Open k-ahn opened 5 months ago
I am able to send a web push notification without passing any authentication information. The code is:
import onesignal from onesignal.api import default_api from onesignal.model.notification import Notification with onesignal.ApiClient() as api_client: api_instance = default_api.DefaultApi(api_client) def createNotification(): notification = Notification() notification.set_attribute('app_id', ONESIGNAL_APP_ID) notification.set_attribute('headings', { 'en': 'New Message' }) notification.set_attribute('contents', { 'en': "Test Message" }) notification.set_attribute('include_player_ids', [VALID_ONESIGNAL_PLAYER_ID]) return notification notification = createNotification() notificationResponse = api_instance.create_notification(notification) print(notificationResponse)
The documentation states you should pass a configuration object to onesignal.ApiClient() as follows:
configuration = onesignal.Configuration( app_key = "YOUR_APP_KEY", user_key = "YOUR_USER_KEY" ) with onesignal.ApiClient(configuration)
However, the code works without passing the configuration object, thus enabling a push notification to be sent with only an app id and player id.
1. pip3 install onesignal 2. pip3 install onesignal-python-api 3. python3 <code in descriptionn>
I expected the push send to fail because no Rest API Key was provided
The code responds with the following object when run: {'external_id': 'A-UUID-STRING', 'id': 'ANOTHER-UUID-STRING'}
What happened?
I am able to send a web push notification without passing any authentication information. The code is:
The documentation states you should pass a configuration object to onesignal.ApiClient() as follows:
However, the code works without passing the configuration object, thus enabling a push notification to be sent with only an app id and player id.
Steps to reproduce?
What did you expect to happen?
I expected the push send to fail because no Rest API Key was provided
Relevant log output
Code of Conduct