web-push 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a165b29c06bb5d9a9aab0b65de25bd913ef7926909773485e97f0778bda4299d
+  data.tar.gz: c3f9727392a4049e27ac6bf83718749d5110cd290fa37718ee5b988d2c9c16e3
+SHA512:
+  metadata.gz: ca5db1201aa140ed1abe235d217183270b8b171d8b368ea7b5392c9cb04a2bf923c1c0e468788e1c2846dbd5c38bc32af53d427dbf307193ccaa00efbf6dd7d6
+  data.tar.gz: 8f179fd84cc0bd0f9e4899353d95af62e9e716552ae0bec86cdc7be2782056fcfb08b06a7efd3297e7468f1bb72ab6f5b16a29e31fc5ed0eb615117e790b8885

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+.idea/

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.rubocop.yml

@@ -0,0 +1,30 @@
+require: rubocop-performance
+
+AllCops:
+  Exclude:
+    - 'bin/**/*'
+
+Metrics/AbcSize:
+  Max: 20
+
+Metrics/ClassLength:
+  Max: 100
+
+Metrics/ModuleLength:
+  Max: 100
+
+Metrics/LineLength:
+  Enabled: false
+
+Metrics/BlockLength:
+  Exclude:
+    - spec/**/*_spec.rb
+
+Lint/AmbiguousBlockAssociation:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/IndentHeredoc:
+  Enabled: false

data/.travis.yml

@@ -0,0 +1,24 @@
+env:
+  global:
+    - CC_TEST_REPORTER_ID=155202524386dfebe0c3267a5c868b5417ff4cc2cde8ed301fb36b177d46a458
+language: ruby
+rvm:
+  - 2.2
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
+  - 2.7
+before_install:
+  - gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
+  - gem install bundler -v 1.17.3
+before_script:
+  - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
+  - chmod +x ./cc-test-reporter
+  - ./cc-test-reporter before-build
+script: "bundle exec rake spec"
+after_script:
+- ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
+addons:
+  code_climate:
+    repo_token: 155202524386dfebe0c3267a5c868b5417ff4cc2cde8ed301fb36b177d46a458

data/CHANGELOG.md

@@ -0,0 +1,183 @@
+# Changelog
+
+## [v1.1.0](https://github.com/zaru/webpush/tree/v1.1.0) (2020-11-16)
+
+[Full Changelog](https://github.com/zaru/webpush/compare/v1.0.0...v1.1.0)
+
+**Merged pull requests:**
+
+- Eliminate Ruby 2.7 warnings. [\#95](https://github.com/zaru/webpush/pull/95) ([morgoth](https://github.com/morgoth))
+- set minimum ruby version is 2.2 [\#94](https://github.com/zaru/webpush/pull/94) ([Wolfer](https://github.com/Wolfer))
+- Add proxy support [\#93](https://github.com/zaru/webpush/pull/93) ([Bugagazavr](https://github.com/Bugagazavr))
+- fix syntax error [\#91](https://github.com/zaru/webpush/pull/91) ([tonytonyjan](https://github.com/tonytonyjan))
+- change dependency gem versions [\#88](https://github.com/zaru/webpush/pull/88) ([zaru](https://github.com/zaru))
+
+## [v1.0.0](https://github.com/zaru/webpush/tree/v1.0.0) (2019-08-15)
+
+A stable version 1.0.0 has been released.
+
+Thanks @mohamedhafez, @mplatov and @MedetaiAkaru for everything!
