+sync-dev Thanks for picking this up, James! It'll be very exciting to have Push-enabled Send Tab on iOS.
Sync does use data, to send a "sync:collection_changed" notification via the FxA device manager. Check out https://bugzilla.mozilla.org/show_bug.cgi?id=1295348 for the Android implementation. Unfortunately, Firefox for iOS can't use Gecko. :-( It'll need to reimplement decryption ( http://searchfox.org/mozilla-central/source/dom/push/PushCrypto.jsm) in Swift. Edouard, didn't you start looking into this last summer? - kit On Thu, Feb 2, 2017 at 9:51 AM, jr conlin <[email protected]> wrote: > On 2/2/17 9:25 AM, James Hugman wrote: > > Hi, > > I'm in the process of adding APNS support to Firefox for iOS, specifically > for FxAccounts, even more specifically: for sending tabs to Firefox for iOS. > > https://youtu.be/lUYZJRlOHyw > > > My progress is in the PR attached to Bug 1333765 [1]. > > This post is long and technical with a number of questions in it. Any help > with those would be well received. > > This may end up being a FxA question, but so I've cc'd grisha on this as > well. > > -- > > I'm successfully got an APNS token from the device, and given it to > autopush, and have a valid looking response[3]. > > ``` > a63136ec4347bf8fb28932a22f096dc1a93db31e5a0f3d15fd7691fc856b1c6a > ``` > > A sample response I'm getting from autopush registration: > > ``` > { > "channelID": "493eb4a86e0b49e0809e274121a5d157", > "uaid": "7ea65fe52eac413a9613071094b9e0c8", > "secret": "72d8b8792a130e75fdd1fae5f2eaf9145a057d0089469cc7b21bb6d81d43 > 68d0", > "endpoint": "https:\/\/updates-autopush.dev.mozaws.net\/wpush\/v1\/ > gAAAAABYk0PUTBgJGYwsYX9SoiB_Z3-Xwa2Se5O8z0z3Ka7EbWMmqD9ILapac > MuKiDegAzdYJs8MKWS5G_lI1BAWnBWk-qArPriDENUg29pBsI7uKolORzQ2xsF > VlE5G0e3KPh-fA-sJ" > } > ``` > > I'm then registering the new endpoint as the `pushCallback` in the device > registration with FxA. This came from looking at the code for other > implementations[4][5][6]. > > ``` > { > "name": "Fennec (jhugman) on Rhinestone 6", > "pushCallback": "https:\/\/updates-autopush.dev.mozaws.net\/wpush\/v1\/ > gAAAAABYk0PUTBgJGYwsYX9SoiB_Z3-Xwa2Se5O8z0z3Ka7EbWMmqD9ILapac > MuKiDegAzdYJs8MKWS5G_lI1BAWnBWk-qArPriDENUg29pBsI7uKolORzQ2xsF > VlE5G0e3KPh-fA-sJ", > "type": "mobile" > } > ``` > > That is coming back from FxA as: > > ``` > { > "type": "mobile", > "id": "8d271adc25178f5a2d43c7c333d7f086", > "pushCallback": "https:\/\/updates-autopush.dev.mozaws.net\/wpush\/v1\/ > gAAAAABYk0PUTBgJGYwsYX9SoiB_Z3-Xwa2Se5O8z0z3Ka7EbWMmqD9ILapac > MuKiDegAzdYJs8MKWS5G_lI1BAWnBWk-qArPriDENUg29pBsI7uKolORzQ2xsF > VlE5G0e3KPh-fA-sJ", > "name": "Fennec (jhugman) on Rhinestone 6" > } > ``` > > I'm then stashing all that in the Keychain where other credentials and > secrets should go. > > So far so good. > > Now _should_ come the fun bit: FxA sending notifications. > > My understanding is: I get a URL from autopush which can be used to push > messages to my device. We then give that to FxA so that it can push sync > messages to my device. i.e. the device chooses the WebPush service and FxA > will use it. > > So: I'm registering ok – the conversations back and forth between the > client and various servers are happening successfully. > > I am logged in to the same account on desktop Nightly and Firefox for iOS. > > I am then trying to "Send Page to Device" via the context menu. > > I am also trying via the iOS send tab code[7]. > > Problem: the device is not receiving push notifications of any sort. > > There now follows a series of questions and questionable assumptions. > > Question: is this a cli tool I can use to a) send push notifications via > WebPush or b) sync requests fxa-client AND WebPush? > > Sort of, depends on what you want to do. > > There's a very simple WebPush data encryption library at > https://github.com/web-push-libs/pywebpush . You should be able to craft > a simple script that takes the registration info you got for your endpoint, > plus any data you want, and send it through. > > Let me know if you need help and I can put together a script that will do > that for you. > > There are also similar libraries for php and java if you're more > comfortable with those languages. > > > I have not yet