apnotic 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 97653d26a662ae9a7faa8d9d4c2914de5f17b83e
-  data.tar.gz: a069da2ff88b6de95d2ad3f118a7eb4f22fb240b
+  metadata.gz: 9bfb47d774564845182d268e32f8820017d0ba32
+  data.tar.gz: 47334f8ffb95809e4c224570c4d4f5ba1b747eb7
 SHA512:
-  metadata.gz: e86c4f893bcdee198dad0f6276d4f5d4c05b4999bf4ae5cdeccd91450f99bbecd05a9fd8a67abfa60e14f8c498bbfd9d14872b47a534c244809e7db8908275b4
-  data.tar.gz: 2e7820e5123299223fdf0e027c8a6bdb5500768d68a1a68afe59a3c88f5bc878c20a9fa8071e75fec6899b404e04cc7164fa4cd163b72de5011ded48fdb6a3c4
+  metadata.gz: 84259061d8e09e4ba609b0ae4e99980236984570c64207eed01f0cd3102aa361ec276829609891bc84c237f99df344dac232a69dabeb6672e67150b67c8cde03
+  data.tar.gz: fdb1ba71863a3520f3005817980dcc0e06073791b4958488517053b458a52bec3a22fa32704da7588cfe25b7b7cab0e4e9422671d0354be4b8fe107e1dc8830a

data/README.md

@@ -4,7 +4,7 @@
 
 # Apnotic
 
-Apnotic is a gem for sending Apple Push Notifications using the [HTTP-2 specifics](https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/ApplePushService.html#//apple_ref/doc/uid/TP40008194-CH100-SW9).
+Apnotic is a gem for sending Apple Push Notifications using the [HTTP-2 specifics](https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/CommunicatingwithAPNs.html).
 
 
 ## Why "Yet Another APN" gem?
@@ -92,6 +92,25 @@ connection.join
 connection.close
 ```
 
+#### Token-based authentication
+Token-based authentication is supported. There are several advantages with token-based auth:
+
+- There is no need to renew push certificates annually.
+- A single key can be used for every app in your developer account.
+
+First, you will need a [token signing key](http://help.apple.com/xcode/mac/current/#/dev54d690a66?sub=dev1eb5dfe65) from your Apple developer account.
+
+Then configure your connection for `:token` authentication:
+
+```ruby
+require 'apnotic'
+connection = Apnotic::Connection.new(
+  auth_method: :token,
+  cert_path: "key.p8",
+  key_id: "p8_key_id",
+  team_id: "apple_team_id"
+)
+```
 
 ### With Sidekiq / Rescue / ...
 > In case that errors are encountered, Apnotic will raise the error and repair the underlying connection, but it will not retry the requests that have failed. This is by design,  so that the job manager (Sidekiq, Resque,...) can retry the job that failed. For this reason, it is recommended to use a queue engine that will retry unsuccessful pushes.
@@ -135,7 +154,7 @@ class MyWorker
 end
 ```
 
-> The official [APNs Provider API documentation](https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/APNsProviderAPI.html) explains how to interpret the responses given by the APNS.
+> The official [APNs Provider API documentation](https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/CommunicatingwithAPNs.html) explains how to interpret the responses given by the APNS.
 
 You may also consider using async pushes instead in a Sidekiq / Rescue worker.
 