+
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.8...v1.0.0)
+
+**Merged pull requests:**
+
+- switch to aes128gcm encoding [\#84](https://github.com/zaru/webpush/pull/84) ([mohamedhafez](https://github.com/mohamedhafez))
+- Fixed fcm spec [\#77](https://github.com/zaru/webpush/pull/77) ([zaru](https://github.com/zaru))
+- add fcm endpoints [\#76](https://github.com/zaru/webpush/pull/76) ([MedetaiAkaru](https://github.com/MedetaiAkaru))
+- Add Rubocop and fix [\#74](https://github.com/zaru/webpush/pull/74) ([zaru](https://github.com/zaru))
+- Fix TravisCI bundler version [\#73](https://github.com/zaru/webpush/pull/73) ([zaru](https://github.com/zaru))
+
+## [v0.3.8](https://github.com/zaru/webpush/tree/v0.3.8) (2019-04-16)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.7...v0.3.8)
+
+**Merged pull requests:**
+
+- Fix authorization header [\#72](https://github.com/zaru/webpush/pull/72) ([xronos-i-am](https://github.com/xronos-i-am))
+
+## [v0.3.7](https://github.com/zaru/webpush/tree/v0.3.7) (2019-03-06)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.6...v0.3.7)
+
+**Merged pull requests:**
+
+- Add PEM support to import / export keys [\#65](https://github.com/zaru/webpush/pull/65) ([collimarco](https://github.com/collimarco))
+
+## [v0.3.6](https://github.com/zaru/webpush/tree/v0.3.6) (2019-01-09)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.5...v0.3.6)
+
+**Merged pull requests:**
+
+- Added a error class to arguments of raise\_error [\#62](https://github.com/zaru/webpush/pull/62) ([zaru](https://github.com/zaru))
+- Fix TravisCI bundler version [\#61](https://github.com/zaru/webpush/pull/61) ([zaru](https://github.com/zaru))
+- Raise Webpush::Unauthorized on HTTP 403 [\#59](https://github.com/zaru/webpush/pull/59) ([collimarco](https://github.com/collimarco))
+
+## [v0.3.5](https://github.com/zaru/webpush/tree/v0.3.5) (2019-01-02)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.4...v0.3.5)
+
+**Merged pull requests:**
+
+- Fix \#55 and \#51: raise the proper error based on the HTTP status code [\#58](https://github.com/zaru/webpush/pull/58) ([collimarco](https://github.com/collimarco))
+- Add urgency option [\#57](https://github.com/zaru/webpush/pull/57) ([collimarco](https://github.com/collimarco))
+- Add Rake task to generate VAPID keys [\#54](https://github.com/zaru/webpush/pull/54) ([stevenharman](https://github.com/stevenharman))
+
+## [v0.3.4](https://github.com/zaru/webpush/tree/v0.3.4) (2018-05-25)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.3...v0.3.4)
+
+**Merged pull requests:**
+
+- add http timeout options [\#50](https://github.com/zaru/webpush/pull/50) ([aishek](https://github.com/aishek))
+
+## [v0.3.3](https://github.com/zaru/webpush/tree/v0.3.3) (2017-11-06)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.2...v0.3.3)
+
+**Merged pull requests:**
+
+- Add typ to JWT header fields [\#46](https://github.com/zaru/webpush/pull/46) ([ykzts](https://github.com/ykzts))
+- Specify the version of JWT strictly [\#45](https://github.com/zaru/webpush/pull/45) ([ykzts](https://github.com/ykzts))
+
+## [v0.3.2](https://github.com/zaru/webpush/tree/v0.3.2) (2017-07-01)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.1...v0.3.2)
+
+**Merged pull requests:**
+
+- feat: improve response error codes [\#39](https://github.com/zaru/webpush/pull/39) ([glennr](https://github.com/glennr))
+- Update README.md [\#38](https://github.com/zaru/webpush/pull/38) ([kitaindia](https://github.com/kitaindia))
+- Fix code example: Add close bracket [\#37](https://github.com/zaru/webpush/pull/37) ([kuranari](https://github.com/kuranari))
+- fix code in README [\#36](https://github.com/zaru/webpush/pull/36) ([kuranari](https://github.com/kuranari))
+- Minor fix in README: Close code blocks [\#32](https://github.com/zaru/webpush/pull/32) ([nicolas-fricke](https://github.com/nicolas-fricke))
+- Copy edits for README clarifying GCM requirements [\#30](https://github.com/zaru/webpush/pull/30) ([rossta](https://github.com/rossta))
+- Adding VAPID documentation [\#28](https://github.com/zaru/webpush/pull/28) ([rossta](https://github.com/rossta))
+
+## [v0.3.1](https://github.com/zaru/webpush/tree/v0.3.1) (2016-10-24)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.3.0...v0.3.1)
+
+**Merged pull requests:**
+
+- Bug fix invalid base64 [\#29](https://github.com/zaru/webpush/pull/29) ([rossta](https://github.com/rossta))
+- Clarify VAPID usage further in README [\#27](https://github.com/zaru/webpush/pull/27) ([rossta](https://github.com/rossta))
+
+## [v0.3.0](https://github.com/zaru/webpush/tree/v0.3.0) (2016-10-14)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.5...v0.3.0)
+
+**Merged pull requests:**
+
+- Implement VAPID authorization [\#26](https://github.com/zaru/webpush/pull/26) ([rossta](https://github.com/rossta))
+
