Using this library with UWP app "alternate channel"

[nbevans]

Reference: https://docs.microsoft.com/en-us/windows/uwp/design/shell/tiles-and-notifications/alternate-channel-vapid-webpush

We've made a UWP app which calls the CreateRawPushNotificationChannelWithAlternateKeyForApplicationAsync API. This returns a endpoint URL which contains a token in the query string of the URL. No p256dh or auth parameters are returned by this API.

I'm unclear now how to proceed because every WebPush library, including this one, seems to require as a minimum the endpoint, p256dh and auth to form a complete "push subscription".

The documentation on the MSDN there, as you can see, is extremely vague!

I have generated a VAPID public+private key pair and that part seems fine. I am passing in the public key part of this into that CreateRawPushNotificationChannelWithAlternateKeyForApplicationAsync function as the appServerKey parameter. But am now unclear what to do in order to get the p256dh and auth parts which appear to be essential.

Any ideas/tips would be greatly appreciated! Thank you.

[tuwrraphael]

In the reference linked is a note on encryption, which states:

You can use whatever encryption scheme you find more useful for your app…

So if you'd really like to use this library, whose goal is to implement the web push standard in c#, I would suggest to go along with the end-to-end protection of the payload. You would need to generate the p256dh and auth keys yourself, in your client application, and transmit them together with your endpoint url to your server. You need then to decrypt the payload in the client.

If you don't want to encrypt the payload this way, this package is not the right one I'm afraid. Still, I would like the solution of building an own package for the VAPID authentication header, which could then be imported here.