Fix Twilio request validation URL scheme mismatch

The UseTwilioRequestValidation() middleware was validating requests using
the overridden 'https://' scheme (set by upstream middleware) while Twilio
signed the webhook with the actual configured URL scheme (e.g. 'http://'
in QA). This caused signature validation to fail for IncomingMessage and
other Twilio endpoints, resulting in 403 responses reported by Twilio as
timeouts.

Fix: set BaseUrlOverride to SystemBehaviorConfig.ResgridApiBaseUrl so the
validation URL always matches the base URL Twilio uses when signing — the
same URL registered as the webhook in the Twilio console.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: ucswift

Web/Resgrid.Web.Services/Startup.cs

@@ -165,6 +165,11 @@ public void ConfigureServices(IServiceCollection services)
 			{
 				options.AuthToken = NumberProviderConfig.TwilioAuthToken;
 				options.AllowLocal = false;
+				// BaseUrlOverride ensures the URL used for signature validation matches
+				// what Twilio used when signing the request, regardless of any scheme
+				// override applied by upstream middleware (e.g. http → https rewrites).
+				if (!string.IsNullOrWhiteSpace(Config.SystemBehaviorConfig.ResgridApiBaseUrl))
+					options.BaseUrlOverride = Config.SystemBehaviorConfig.ResgridApiBaseUrl;
 			});
 
 			services.AddApiVersioning(x =>