+## [v0.2.5](https://github.com/zaru/webpush/tree/v0.2.5) (2016-09-14)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.4...v0.2.5)
+
+**Merged pull requests:**
+
+- api key only needed for old google apis [\#24](https://github.com/zaru/webpush/pull/24) ([mohamedhafez](https://github.com/mohamedhafez))
+
+## [v0.2.4](https://github.com/zaru/webpush/tree/v0.2.4) (2016-08-29)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.3...v0.2.4)
+
+**Merged pull requests:**
+
+- VERIFY\_PEER by default - no need for a cert\_store option [\#20](https://github.com/zaru/webpush/pull/20) ([mohamedhafez](https://github.com/mohamedhafez))
+
+## [v0.2.3](https://github.com/zaru/webpush/tree/v0.2.3) (2016-06-19)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.2...v0.2.3)
+
+**Merged pull requests:**
+
+- detect and handle response errors [\#18](https://github.com/zaru/webpush/pull/18) ([mohamedhafez](https://github.com/mohamedhafez))
+
+## [v0.2.2](https://github.com/zaru/webpush/tree/v0.2.2) (2016-06-13)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.1...v0.2.2)
+
+**Merged pull requests:**
+
+- Don't include API key for firefox or other browsers [\#16](https://github.com/zaru/webpush/pull/16) ([mohamedhafez](https://github.com/mohamedhafez))
+- Option to specify a cert store [\#15](https://github.com/zaru/webpush/pull/15) ([mohamedhafez](https://github.com/mohamedhafez))
+- show ttl option in README [\#14](https://github.com/zaru/webpush/pull/14) ([mohamedhafez](https://github.com/mohamedhafez))
+
+## [v0.2.1](https://github.com/zaru/webpush/tree/v0.2.1) (2016-05-23)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.2.0...v0.2.1)
+
+**Merged pull requests:**
+
+- Make the response more detailed. [\#10](https://github.com/zaru/webpush/pull/10) ([kevinjom](https://github.com/kevinjom))
+
+## [v0.2.0](https://github.com/zaru/webpush/tree/v0.2.0) (2016-05-16)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.6...v0.2.0)
+
+**Merged pull requests:**
+
+- Make message payload optional [\#8](https://github.com/zaru/webpush/pull/8) ([rossta](https://github.com/rossta))
+- Add specs [\#7](https://github.com/zaru/webpush/pull/7) ([rossta](https://github.com/rossta))
+
+## [v0.1.6](https://github.com/zaru/webpush/tree/v0.1.6) (2016-05-12)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.5...v0.1.6)
+
+**Merged pull requests:**
+
+- Add rake binstub [\#6](https://github.com/zaru/webpush/pull/6) ([rossta](https://github.com/rossta))
+- Add syntax highlighting to README snippets [\#5](https://github.com/zaru/webpush/pull/5) ([rossta](https://github.com/rossta))
+- Extract encryption module [\#4](https://github.com/zaru/webpush/pull/4) ([rossta](https://github.com/rossta))
+- Add some happy case specs [\#3](https://github.com/zaru/webpush/pull/3) ([waheedel](https://github.com/waheedel))
+
+## [v0.1.5](https://github.com/zaru/webpush/tree/v0.1.5) (2016-04-29)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.4...v0.1.5)
+
+**Merged pull requests:**
+
+- add Ttl header parameter [\#1](https://github.com/zaru/webpush/pull/1) ([shouta-dev](https://github.com/shouta-dev))
+
+## [v0.1.4](https://github.com/zaru/webpush/tree/v0.1.4) (2016-04-27)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.3...v0.1.4)
+
+## [v0.1.3](https://github.com/zaru/webpush/tree/v0.1.3) (2016-04-13)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.2...v0.1.3)
+
+## [v0.1.2](https://github.com/zaru/webpush/tree/v0.1.2) (2016-04-12)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.1...v0.1.2)
+
+## [v0.1.1](https://github.com/zaru/webpush/tree/v0.1.1) (2016-03-31)
+[Full Changelog](https://github.com/zaru/webpush/compare/v0.1.0...v0.1.1)
+
+## [v0.1.0](https://github.com/zaru/webpush/tree/v0.1.0) (2016-03-31)
+
+
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in webpush.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+Copyright (c) 2016 Hiroyuki Sakuraba
+Copyright (c) 2022 Marco Colli, Pushpad (https://pushpad.xyz)
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,356 @@
+# WebPush
+
+[![Code Climate](https://codeclimate.com/github/zaru/webpush/badges/gpa.svg)](https://codeclimate.com/github/zaru/webpush)
+[![Test Coverage](https://codeclimate.com/github/zaru/webpush/badges/coverage.svg)](https://codeclimate.com/github/zaru/webpush/coverage)
+[![Build Status](https://travis-ci.org/zaru/webpush.svg?branch=master)](https://travis-ci.org/zaru/webpush)
+[![Gem Version](https://badge.fury.io/rb/webpush.svg)](https://badge.fury.io/rb/webpush)
+
+This gem makes it possible to send push messages to web browsers from Ruby backends using the [Web Push Protocol](https://tools.ietf.org/html/draft-ietf-webpush-protocol-10). It supports [Message Encryption for Web Push](https://tools.ietf.org/html/draft-ietf-webpush-encryption) to send messages securely from server to user agent.
