webpush 0.1.6 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b5006a4c889349920fc642e5e126f9a2bb986fa8
-  data.tar.gz: cc39101673ba4b9c52aa4482e1dbb554ccb51342
+  metadata.gz: 1e5f86e721e160b17bf21789f6c9d11a5d7ac297
+  data.tar.gz: 2f484b4300166b10772c1ebd9266228e9d4cd970
 SHA512:
-  metadata.gz: 81560e7eabb65bac0fb4ce2972279654bdbcbca4719d815a40cd63994b20f59ba2430ad6835e6d5a0655df6897552344588948622399a405e9b4964bc2740b14
-  data.tar.gz: 4785dc7d17f520a0df9891dd1ada08b57e59b19e972a9308190c3025ba7491f27052b0163c5f4dfd4fb7361066539bc98b325ef47e5e81bfa0bce0bca2309cc0
+  metadata.gz: 109c269ebbc2443613635450d497c1c1c7b5f24dffa96761c987bd77fb1fec1c252e7851a1dea19ee1e3d88fdd293ee58870408dc6391d0e82a6fbb6a3e1f6d4
+  data.tar.gz: ba9f2b0d91d175fca0e462870aa36366a2cbf4cde21b91acb729c36a6b55bf1c5fa6e50f7e2c13dec2bdc13128e0d4aa6e8a0853696493104e5da5c516bf2f64

data/.travis.yml

@@ -2,3 +2,4 @@ language: ruby
 rvm:
   - 2.3.0
 before_install: gem install bundler -v 1.11.2
+script: "bundle exec rake spec"

data/README.md

@@ -1,5 +1,8 @@
 # WebPush
 
+[![Code Climate](https://codeclimate.com/github/zaru/webpush/badges/gpa.svg)](https://codeclimate.com/github/zaru/webpush)
+[![Build Status](https://travis-ci.org/zaru/webpush.svg?branch=master)](https://travis-ci.org/zaru/webpush)
+
 This Gem will send the Web Push API. It supports the encryption necessary to payload.
 
 Payload is supported by Chrome50+, Firefox48+.
@@ -22,6 +25,8 @@ Or install it yourself as:
 
 ## Usage
 
+### using the payload
+
 ```ruby
 message = {
   title: "title",
@@ -30,14 +35,23 @@ message = {
 }
 
 Webpush.payload_send(
-  message: JSON.generate(message),
   endpoint: "https://android.googleapis.com/gcm/send/eah7hak....",
+  message: JSON.generate(message),
   p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
   auth: "aW1hcmthcmFpa3V6ZQ==",
   api_key: "[GoogleDeveloper APIKEY]" # optional, not used in Firefox.
 )
 ```
 
+### not use the payload
+
+```ruby
+Webpush.payload_send(
+  endpoint: "https://android.googleapis.com/gcm/send/eah7hak....",
+  api_key: "[GoogleDeveloper APIKEY]" # optional, not used in Firefox.
+)
+```
+
 ### ServiceWorker sample
 
 see. https://github.com/zaru/web-push-sample

data/Rakefile

@@ -3,4 +3,4 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/bin/rspec

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/lib/webpush/encryption.rb

@@ -3,6 +3,8 @@ module Webpush
     extend self
 
     def encrypt(message, p256dh, auth)
+      assert_arguments(message, p256dh, auth)
+
       group_name = "prime256v1"
       salt = Random.new.bytes(16)
 
@@ -18,15 +20,15 @@ module Webpush
 
       client_auth_token = Base64.urlsafe_decode64(auth)
 
-      prk = HKDF.new(shared_secret, :salt => client_auth_token, :algorithm => 'SHA256', :info => "Content-Encoding: auth\0").next_bytes(32)
+      prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: "Content-Encoding: auth\0").next_bytes(32)
 
       context = create_context(client_public_key_bn, server_public_key_bn)
 
       content_encryption_key_info = create_info('aesgcm', context)
-      content_encryption_key = HKDF.new(prk, :salt => salt, :info => content_encryption_key_info).next_bytes(16)
+      content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).next_bytes(16)
 
       nonce_info = create_info('nonce', context)
-      nonce = HKDF.new(prk, :salt => salt, :info => nonce_info).next_bytes(12)
+      nonce = HKDF.new(prk, salt: salt, info: nonce_info).next_bytes(12)
 
       ciphertext = encrypt_payload(message, content_encryption_key, nonce)
 
@@ -40,9 +42,9 @@ module Webpush
 
     private
 
-    def create_context(clientPublicKey, serverPublicKey)
-      c = convert16bit(clientPublicKey)
-      s = convert16bit(serverPublicKey)
+    def create_context(client_public_key, server_public_key)
+      c = convert16bit(client_public_key)
+      s = convert16bit(server_public_key)
       context = "\0"
       context += [c.bytesize].pack("n*")
       context += c
@@ -77,5 +79,15 @@ module Webpush
     def convert16bit(key)
       [key.to_s(16)].pack("H*")
     end
+
+    def assert_arguments(message, p256dh, auth)
+      raise ArgumentError, "message cannot be blank" if blank?(message)
+      raise ArgumentError, "p256dh cannot be blank" if blank?(p256dh)
+      raise ArgumentError, "auth cannot be blank" if blank?(auth)
+    end
+
+    def blank?(value)
+      value.nil? || value.empty?
+    end
   end
 end

