Comments (19)
Ignore me, the issue was a missing ':'
$audience = parse_url($endpoint, PHP_URL_SCHEME).'://'.parse_url($endpoint, PHP_URL_HOST);
from web-push-php.
See #41. It works with Firefox, but I get a 400 UnauthorizedRegistration with Chrome (FCM)...
from web-push-php.
@Minishlink I am right now testing your library and with Chrome (FCM) receiving 400 UnauthorizedRegistration error. Do you know any workaround for that?
from web-push-php.
You're using VAPID?
from web-push-php.
@Minishlink Sorry, that was my mistake, now works :) Thanks, great library!
from web-push-php.
@andriytkachiv Cool! :) Were you using this branch? I'd like to know because I can't get FCM to work with VAPID. (Firefox does)
from web-push-php.
I just discovered your vapid
branch, I spent couple of days adding the support for VAPID in the library x) With my modifications it's works well on both Firefox and Chrome, I will try to find out why it doesn't work for you with FCM :)
from web-push-php.
Cool, thanks! Is the code on GitHub so that I may look into how you wrote it differently?
From what I see things, either Firefox implement two forms of signature (DER and uncompressed) and Chrome only one, or FCM has banned my IP due to my tests. :)
from web-push-php.
What I did to generate my VAPID keys and create a JWT in php :
https://github.com/5pilow/push-notifications
I think it's still a little bit dirty, but at least it works. I hope it will help you.
I'm not an expert with all these key manipulations, the fact that there are a lot of different formats (between node and php libraries) is disturbing...
I will still try to make it work with the vapid
branch, how do you generate the JS Uint8Array from your public key?
from web-push-php.
Thanks, I'll look into it.
I find it much simpler to work with base64-encoded uncompressed keys rather than that very long PEM format. But the best of both world would be the (base64-encoded) DER format I guess, since it's as widely spread as PEM but not as long as the former.
By the way, here's the Javascript code (found on the NodeJS web-push readme):
function urlBase64ToUint8Array(base64String) {
const padding = '='.repeat((4 - base64String.length % 4) % 4);
const base64 = (base64String + padding)
.replace(/\-/g, '+')
.replace(/_/g, '/');
const rawData = window.atob(base64);
const outputArray = new Uint8Array(rawData.length);
for (let i = 0; i < rawData.length; ++i) {
outputArray[i] = rawData.charCodeAt(i);
}
return outputArray;
}
from web-push-php.
@5pilow Ok so I also get a 400 with your code... Can you test your FCM endpoint with my vapid branch please?
from web-push-php.
I have also a 400 error using the vapid
branch :/
Do I initialize correctly (keys format)?
PHP:
$auth = array(
'GCM' => 'MY_GCM_API_KEY',
'VAPID' => array(
'subject' => 'mailto:[email protected]',
'publicKey' => 'BM/njB+2FaVWgLxEgmtv3Jd68ye6aMoPpIn6/iUSlheppTiSkirEFFjbTbFxpjkFuirIbwNxpECFa/eIxmRnDuE=',
'privateKey' => 'VFiAbsorcWz4CIRjsLDcmOplh+fbo/2W/vD/Hb/RBSg='
),
);
JS (the key has been converted from the public key above)
new Uint8Array(
[4, 207, 231, 140, 31, 182, 21, 165, 86, 128, 188, 68, 130, 107,
111, 220, 151, 122, 243, 39, 186, 104, 202, 15, 164, 137, 250,
254, 37, 18, 150, 23, 169, 165, 56, 146, 146, 42, 196, 20, 88,
219, 77, 177, 113, 166, 57, 5, 186, 42, 200, 111, 3, 113, 164,
64, 133, 107, 247, 136, 198, 100, 103, 14, 225]
)
I tried to replace the JWS creation with my function but I doesn't change anything, The only difference I think is when we create our keys, but I don't see what is the difference :/
Also, I tested my code on a production server and I manage to make it works too :) But I had to change the version of the gmp lib, I switched to php7.0-gmp
and I get rid of a 400 (I don't know exaclty why).
from web-push-php.
This may be helpful for the VAPID implementation.
I just raised a PR over on the other repo (sorry didn't realise VAPID work had begun on this one) that adds integration tests for all browsers and it should be trivial to run VAPID changes through Chrome and Firefox:
from web-push-php.
@5pilow Thanks, I'm relieved it works at least with one configuration. Have you changed anything else than the version of GMP to make it work?
@gauntface Thanks, I'll check it out!
from web-push-php.
@gauntface So the VAPID implementation also doesn't work with Chrome on Travis for some unknown reason. :( Is Chrome's code that is related to VAPID public (eg in Chromium)? Also, is there a way to have more information than a 400 UnauthorizedRegistration
?
from web-push-php.
I'll try and dig up some more information on the error codes for 400 vs 40X which I believe mean something different, but generally Unauthorized Registration just means the details provide during subscription and the details provided with the send request didn't match.
from web-push-php.
Just spent time looking into this and breaking down the tests to compare node and php input / output, the PHP library is outputting something different to node for the JWT payload.
I've dumped stuff here: https://github.com/web-push-libs/web-push-php/tree/vapid-playground (Just because I'm exploring and it's probably not suitable for merging yet)
from web-push-php.
Thank you for your help and time. I looked at the modified VAPIDTest and the test on Travis but is seems the expected jwt payload is built with the subject url whereas the actual jwt payload is built with the subject mailto :/
In my VAPIDTest, the expected data was actually from the Node library, which I had customized to output these values. The actual data I get with web-push-php is the same, except the last part of the JWT. This last part is the generated signature, so it will change and is not unique to the header/payload/key.
from web-push-php.
Nice catch, thank you very much!!
from web-push-php.
Related Issues (20)
- cURL error 28: NSS: client certificate not found (nickname not specified)
- event.data is always null HOT 8
- Shared device question HOT 2
- Get subscription from report (in case of error) HOT 2
- Pass a custom variable to flush() HOT 1
- some subscribers get 403 Error HOT 1
- Successfull message but nothing happens HOT 1
- Consider using `GuzzleHttp\Pool` in `flush` HOT 5
- web app ios error
- size of payload must not be greater than 4078 octets HOT 2
- Não estou conseguindo implantar n meu sistema, alguem quer um freelance para fazer isso? HOT 1
- Help with frontend HOT 4
- Notification not sent due to hex2bin() error
- 12x performance difference between windows and linux HOT 1
- Migration to new Firebase HTTPv1 api's question. HOT 2
- Make $supportedContentEncodings publicly available or implement encoding negotiation
- $report->isSuccess() always returns true with web.push.apple.com HOT 4
- Remove legacy code and updates HOT 3
- Abandoned packages HOT 4
- Push Notification in IOS HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from web-push-php.