@@ -184,7 +203,7 @@ Allows to set a callback for the connection. The only available event is `:error
 connection.on(:error) { |exception| puts "Exception has been raised: #{exception}" }
 ```
 
-> If the `:error` callback is not set, the underlying socket thread may raise an error in the main thread at unexpected execution times. 
+> If the `:error` callback is not set, the underlying socket thread may raise an error in the main thread at unexpected execution times.
 
  * **url** → **`URL`**
 
@@ -291,11 +310,11 @@ The response to a call to `connection.push`.
  * **body** → **`hash` or `string`**
 
  Returns the body of the response in Hash format if a valid JSON was returned, otherwise just the RAW body.
- 
+
   * **headers** → **`hash`**
 
  Returns a Hash containing the Headers of the response.
- 
+
  * **ok?** → **`boolean`**
 
  Returns if the push was successful.
@@ -311,9 +330,9 @@ The push object to be sent in an async call.
 #### Methods
 
  * **http2_request**  → **`NetHttp2::Request`**
- 
+
  Returns the HTTP/2 request of the push.
- 
+
  * **on(event, &block)**
 
  Allows to set a callback for the request. Available events are:

data/apnotic.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "net-http2", ">= 0.15", "< 2"
+  spec.add_dependency "net-http2", ">= 0.16", "< 2"
   spec.add_dependency "connection_pool", "~> 2.0"
 
   spec.add_development_dependency "bundler", "~> 1.3"

data/lib/apnotic.rb

@@ -1,3 +1,5 @@
+require 'apnotic/instance_cache'
+require 'apnotic/provider_token'
 require 'apnotic/connection'
 require 'apnotic/connection_pool'
 require 'apnotic/notification'

data/lib/apnotic/connection.rb

@@ -21,6 +21,10 @@ module Apnotic
       @cert_path       = options[:cert_path]
       @cert_pass       = options[:cert_pass]
       @connect_timeout = options[:connect_timeout] || 30
+      @auth_method     = options[:auth_method] || :cert
+      @team_id         = options[:team_id]
+      @key_id          = options[:key_id]
+      @first_push      = true
 
       raise "Cert file not found: #{@cert_path}" unless @cert_path && (@cert_path.respond_to?(:read) || File.exist?(@cert_path))
 
@@ -28,7 +32,7 @@ module Apnotic
     end
 
     def push(notification, options={})
-      request  = Apnotic::Request.new(notification)
+      request  = prepare_request(notification)
       response = @client.call(:post, request.path,
         body:    request.body,
         headers: request.headers,
@@ -38,11 +42,16 @@ module Apnotic
     end
 
     def push_async(push)
-      @client.call_async(push.http2_request)
+      if @first_push
+        @first_push = false
+        @client.call_async(push.http2_request)
+      else
+        delayed_push_async(push)
+      end
     end
 
     def prepare_push(notification)
-      request       = Apnotic::Request.new(notification)
+      request       = prepare_request(notification)
       http2_request = @client.prepare_request(:post, request.path,
         body:    request.body,
         headers: request.headers
@@ -64,8 +73,39 @@ module Apnotic
 
     private
 
+    def prepare_request(notification)
+      notification.authorization = provider_token if @auth_method == :token
+      Apnotic::Request.new(notification)
+    end
+
+    def delayed_push_async(push)
+      if streams_available?
+        @client.call_async(push.http2_request)
+      else
+        sleep 0.001
+        delayed_push_async(push)
+      end
+    end
+
+    def streams_available?
+      remote_max_concurrent_streams - @client.stream_count > 0
+    end
+
+    def remote_max_concurrent_streams
+      # 0x7fffffff is the default value from http-2 gem (2^31)
+      if @client.remote_settings[:settings_max_concurrent_streams] == 0x7fffffff
+        0
+      else
+        @client.remote_settings[:settings_max_concurrent_streams]
+      end
+    end
+
     def ssl_context
-      @ssl_context ||= begin
+      @auth_method == :cert ? build_ssl_context : nil
+    end
+
+    def build_ssl_context
+      @build_ssl_context ||= begin
