danielberkompas · danielberkompas · Sep 9, 2020 · Feb 26, 2020 · Feb 26, 2020
diff --git a/README.md b/README.md
@@ -163,7 +163,11 @@ Twilio's ProgrammableChat API:
 
 Twilio Capability Tokens:
 - [Worker](https://www.twilio.com/docs/api/taskrouter/worker-js)
-- [Calling](https://www.twilio.com/docs/api/client/capability-tokens)
+- [Calling](https://www.twilio.com/docs/api/client/capability-tokens) (Deprecated, use Access Token instead)
+
+Twilio Access Token Grants:
+- [Chat](https://www.twilio.com/docs/chat/identity)
+- [Voice](https://www.twilio.com/docs/iam/access-tokens)
 - [Video](https://www.twilio.com/docs/video/tutorials/user-identity-access-tokens#about-access-tokens)
 
 ### Example

diff --git a/lib/ex_twilio/jwt/access_token/voice_grant.ex b/lib/ex_twilio/jwt/access_token/voice_grant.ex
@@ -0,0 +1,62 @@
+defmodule ExTwilio.JWT.AccessToken.VoiceGrant do
+  @moduledoc """
+  A JWT grant to access a given Twilio voice service.
+
+    ExTwilio.JWT.AccessToken.VoiceGrant.new(
+      outgoing_application_sid: "application_sid",
+      outgoing_application: %{"key" => "value"},
+      incoming_allow: true,
+      push_credential_sid: "push_credential_sid",
+      endpoint_id: "endpoint_id"
+    )
+  """
+
+  defstruct outgoing_application_sid: nil,
+            outgoing_application_params: nil,
+            incoming_allow: nil,
+            push_credential_sid: nil,
+            endpoint_id: nil
+
+  @type t :: %__MODULE__{
+          outgoing_application_sid: String.t(),
+          outgoing_application_params: String.t(),
+          incoming_allow: boolean(),
+          push_credential_sid: String.t(),
+          endpoint_id: String.t()
+        }
+
+  @doc """
+  Create a new grant.
+  """
+  @spec new(attrs :: Keyword.t()) :: t
+  def new(attrs \\ []) do
+    struct(__MODULE__, attrs)
+  end
+
+  defimpl ExTwilio.JWT.Grant do
+    alias ExTwilio.Ext
+
+    def type(_grant), do: "voice"
+
+    def attrs(grant) do
+      %{}
+      |> Ext.Map.put_if("outgoing", outgoing_attrs(grant))
+      |> Ext.Map.put_if("incoming", incoming_attrs(grant))
+      |> Ext.Map.put_if("push_credential_sid", grant.push_credential_sid)
+      |> Ext.Map.put_if("endpoint_id", grant.endpoint_id)
+    end
+
+    defp outgoing_attrs(%{outgoing_application_sid: sid} = grant)
+         when is_binary(sid) and sid != "" do
+      Ext.Map.put_if(%{"application_sid" => sid}, "params", grant.outgoing_application_params)
+    end
+
+    defp outgoing_attrs(_grant), do: nil
+
+    defp incoming_attrs(%{incoming_allow: incoming_allow}) when is_boolean(incoming_allow) do
+      %{"allow" => incoming_allow}
+    end
+
+    defp incoming_attrs(_grant), do: nil
+  end
+end
diff --git a/test/ex_twilio/jwt/access_token/voice_grant_test.exs b/test/ex_twilio/jwt/access_token/voice_grant_test.exs
@@ -0,0 +1,56 @@
+defmodule ExTwilio.JWT.AccessToken.VoiceGrantTest do
+  use ExUnit.Case
+
+  alias ExTwilio.JWT.AccessToken.VoiceGrant
+  alias ExTwilio.JWT.Grant
+
+  describe ".new/1" do
+    test "accepts all attributes" do
+      assert VoiceGrant.new(
+               outgoing_application_sid: "outgoing_application_sid",
+               outgoing_application_params: %{"key" => "value"},
+               incoming_allow: true,
+               endpoint_id: "endpoint_id",
+               push_credential_sid: "push_credential_sid"
+             ) == %VoiceGrant{
+               outgoing_application_sid: "outgoing_application_sid",
+               outgoing_application_params: %{"key" => "value"},
+               incoming_allow: true,
+               endpoint_id: "endpoint_id",
+               push_credential_sid: "push_credential_sid"
+             }
+    end
+  end
+
+  test "implements ExTwilio.JWT.Grant" do
+    assert Grant.type(%VoiceGrant{}) == "voice"
+
+    assert Grant.attrs(%VoiceGrant{
+             outgoing_application_sid: "sid",
+             outgoing_application_params: %{key: "value"}
+           }) == %{
+             "outgoing" => %{
+               "application_sid" => "sid",
+               "params" => %{key: "value"}
+             }
+           }
+
+    assert Grant.attrs(%VoiceGrant{incoming_allow: true}) == %{
+             "incoming" => %{
+               "allow" => true
+             }
+           }
+
+    assert Grant.attrs(%VoiceGrant{endpoint_id: "endpoint_id"}) == %{
+             "endpoint_id" => "endpoint_id"
+           }
+
+    assert Grant.attrs(%VoiceGrant{push_credential_sid: "push_credential_sid"}) == %{
+             "push_credential_sid" => "push_credential_sid"
+           }
+  end
+
+  test "does not include outgoing_application_params when outgoing_application_sid not defined" do
+    assert Grant.attrs(%VoiceGrant{outgoing_application_params: %{key: "value"}}) == %{}
+  end
+end
diff --git a/test/ex_twilio/jwt/access_token_test.exs b/test/ex_twilio/jwt/access_token_test.exs
@@ -41,7 +41,11 @@ defmodule ExTwilio.JWT.AccessTokenTest do
           identity: "user@email.com",
           grants: [
             AccessToken.ChatGrant.new(service_sid: "sid"),
-            AccessToken.VideoGrant.new(room: "room")
+            AccessToken.VideoGrant.new(room: "room"),
+            AccessToken.VoiceGrant.new(
+              outgoing_application_sid: "sid",
+              outgoing_application_params: %{key: "value"}
+            )
           ],
           expires_in: 86_400
         )
@@ -59,6 +63,9 @@ defmodule ExTwilio.JWT.AccessTokenTest do
       assert claims["grants"] == %{
                "chat" => %{"service_sid" => "sid"},
                "video" => %{"room" => "room"},
+               "voice" => %{
+                 "outgoing" => %{"application_sid" => "sid", "params" => %{"key" => "value"}}
+               },
                "identity" => "user@email.com"
              }
     end