4

Using the Twilio official tutorial code here, I get a phone number and a TwiML app running fine, and start both the flask server and the ngrok forwarding processes. Operating system and browser are Chrome 53.0.2785.143 (64-bit) on Mac OSX.

Unfortunately, it fails, giving this error: Twilio.Device Error: JWT signature validation failed as showing in the screenshot:

running in browser

I tried handing in {debug : true} to the call like so:

Twilio.Device.setup(data.token, { debug: true });

and got the following output:

console logging JS error

But it's still not clear what's going on. If I try throwing the actual compatibility token returned into Python console (using JWT encoder/decoder)and trying to decode it using the Twilio secret auth token and the HS256 algorithm:

from jose import jwt 
token = "xxxxx"  # compatibility token from above in browser
print jwt.decode(token, TWILIO_AUTH_TOKEN, algorithms=['HS256'])

I get the following error:

/Users/me/.virtualenvs/myenv/lib/python2.7/site-packages/jose/jwt.pyc in decode(token, key, algorithms, options, audience, issuer, subject, access_token)
    132         payload = jws.verify(token, key, algorithms, verify=verify_signature)
    133     except JWSError as e:
--> 134         raise JWTError(e)
    135 
    136     # Needed for at_hash verification

JWTError: Signature verification failed.

So maybe they aren't using that as the secret to encode decode, so not sure how much that proves.

Any thoughts?

lollercoaster
  • 15,969
  • 35
  • 115
  • 173

1 Answers1

4

There are couple things to try.

First: Make sure are you using the actual AccountSID and AuthToken, DONT attempt to use the "Test Credentials". If your on a trial account it will all work fine, twilio only has a prepended greeting to voice calls.

Second: Make sure you have created a TwiML App and are using that associated AppID for the "applicationId" during the "allowClientOutgoing" method.

That should get you through the JWT signing process. If your server does not seem to be working. I just built a Google Apps Script version located here. Simply make a copy follow the notations in the code to place your credentials and appId then you can see if its something with your server. To use simply make a GET request to the pubilshed app script URL and it will retun the token.

Additional steps to ensure after getting JWT signing correct.

For outgoing you will need a callback to your sever to send some TwiML back with orders to dial the outgoing number. There is also one setup on the attached Google Apps Script. Add the scripts url to the voice callback secion on your registerd twilio number and set it to a POST request.

Example TwiML for Outgoing

<Response><Dial callerId="+//enter your registered phonenumber here////">'+tocall+'</Dial></Response>'

For incoming connections you will need to setup a TwiML Bin with some code to dial the name of the user you used during the "allowIncoming(clientName)" method.

Example TwiML for Incoming

<?xml version="1.0" encoding="UTF-8"?>
<Response>
  <Dial>
    <Client>//client name or id registered during token generation here\\</Client>
    </Dial>
</Response>

Then assign the TwiML Bin the incoming side of the registered phonenumber inside the console.

Lenny Cunningham
  • 66
  • 2