+
+Payload is supported by Chrome 50+, Firefox 48+, Edge 79+.
+
+[webpush Demo app here (building by Sinatra app).](https://github.com/zaru/webpush_demo_ruby)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'web-push'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install web-push
+
+## Usage
+
+Sending a web push message to a visitor of your website requires a number of steps:
+
+1. Your server has (optionally) generated (one-time) a set of [Voluntary Application server Identification (VAPID)](https://tools.ietf.org/html/draft-ietf-webpush-vapid-01) keys. Otherwise, to send messages through Chrome, you have registered your site through the [Google Developer Console](https://console.developers.google.com/) and have obtained a GCM sender id and GCM API key from your app settings.
+2. A `manifest.json` file, linked from your user's page, identifies your app settings.
+3. Also in the user's web browser, a `serviceWorker` is installed and activated and its `pushManager` property is subscribed to push events with your VAPID public key, with creates a `subscription` JSON object on the client side.
+4. Your server uses the `web-push` gem to send a notification with the `subscription` obtained from the client and an optional payload (the message).
+5. Your service worker is set up to receive `'push'` events. To trigger a desktop notification, the user has accepted the prompt to receive notifications from your site.
+
+### Generating VAPID keys
+
+Use `web-push` to generate a VAPID key that has both a `public_key` and `private_key` attribute to be saved on the server side.
+
+```ruby
+# One-time, on the server
+vapid_key = WebPush.generate_key
+
+# Save these in your application server settings
+vapid_key.public_key
+vapid_key.private_key
+
+# Or you can save in PEM format if you prefer
+vapid_key.to_pem
+```
+
+### Declaring manifest.json
+
+Check out the [Web Manifest docs](https://developer.mozilla.org/en-US/docs/Web/Manifest) for details on what to include in your `manifest.json` file. If using VAPID, no app credentials are needed.
+
+```javascript
+{
+  "name": "My Website"
+}
+```
+For Chrome web push, add the GCM sender id to a `manifest.json`.
+
+```javascript
+{
+  "name": "My Website",
+  "gcm_sender_id": "1006629465533"
+}
+```
+
+The file is served within the scope of your service worker script, like at the root, and link to it somewhere in the `<head>` tag:
+
+```html
+<!-- index.html -->
+<link rel="manifest" href="/manifest.json" />
+```
+
+### Installing a service worker
+
+Your application javascript must register a service worker script at an appropriate scope (we're sticking with the root).
+
+```javascript
+// application.js
+// Register the serviceWorker script at /serviceworker.js from your server if supported
+if (navigator.serviceWorker) {
+  navigator.serviceWorker.register('/serviceworker.js')
+  .then(function(reg) {
+     console.log('Service worker change, registered the service worker');
+  });
+}
+// Otherwise, no push notifications :(
+else {
+  console.error('Service worker is not supported in this browser');
+}
+```
+
+### Subscribing to push notifications
+
+#### With VAPID
+
+The VAPID public key you generated earlier is made available to the client as a `UInt8Array`. To do this, one way would be to expose the urlsafe-decoded bytes from Ruby to JavaScript when rendering the HTML template. (Global variables used here for simplicity).