implemented `pushPublicKey` and `pushAuthKey`. My > assumption is that since autopush is a transport for the push tickle, then > is not necessary to be working to get send tab working. > > Not super sure about that. Unless you do encryption, you can't send data, > period. You can send a "data free" push which is nothing more than an event > to a given channel. I don't know if push or fxa do just that, though. > > > Question: is this assumption correct? Does the FxA application require the > use of an authkey and p256dh ? > > I have more questions around crypto docs, but unless I need it right now, > I'll ask in a followup message. > > My feeling is that there are a lot of moving parts which are > cryptographically interesting here; this makes it difficult to decompose > into smaller systems. Any suggestions here would be good. > > There are, and the crypto is more than a little brain-melty. Good news, > though, is that it's also changing. Hopefully a fair bit will be at a lower > level than what you need to worry about. (If you use the gecko webpush > libs, then you should be good when the change is made to them.) One thing > to note is that if a message fails to decrypt for whatever reason, that > lower library will discard the message and not notify the associated app. > If possible, you want to enable system logging to verify that the APNs > event is triggered and the message is sent to firefox. Once that's > confirmed, a fair number of systems can be removed from suspicion. > > > Assumption: Production FxA servers know how to push > Assumption: Development/Staging/Production autopush servers know how to > Apple push. > > The autopush servers should be configured correctly. IIRC, when we rolled > out the certs, folks were able to verify that they were able to get > delivery via APNs. Not sure if that's > > > Question: are there any tools/access to dev servers that I can follow a > message going one of my devices to another? > > The autopush servers are a bit of a black box, just like the APNs servers > are. The servers do report errors fairly quickly since we hand off to APNs > almost instantly. The autopush servers cannot determine if the encryption > is valid, only if the various bits of required metadata are present. You > should be mindful of the return code and messages to make sure that things > went well (e.g. you didn't get a 201/202 response). > > > Many thanks, > > – jhugman > > [1]: https://bugzilla.mozilla.org/show_bug.cgi?id=1333765 > [2]: http://autopush.readthedocs.io/en/latest/http.html#registration > [3]: https://github.com/jrconlin/SimplePushDemoApp-iOS > [4]: https://mozilla.github.io/fxa-js-client/files/client_ > FxAccountClient.js.html > [5]: https://dxr.mozilla.org/mozilla-central/source/services/fxaccounts/ > FxAccountsClient.jsm#410 > [6]: https://dxr.mozilla.org/mozilla-central/source/mobile/ > android/services/src/main/java/org/mozilla/gecko/fxa/ > FxAccountDeviceRegistrator.java#128 > [7]: https://github.com/mozilla-mobile/firefox-ios/blob/ > a025752283cf98dc0b1b701df0a7298568b3243a/Providers/Profile.swift#L497 > [8]: https://dxr.mozilla.org/mozilla-central/source/services/fxaccounts/ > FxAccounts.jsm?q=urlsafeBase64Encode+authKey&redirect_type=single#1622 > [9]: https://dxr.mozilla.org/mozilla-central/source/dom/ > push/PushServiceAndroidGCM.jsm#241 > -- > You received this message because you are subscribed to the Google Groups > "Push Service" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > mozilla.com/d/msgid/push-service/CALcuqzsOxF2bV5RbGPxhvs1zU% > 2BaO%3DjRuWvZ4RdnSCfWhNx5VZw%40mail.gmail.com > <https://groups.google.com/a/mozilla.com/d/msgid/push-service/CALcuqzsOxF2bV5RbGPxhvs1zU%2BaO%3DjRuWvZ4RdnSCfWhNx5VZw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > > -- > You received this message because you are subscribed to the Google Groups > "Push Service" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > mozilla.com/d/msgid/push-service/1fc60b28-213c-0759- > 1b67-f46e20c4fd7f%40mozilla.com > <https://groups.google.com/a/mozilla.com/d/msgid/push-service/1fc60b28-213c-0759-1b67-f46e20c4fd7f%40mozilla.com?utm_medium=email&utm_source=footer> > . >
_______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
