Support new Apple Token Based Authentication (JWT) (#300)

* Support new Apple Token Based Authentication (JWT) Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> * fix testing Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-10-25 03:49:23 -05:00
parent 461a57ec9a
commit c06e819e08
9 changed files with 83 additions and 15 deletions
--- a/gorush/global.go
+++ b/gorush/global.go
@@ -1,13 +1,11 @@
 package gorush

 import (
-	"crypto/tls"
-
 	"github.com/appleboy/gorush/config"
 	"github.com/appleboy/gorush/storage"

 	"github.com/appleboy/go-fcm"
-	apns "github.com/sideshow/apns2"
+	"github.com/sideshow/apns2"
 	"github.com/sirupsen/logrus"
 )

@@ -16,10 +14,8 @@ var (
 	PushConf config.ConfYaml
 	// QueueNotification is chan type
 	QueueNotification chan PushNotification
-	// CertificatePemIos is ios certificate file
-	CertificatePemIos tls.Certificate
 	// ApnsClient is apns client
-	ApnsClient *apns.Client
+	ApnsClient *apns2.Client
 	// FCMClient is apns client
 	FCMClient *fcm.Client
 	// LogAccess is log server request log
--- a/gorush/notification_apns.go
+++ b/gorush/notification_apns.go
@@ -1,26 +1,33 @@
 package gorush

 import (
+	"crypto/ecdsa"
+	"crypto/tls"
 	"errors"
 	"path/filepath"
 	"time"

-	apns "github.com/sideshow/apns2"
+	"github.com/sideshow/apns2"
 	"github.com/sideshow/apns2/certificate"
 	"github.com/sideshow/apns2/payload"
+	"github.com/sideshow/apns2/token"
 )

 // InitAPNSClient use for initialize APNs Client.
 func InitAPNSClient() error {
 	if PushConf.Ios.Enabled {
 		var err error
+		var authKey *ecdsa.PrivateKey
+		var certificateKey tls.Certificate
 		ext := filepath.Ext(PushConf.Ios.KeyPath)

 		switch ext {
 		case ".p12":
-			CertificatePemIos, err = certificate.FromP12File(PushConf.Ios.KeyPath, PushConf.Ios.Password)
+			certificateKey, err = certificate.FromP12File(PushConf.Ios.KeyPath, PushConf.Ios.Password)
 		case ".pem":
-			CertificatePemIos, err = certificate.FromPemFile(PushConf.Ios.KeyPath, PushConf.Ios.Password)
+			certificateKey, err = certificate.FromPemFile(PushConf.Ios.KeyPath, PushConf.Ios.Password)
+		case ".p8":
+			authKey, err = token.AuthKeyFromFile(PushConf.Ios.KeyPath)
 		default:
 			err = errors.New("wrong certificate key extension")
 		}
@@ -31,10 +38,25 @@ func InitAPNSClient() error {
 			return err
 		}

-		if PushConf.Ios.Production {
-			ApnsClient = apns.NewClient(CertificatePemIos).Production()
+		if ext == ".p8" && PushConf.Ios.KeyID != "" && PushConf.Ios.TeamID != "" {
+			token := &token.Token{
+				AuthKey: authKey,
+				// KeyID from developer account (Certificates, Identifiers & Profiles -> Keys)
+				KeyID: PushConf.Ios.KeyID,
+				// TeamID from developer account (View Account -> Membership)
+				TeamID: PushConf.Ios.TeamID,
+			}
+			if PushConf.Ios.Production {
+				ApnsClient = apns2.NewTokenClient(token).Production()
+			} else {
+				ApnsClient = apns2.NewTokenClient(token).Development()
+			}
 		} else {
-			ApnsClient = apns.NewClient(CertificatePemIos).Development()
+			if PushConf.Ios.Production {
+				ApnsClient = apns2.NewClient(certificateKey).Production()
+			} else {
+				ApnsClient = apns2.NewClient(certificateKey).Development()
+			}
 		}
 	}

@@ -101,8 +123,8 @@ func iosAlertDictionary(payload *payload.Payload, req PushNotification) *payload
 // GetIOSNotification use for define iOS notification.
 // The iOS Notification Payload
 // ref: https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/PayloadKeyReference.html#//apple_ref/doc/uid/TP40008194-CH17-SW1
-func GetIOSNotification(req PushNotification) *apns.Notification {
-	notification := &apns.Notification{
+func GetIOSNotification(req PushNotification) *apns2.Notification {
+	notification := &apns2.Notification{
 		ApnsID: req.ApnsID,
 		Topic:  req.Topic,
 	}
@@ -112,7 +134,7 @@ func GetIOSNotification(req PushNotification) *apns.Notification {
 	}

 	if len(req.Priority) > 0 && req.Priority == "normal" {
-		notification.Priority = apns.PriorityLow
+		notification.Priority = apns2.PriorityLow
 	}

 	payload := payload.NewPayload()
--- a/gorush/notification_apns_test.go
+++ b/gorush/notification_apns_test.go
@@ -412,6 +412,30 @@ func TestAPNSClientProdHost(t *testing.T) {
 	assert.Equal(t, apns2.HostProduction, ApnsClient.Host)
 }

+func TestAPNSClientInvaildToken(t *testing.T) {
+	PushConf, _ = config.LoadConf("")
+
+	PushConf.Ios.Enabled = true
+	PushConf.Ios.KeyPath = "../certificate/authkey-invalid.p8"
+	err := InitAPNSClient()
+	assert.Error(t, err)
+}
+
+func TestAPNSClientVaildToken(t *testing.T) {
+	PushConf, _ = config.LoadConf("")
+
+	PushConf.Ios.Enabled = true
+	PushConf.Ios.KeyPath = "../certificate/authkey-valid.p8"
+	err := InitAPNSClient()
+	assert.NoError(t, err)
+	assert.Equal(t, apns2.HostDevelopment, ApnsClient.Host)
+
+	PushConf.Ios.Production = true
+	err = InitAPNSClient()
+	assert.NoError(t, err)
+	assert.Equal(t, apns2.HostProduction, ApnsClient.Host)
+}
+
 func TestPushToIOS(t *testing.T) {
 	PushConf, _ = config.LoadConf("")