+
+```javascript
+window.vapidPublicKey = new Uint8Array(<%= Base64.urlsafe_decode64(ENV['VAPID_PUBLIC_KEY']).bytes %>);
+```
+
+Your application javascript uses the `navigator.serviceWorker.pushManager` to subscribe to push notifications, passing the VAPID public key to the subscription settings.
+
+```javascript
+// application.js
+// When serviceWorker is supported, installed, and activated,
+// subscribe the pushManager property with the vapidPublicKey
+navigator.serviceWorker.ready.then((serviceWorkerRegistration) => {
+  serviceWorkerRegistration.pushManager
+  .subscribe({
+    userVisibleOnly: true,
+    applicationServerKey: window.vapidPublicKey
+  });
+});
+```
+
+#### Without VAPID
+
+If you will not be sending VAPID details, then there is no need generate VAPID keys, and the `applicationServerKey` parameter may be omitted from the `pushManager.subscribe` call.
+
+```javascript
+// application.js
+// When serviceWorker is supported, installed, and activated,
+// subscribe the pushManager property with the vapidPublicKey
+navigator.serviceWorker.ready.then((serviceWorkerRegistration) => {
+  serviceWorkerRegistration.pushManager
+  .subscribe({
+    userVisibleOnly: true
+  });
+});
+```
+
+### Triggering a web push notification
+
+Hook into an client-side or backend event in your app to deliver a push message. The server must be made aware of the `subscription`. In the example below, we send the JSON generated subscription object to our backend at the "/push" endpoint with a message.
+
+```javascript
+// application.js
+// Send the subscription and message from the client for the backend
+// to set up a push notification
+$(".web-push-button").on("click", (e) => {
+  navigator.serviceWorker.ready
+  .then((serviceWorkerRegistration) => {
+    serviceWorkerRegistration.pushManager.getSubscription()
+    .then((subscription) => {
+      $.post("/push", { subscription: subscription.toJSON(), message: "You clicked a button!" });
+    });
+  });
+});
+```
+
+Imagine a Ruby app endpoint that responds to the request by triggering notification through the `web-push` gem.
+
+```ruby
+# app.rb
+# Use the web-push gem API to deliver a push notiifcation merging
+# the message, subscription values, and vapid options
+post "/push" do
+  WebPush.payload_send(
+    message: params[:message],
+    endpoint: params[:subscription][:endpoint],
+    p256dh: params[:subscription][:keys][:p256dh],
+    auth: params[:subscription][:keys][:auth],
+    vapid: {
+      subject: "mailto:sender@example.com",
+      public_key: ENV['VAPID_PUBLIC_KEY'],
+      private_key: ENV['VAPID_PRIVATE_KEY']
+    },
+    ssl_timeout: 5, # value for Net::HTTP#ssl_timeout=, optional
+    open_timeout: 5, # value for Net::HTTP#open_timeout=, optional
+    read_timeout: 5 # value for Net::HTTP#read_timeout=, optional
+  )
+end
+```
+
+Note: the VAPID options should be omitted if the client-side subscription was
+generated without the `applicationServerKey` parameter described earlier. You
+would instead pass the GCM api key along with the api request as shown in the
+Usage section below.
+
+### Receiving the push event
+
+Your `/serviceworker.js` script may respond to `'push'` events. One action it can take is to trigger desktop notifications by calling `showNotification` on the `registration` property.
+
+```javascript
+// serviceworker.js
+// The serviceworker context can respond to 'push' events and trigger
+// notifications on the registration property
+self.addEventListener("push", (event) => {
+  let title = (event.data && event.data.text()) || "Yay a message";
+  let body = "We have received a push message";
+  let tag = "push-simple-demo-notification-tag";
+  let icon = '/assets/my-logo-120x120.png';
+
+  event.waitUntil(
+    self.registration.showNotification(title, { body, icon, tag })
+  )
+});
+```
+
+Before the notifications can be displayed, the user must grant permission for [notifications](https://developer.mozilla.org/en-US/docs/Web/API/notification) in a browser prompt, using something like the example below.
