APNs Token Authentication

[vivangkumar]

Hello there!

Are there plans to add the newly released Token Authentication to the library? If there is work already in progress, when can we expect it to be merged into master and if not, will a PR be welcome?

[sideshow]

@vivangkumar I have been working on this. Should have the first version in the next few days (as a branch) and would love feedback around the implementation.

[vivangkumar]

That's great news. Sure, I'll pop back once the branch is up and have a look :) Thanks!

[sideshow]

Hey @vivangkumar Please see initial working example of Token based Auth here https://github.com/sideshow/apns2/pull/43 This has been tested as working on production APNS Any comments and critique welcome

[laozi2]

I use "github.com/dgrijalva/jwt-go" to generate jwt-token. Here is an example https://github.com/laozi2/token-auth-apns-http2-proxy

[nathany]

For a list of various JWT libraries, see https://jwt.io/ and click Libraries and Filter By "Go".

[sideshow]

Thanks guys. I ended up using jwt-go. Here is my [WIP] PR https://github.com/sideshow/apns2/pull/43

[raphaeljlps]

@sideshow any updates on this feature?

[sideshow]

@raphaeljlps The PR is here https://github.com/sideshow/apns2/pull/43 however we are still blocked by the way the golang http2 implementation interprets the MAX_CONCURRENT_STREAMS header.

The two options to move this issue forward are;

1. Suggest alterations to the http/2 library and hope that it gets picked up in an upcoming version of go.
2. Patch the http/2 library and include a forked version in this package in the interim.

None of these are amazing, but open to suggestions to move it forward.

[nathany]

@sideshow A third option might be just to hack it? Assume 1 request at a time until the first one succeeds, then bring up a worker pool. One thing I'm not sure about though is if the connection is lost, in which case it may need to drop back down to 1 request at a time on a new connection.

[sideshow]

@nathany Good idea - could be the best solution for now. Agree it's a bit hacky but would allow us to move forward!

[markschmid]

We're also eagerly looking forward to this functionality. :) Currently we're using https://github.com/soh335/apnsapi with Token Authentication but would like to switch to this library (apns2) as soon as possible.

In the meantime, is there a known workaround that allows to use apns2 with Token Authentication already?

[sideshow]

@markschmid The library that you linked to suffers from the same issue when used asyncronously, I was able to reproduce the error (stream error: stream ID xx; REFUSED_STREAM) by modifying his sample code in his library to illustrate.

Here is his sample code with lines 101-115 modified to use async behaviour and reproduce the problem https://gist.github.com/sideshow/b4d8898e76813216d1fc2b8ad12e4eef#file-test-go-L105-L115

If you haven't encountered this bug then you may not be using his library in an async manner and in that case you would be better to the apps/2 feature-auth-token branch which has test coverage https://github.com/sideshow/apns2/tree/feature-auth-token

[markschmid]

Haven't been aware of the feature-auth-token branch. Great stuff, thanks.

[sideshow]

Done :)