data/lib/webpush/request.rb

@@ -0,0 +1,75 @@
+module Webpush
+  class Request
+    def initialize(endpoint, options = {})
+      @endpoint = endpoint
+      @options = default_options.merge(options)
+      @payload = @options.delete(:payload) || {}
+    end
+
+    def perform
+      uri = URI.parse(@endpoint)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      req = Net::HTTP::Post.new(uri.request_uri, headers)
+      req.body = body
+      res = http.request(req)
+      res.code == "201"
+    rescue
+      false
+    end
+
+    def headers
+      headers = {}
+      headers["Content-Type"] = "application/octet-stream"
+      headers["Ttl"]          = ttl
+
+      if encrypted_payload?
+        headers["Content-Encoding"] = "aesgcm"
+        headers["Encryption"] = "salt=#{salt_param}"
+        headers["Crypto-Key"] = "dh=#{dh_param}"
+      end
+
+      headers["Authorization"] = "key=#{api_key}" if api_key?
+
+      headers
+    end
+
+    def body
+      @payload.fetch(:ciphertext, "")
+    end
+
+    private
+
+    def ttl
+      @options.fetch(:ttl).to_s
+    end
+
+    def api_key
+      @options.fetch(:api_key, nil)
+    end
+
+    def api_key?
+      !(api_key.nil? || api_key.empty?)
+    end
+
+    def encrypted_payload?
+      [:ciphertext, :server_public_key_bn, :salt].all? { |key| @payload.has_key?(key) }
+    end
+
+    def dh_param
+      Base64.urlsafe_encode64(@payload.fetch(:server_public_key_bn)).delete('=')
+    end
+
+    def salt_param
+      Base64.urlsafe_encode64(@payload.fetch(:salt)).delete('=')
+    end
+
+    def default_options
+      {
+        api_key: nil,
+        ttl: 60*60*24*7*4 # 4 weeks
+      }
+    end
+  end
+end

data/lib/webpush/version.rb

@@ -1,3 +1,3 @@
 module Webpush
-  VERSION = "0.1.6"
+  VERSION = "0.2.0"
 end

data/lib/webpush.rb

@@ -6,6 +6,7 @@ require 'json'
 
 require 'webpush/version'
 require 'webpush/encryption'
+require 'webpush/request'
 
 module Webpush
 
@@ -14,36 +15,31 @@ module Webpush
   TEMP_GCM_URL = 'https://gcm-http.googleapis.com/gcm'
 
   class << self
-    def payload_send(message:, endpoint:, p256dh:, auth:, api_key: "")
+    # Deliver the payload to the required endpoint given by the JavaScript
+    # PushSubscription. Including an optional message requires p256dh and
+    # auth keys from the PushSubscription.
+    #
+    # @param endpoint [String] the required PushSubscription url
+    # @param message [String] the optional payload
+    # @param p256dh [String] the user's public ECDH key given by the PushSubscription
+    # @param auth [String] the user's private ECDH key given by the PushSubscription
+    # @param options [Hash<Symbol,String>] additional options for the notification
+    # @option options [String] :api_key required for Google, omit for Firefox
+    # @option options [#to_s] :ttl Time-to-live in seconds
+    def payload_send(endpoint:, message: "", p256dh: "", auth: "", **options)
       endpoint = endpoint.gsub(GCM_URL, TEMP_GCM_URL)
 
-      payload = Webpush::Encryption.encrypt(message, p256dh, auth)
-      push_server_post(endpoint, payload, api_key)
+      payload = build_payload(message, p256dh, auth)
+
+      Webpush::Request.new(endpoint, options.merge(payload: payload)).perform
     end
 
     private
 
-    def push_server_post(endpoint, payload, api_key = "")
-      begin
-        uri = URI.parse(endpoint)
-        http = Net::HTTP.new(uri.host, uri.port)
-        http.use_ssl = true
-        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-        header = {
-            "Content-Type" => "application/octet-stream",
-            "Content-Encoding" => "aesgcm",
-            "Encryption" => "salt=#{Base64.urlsafe_encode64(payload[:salt]).delete('=')}",
-            "Crypto-Key" => "dh=#{Base64.urlsafe_encode64(payload[:server_public_key_bn]).delete('=')}",
-            "Ttl"        => "2419200"
-        }
-        header["Authorization"] = "key=#{api_key}" unless api_key.empty?
-        req = Net::HTTP::Post.new(uri.request_uri, header)
-        req.body = payload[:ciphertext]
-        res = http.request(req)
-        return ("201" == res.code) ? true : false
-      rescue
-        return false
-      end
+    def build_payload(message, p256dh, auth)
+      return {} if message.nil? || message.empty?
+
+      Webpush::Encryption.encrypt(message, p256dh, auth)
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: webpush
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.2.0
 platform: ruby
 authors:
 - zaru@sakuraba
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-05-12 00:00:00.000000000 Z
+date: 2016-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hkdf
@@ -123,9 +123,11 @@ files:
 - Rakefile
 - bin/console
 - bin/rake
+- bin/rspec
 - bin/setup
 - lib/webpush.rb
 - lib/webpush/encryption.rb
+- lib/webpush/request.rb
 - lib/webpush/version.rb
 - webpush.gemspec
 homepage: https://github.com/zaru/webpush