+
+```javascript
+// application.js
+
+// Let's check if the browser supports notifications
+if (!("Notification" in window)) {
+  console.error("This browser does not support desktop notification");
+}
+
+// Let's check whether notification permissions have already been granted
+else if (Notification.permission === "granted") {
+  console.log("Permission to receive notifications has been granted");
+}
+
+// Otherwise, we need to ask the user for permission
+else if (Notification.permission !== 'denied') {
+  Notification.requestPermission(function (permission) {
+    // If the user accepts, let's create a notification
+    if (permission === "granted") {
+      console.log("Permission to receive notifications has been granted");
+    }
+  });
+}
+```
+
+If everything worked, you should see a desktop notification triggered via web
+push. Yay!
+
+Note: if you're using Rails, check out [serviceworker-rails](https://github.com/rossta/serviceworker-rails), a gem that makes it easier to host serviceworker scripts and manifest.json files at canonical endpoints (i.e., non-digested URLs) while taking advantage of the asset pipeline.
+
+## API
+
+### With a payload
+
+```ruby
+message = {
+  title: "title",
+  body: "body",
+  icon: "http://example.com/icon.pn"
+}
+
+WebPush.payload_send(
+  endpoint: "https://fcm.googleapis.com/gcm/send/eah7hak....",
+  message: JSON.generate(message),
+  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
+  auth: "aW1hcmthcmFpa3V6ZQ==",
+  ttl: 600, # optional, ttl in seconds, defaults to 2419200 (4 weeks)
+  urgency: 'normal' # optional, it can be very-low, low, normal, high, defaults to normal
+)
+```
+
+### Without a payload
+
+```ruby
+WebPush.payload_send(
+  endpoint: "https://fcm.googleapis.com/gcm/send/eah7hak....",
+  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
+  auth: "aW1hcmthcmFpa3V6ZQ=="
+)
+```
+
+### With VAPID
+
+VAPID details are given as a hash with `:subject`, `:public_key`, and
+`:private_key`. The `:subject` is a contact URI for the application server as either a "mailto:" or an "https:" address. The `:public_key` and `:private_key` should be passed as the base64-encoded values generated with `WebPush.generate_key`.
+
+```ruby
+WebPush.payload_send(
+  endpoint: "https://fcm.googleapis.com/gcm/send/eah7hak....",
+  message: "A message",
+  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
+  auth: "aW1hcmthcmFpa3V6ZQ==",
+  vapid: {
+    subject: "mailto:sender@example.com",
+    public_key: ENV['VAPID_PUBLIC_KEY'],
+    private_key: ENV['VAPID_PRIVATE_KEY']
+  }
+)
+```
+
+### With VAPID in PEM format
+
+This library also supports the PEM format for the VAPID keys:
+
+```ruby
+WebPush.payload_send(
+  endpoint: "https://fcm.googleapis.com/gcm/send/eah7hak....",
+  message: "A message",
+  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
+  auth: "aW1hcmthcmFpa3V6ZQ==",
+  vapid: {
+    subject: "mailto:sender@example.com"
+    pem: ENV['VAPID_KEYS']
+  }
+)
+```
+
+### With GCM api key
+
+```ruby
+WebPush.payload_send(
+  endpoint: "https://fcm.googleapis.com/gcm/send/eah7hak....",
+  message: "A message",
+  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
+  auth: "aW1hcmthcmFpa3V6ZQ==",
+  api_key: "<GCM API KEY>"
+)
+```
+
+### ServiceWorker sample
+
+see. https://github.com/zaru/web-push-sample
+
+p256dh and auth generate sample code.
+
+```javascript
+navigator.serviceWorker.ready.then(function(sw) {
+  Notification.requestPermission(function(permission) {
+    if(permission !== 'denied') {
+      sw.pushManager.subscribe({userVisibleOnly: true}).then(function(s) {
+        var data = {
+          endpoint: s.endpoint,
+          p256dh: btoa(String.fromCharCode.apply(null, new Uint8Array(s.getKey('p256dh')))).replace(/\+/g, '-').replace(/\//g, '_'),
+          auth: btoa(String.fromCharCode.apply(null, new Uint8Array(s.getKey('auth')))).replace(/\+/g, '-').replace(/\//g, '_')
+        }
+        console.log(data);
+      });
+    }
+  });
+});
+```
+
+payloads received sample code.
+
+```javascript
+self.addEventListener("push", function(event) {
+  var json = event.data.json();
+  self.registration.showNotification(json.title, {
+    body: json.body,
+    icon: json.icon
+  });
+});
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/zaru/webpush.

data/Rakefile

@@ -0,0 +1,8 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec
+
+import './lib/tasks/web_push.rake'

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "web_push"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start