shawnlindstrom · October 25, 2024 19:23
diff --git a/ValidateTwilioEventWebhook.php b/ValidateTwilioEventWebhook.php
 <?php

 namespace App\Http\Middleware;

 use Closure;
 use Illuminate\Http\Request;
 use Symfony\Component\HttpFoundation\Response;

 class ValidateTwilioEventWebhook
 {
    public function handle(Request $request, Closure $next): Response
    {
        if (! $this->ipWithinRange($request->ip(), config('twilio.webhook_cidr'))) {
            return response('Forbidden', 403);
        }
        
        return $next($request);
    }

    private function ipWithinRange($ip, $cidr): bool
    {
        [$subnet, $mask] = explode('/', $cidr);

        $ip = inet_pton($ip);
        $subnet = inet_pton($subnet);
        $bitmask = str_repeat("\xFF", $mask >> 3);
        $bitmask .= chr((0xFF << (8 - ($mask & 7))) & 0xFF);
        $bitmask = str_pad($bitmask, 16, "\0");

        return ($ip & $bitmask) === ($subnet & $bitmask);
    }
 }
	<?php

	namespace App\Http\Middleware;

	use Closure;
	use Illuminate\Http\Request;
	use Symfony\Component\HttpFoundation\Response;

	class ValidateTwilioEventWebhook
	{
	public function handle(Request $request, Closure $next): Response
	{
	if (! $this->ipWithinRange($request->ip(), config('twilio.webhook_cidr'))) {
	return response('Forbidden', 403);
	}

	return $next($request);
	}

	private function ipWithinRange($ip, $cidr): bool
	{
	[$subnet, $mask] = explode('/', $cidr);

	$ip = inet_pton($ip);
	$subnet = inet_pton($subnet);
	$bitmask = str_repeat("\xFF", $mask >> 3);
	$bitmask .= chr((0xFF << (8 - ($mask & 7))) & 0xFF);
	$bitmask = str_pad($bitmask, 16, "\0");

	return ($ip & $bitmask) === ($subnet & $bitmask);
	}
	}