         ctx = OpenSSL::SSL::SSLContext.new
         begin
           p12      = OpenSSL::PKCS12.new(certificate, @cert_pass)
@@ -90,5 +130,14 @@ module Apnotic
         cert
       end
     end
+
+    def provider_token
+      @provider_token_cache ||= begin
+        instance = ProviderToken.new(certificate, @team_id, @key_id)
+        InstanceCache.new(instance, :token, 30 * 60)
+      end
+      @provider_token_cache.call
+    end
+
   end
 end

data/lib/apnotic/instance_cache.rb

@@ -0,0 +1,28 @@
+module Apnotic
+  class InstanceCache
+    def initialize(instance, method, ttl)
+      @instance = instance
+      @method   = method
+      @ttl      = ttl
+    end
+
+    def call
+      if @cached_value && !expired?
+        @cached_value
+      else
+        new_value
+      end
+    end
+
+    private
+
+    def expired?
+      Time.now - @cached_at >= @ttl
+    end
+
+    def new_value
+      @cached_at = Time.now
+      @cached_value = @instance.send(@method)
+    end
+  end
+end

data/lib/apnotic/notification.rb

@@ -6,7 +6,7 @@ module Apnotic
   class Notification
     attr_reader :token
     attr_accessor :alert, :badge, :sound, :content_available, :category, :custom_payload, :url_args, :mutable_content
-    attr_accessor :apns_id, :expiration, :priority, :topic, :apns_collapse_id
+    attr_accessor :apns_id, :expiration, :priority, :topic, :apns_collapse_id, :authorization
 
     def initialize(token)
       @token   = token
@@ -17,6 +17,10 @@ module Apnotic
       JSON.dump(to_hash).force_encoding(Encoding::BINARY)
     end
 
+    def authorization_header
+      authorization ? "bearer #{authorization}" : nil
+    end
+
     private
 
     def to_hash

data/lib/apnotic/provider_token.rb

@@ -0,0 +1,43 @@
+require 'base64'
+require 'openssl'
+require 'json'
+
+module Apnotic
+  class ProviderToken
+    def initialize(key, team_id, key_id)
+      @key     = OpenSSL::PKey::EC.new(key)
+      @team_id = team_id
+      @key_id  = key_id
+    end
+
+    def token
+      [encode(header), encode(payload), encode(signature)].join(".")
+    end
+
+    private
+
+    def header
+      JSON.generate({
+        alg: "ES256",
+        kid: @key_id
+      })
+    end
+
+    def payload
+      JSON.generate({
+        iss: @team_id,
+        iat: Time.now.to_i
+      })
+    end
+
+    def signature
+      data = [encode(header), encode(payload)].join(".")
+      digest = OpenSSL::Digest::SHA256.new().digest(data)
+      @key.dsa_sign_asn1(digest)
+    end
+
+    def encode(data)
+      Base64.encode64(data).tr('+/', '-_').gsub(/[\n=]/, '')
+    end
+  end
+end

data/lib/apnotic/request.rb

@@ -18,6 +18,7 @@ module Apnotic
       h.merge!('apns-priority' => notification.priority) if notification.priority
       h.merge!('apns-topic' => notification.topic) if notification.topic
       h.merge!('apns-collapse-id' => notification.apns_collapse_id) if notification.apns_collapse_id
+      h.merge!('authorization' => notification.authorization_header) if notification.authorization_header
       h
     end
   end

data/lib/apnotic/version.rb

@@ -1,3 +1,3 @@
 module Apnotic
-  VERSION = '1.1.0'.freeze
+  VERSION = '1.2.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apnotic
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Roberto Ostinelli
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-03-01 00:00:00.000000000 Z
+date: 2017-09-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-http2
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.15'
+        version: '0.16'
     - - "<"
       - !ruby/object:Gem::Version
         version: '2'
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.15'
+        version: '0.16'
     - - "<"
       - !ruby/object:Gem::Version
         version: '2'
@@ -108,7 +108,9 @@ files:
 - lib/apnotic.rb
 - lib/apnotic/connection.rb
 - lib/apnotic/connection_pool.rb
+- lib/apnotic/instance_cache.rb
 - lib/apnotic/notification.rb
+- lib/apnotic/provider_token.rb
 - lib/apnotic/push.rb
 - lib/apnotic/request.rb
 - lib/apnotic/response.rb