USA
Not built in to FusionPBX. SIP endpoints registered with your FusionPBX that support chat messages (I don't know what the technical term in SIP for them is off the top of my head) are what you would use for any texting capabilities, whether that's through Twilio or another provider.
 
PBXMePlz

PBXMePlz

Member
Mar 1, 2019
102
10
18
32
Not to res an old post here but Twilio is responding with "Content is not allowed in prolog." indicate issues with the XML on line 1, thoughts?
 
PBXMePlz

PBXMePlz

Member
Mar 1, 2019
102
10
18
32
JamesBorne said:
you literally did necro a post from 2 years ago...
Click to expand...

I did didn't I? On one hand, I regret breaking an age old internet role. On another hand, I do enjoy a good necromancer every now and again.

For realz though, I apologize.
 
Status
Not open for further replies.
Top Bottom