Search code examples
web-notifications

Web Notification Push Subscription what to do with auth?


A Web Notification subscription post back might give this data:

{
    "customerid": "123456",
    "subscription": {
        "endpoint": "https://updates.push.services.mozilla.com/push/v1/gAAAA…",
        "keys": {
            "p256dh": "BOrnIslXrUow2VAzKCUAE4sIbK00daEZCswOcf8m3TF8V…",
            "auth": "k8JV6sjdbhAi1n3_LDBLvA"
         }
    },
    "favoritedrink": "warm milk"
}

I feel like I'm missing something because I don't know what to do with the auth data (k8JV6sjdbhAi1n3_LDBLvA), how does it get used?


Solution

  • I figured out what to do by using this library: https://github.com/web-push-libs/web-push-csharp

    Nuget

    Install-Package WebPush
    
    
    
    public static string Encode(byte[] data)
            {
                return Convert.ToBase64String(data).Replace('+', '-').Replace('/', '_').TrimEnd('=');
            }
    
         public static AsymmetricCipherKeyPair GenerateKeys()
                {
                    var ecParameters = NistNamedCurves.GetByName("P-256");
                    var ecSpec = new ECDomainParameters(ecParameters.Curve, ecParameters.G, ecParameters.N, ecParameters.H,
                        ecParameters.GetSeed());
                    var keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("ECDH");
                    keyPairGenerator.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
    
                    return keyPairGenerator.GenerateKeyPair();
                }
    
    public string privateKeyStr;
    public string publicKeyStr;
    
    public void DoWork()
    {
      byte[] publicKey = ((ECPublicKeyParameters)keys.Public).Q.GetEncoded(false);
                byte[] privateKey = ((ECPrivateKeyParameters)keys.Private).D.ToByteArrayUnsigned();
                privateKeyStr = Encode(privateKey);
                publicKeyStr = Encode(publicKey);
    
    // Save/Restore privateKeyStr / publicKeyStr (don't want to gen each time)
    
    // now publicKeyStr needs to be an input into the ServiceWoker reg in javascript
    

    eg

    const serviceWorker = navigator.serviceWorker.register('serviceworkerloader.js', { scope: './' }).then(
        function (swReg) {
            console.log('Service Worker is registered', swReg);
            swRegistration = swReg;
    
            swRegistration.pushManager.getSubscription()
                .then(function (subscription) {
                    let isSubscribed = !(subscription === null)
    
                    if (isSubscribed) {
                        console.log('User IS subscribed.')
    
                        let unsub = false
                        if (unsub) {
                            subscription.unsubscribe()
                        }
                    } else {
                        console.log('User is NOT subscribed.')
                    }
                });
    
            // subscribe
            const applicationServerKey = urlB64ToUint8Array(applicationServerPublicKey);
            swRegistration.pushManager.subscribe({
                userVisibleOnly: true,
                applicationServerKey: applicationServerKey
            }).then(function (subscription) {
                updateSubscriptionOnServer(subscription);
                isSubscribed = true
            }).catch(function (err) {
                console.log('Failed to subscribe the user: ', err);
            });
    
        })
    

    This returns data like this:

    {
        "customerid": "123456",
        "subscription": {
            "endpoint": "https://updates.push.services.mozilla.com/push/v1/gAAAA…",
            "keys": {
                "p256dh": "BOrnIslXrUow2VAzKCUAE4sIbK00daEZCswOcf8m3TF8V…",
                "auth": "k8JV6sjdbhAi1n3_LDBLvA"
             }
        },
        "favoritedrink": "warm milk"
    }
    

    Which must make it back to your server then you can run this code:

        var pushEndpoint = @"https://fcm.googleapis.com/fcm/send/clKG12Pq-vQ:APA91bGvMOg0lgnAiHvN6X8AOh0hVN5KsGrdXNC9zka0uIbZUTbbypcd5Ns7pamt2tQcKvedZVm_i7tW996wN82pnx4ks1dH022cPm_GDLW0SsHwwLtvGgWGJ1grANp04GuwiNZQ9rhpb2X8FsjqIYL499Q49LydRg";
        var p256dh = @"BDSRQDB8Okr85gC7V4YMQEHsEMxBjOoN1GTdsnL9CcyZ_xrvna1u1AV9yoYBWZ80dNKzeMSqWhybMGvFkPuDq6s";
        var auth = @"oKospnY_RDj_EiRsn-PwuA";
    
        var subject = @"mailto:[email protected]";
        var publicKey = generatedPublicKey;
        //@"BDjASz8kkVBQJgWcD05uX3VxIs_gSHyuS023jnBoHBgUbg8zIJvTSQytR8MP4Z3-kzcGNVnM...............";
        var privateKey = generatedPrivateKey;
            //@"mryM-krWj_6IsIMGsd8wNFXGBxnx...............";
    
        var subscription = new PushSubscription(pushEndpoint, p256dh, auth);
        var vapidDetails = new VapidDetails(subject, publicKey, privateKey);
        //var gcmAPIKey = @"[your key here]";
    
        var webPushClient = new WebPushClient();
        try
        {
            webPushClient.SendNotification(subscription, "payload", vapidDetails);
            //webPushClient.SendNotification(subscription, "payload", gcmAPIKey);
        }
        catch (WebPushException exception)
        {
            Console.WriteLine("Http STATUS code" + exception.StatusCode);
        }