WebAPI/PushAPI: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
Line 26: Line 26:
  }
  }


<tt>requestURL(watoken, PbK)</tt> asks the user if they'd like to allow the app requesting
===requestURL(WAToken, publicKey)===
to send notifications. It requires two arguments, a "watoken" that identifies uniquely the user (or installation) of the app (or a shared watoken, used for broadcast) and the app public key, that will be used to verify the origin of the notification.
asks the user if they'd like to allow the app requesting to send notifications. If the app has been granted permission already and is calling <tt>requestURL()</tt> again, the original values are returned and no user interaction is required.


When the success callback runs, <tt>request.result</tt> will be a "JSON object" with the following structure
==== Arguments ====
<b><tt>WAToken</tt></b><br>
the Web App Token identifies uniquely the user (or installation) of the app (or a shared <tt>WAToken</tt>, used for broadcast). It is generated by <i style="color:red">XXX</i>
 
<b><tt>publicKey</tt></b><br>
used to verify the origin of the notification. This is a cryptographic key generated by the app and should be unique per user.
 
==== Returns ====
<tt>request.result</tt> will be a "JSON object" with the following structure


  dictionary PushURLResult {
  dictionary PushURLResult {
Line 38: Line 46:
   DOMString WAtoken;
   DOMString WAtoken;
  }
  }
<b><tt>status</tt></b><br />
"SUCCESS" on successful registration of <tt>WAToken</tt>, otherwise, "ERROR".
=====SUCCESS parameters =====
<b><tt>url</tt></b><br />
returns the URL the app server may use to send a Push Notification messages to the user.
<b><tt>messageType</tt></b><br />
<tt>registeredWA</tt> response to this message


The <tt>status</tt> property says if the registration of a given WA token is correct or not:
<b><tt>WAToken</tt></b><br />
* a <tt>ERROR</tt> status is sent, then, the <tt>reason</tt> could contain a more explicit message error.
same value as the <tt>WAToken</tt> parameter
* a <tt>SUCCESS</tt> status is sent when it's correct. Then, the field <tt>url</tt> is defined.


The <tt>reason</tt> is only defined if the <tt>status</tt> field (shown above) is <tt>ERROR</tt>. Not mandatory.
=====Error parameters =====
<b><tt>reason</tt></b><br />
Optional value which may contain a more explicit message error.


The <tt>url</tt> property contains the URL which the app server can send messages to this user. It's up to the app to send the URL to the server backend for storage.
<b><tt>WAtoken</tt></b><br />
same value as the <tt>WAToken</tt> parameter


The <tt>messageType</tt> is <tt>registerWA</tt> which is the response to this kind of messages.
===getCurrentURL()===
lets the app ask Firefox if the app has a push URL without bothering the user. The function behaves the same way as <tt>requestURL()</tt> except for the case when <tt>requestURL()</tt> would prompt the user. I.e. if the user has already granted permission, or if the user has permanently denied permission, then <tt>getCurrentURL</tt> behaves the same as <tt>requestURL</tt>. However if the user hasn't yet made a decision, then <tt>getCurrentURL</tt> results in a success event, but with <tt>request.result</tt> set to null.


The <tt>WAtoken</tt> is the app token that was used to register. This can be used by the user agent to identify what URL belongs to a specified token or if there is some error.
==== Arguments ====
There are no arguments for this function


If the app has been granted permission already and is calling <tt>requestURL()</tt> again, we can return the same URL without bothering the user.
==== Returns ====
This function returns the stored values for <tt>requestURL()</tt> or Null if no stored values exist.


<tt>getCurrentURL()</tt> lets the app ask Firefox if the app has a push URL without bothering the user. The function behaves the same way as <tt>requestURL()</tt> except for the case when <tt>requestURL()</tt> would prompt the user. I.e. if the user has already granted permission, or if the user has permanently denied permission, then getCurrentURL behaves the same as requestURL. However if the user hasn't yet made a decision, then getCurrentURL results in a success event, but with request.result set to null.
===revokeURL(url)===
lets the app indicate that it no longer wants to be able to push messages using the indicated URL for this installation.


<tt>revokeURL(url)</tt> lets the app indicate that it no longer wants to be able to push messages using the indicated URL for this installation.
==== Arguments ====
<b><tt>url</tt></b><br />
The URL returned by a previously successful <tt>requestURL()</tt> call.


=== Examples ===
Simple usage would look like this:
Simple usage would look like this:


Revision as of 17:28, 18 September 2012

Push notifications are a way for websites to send small messages to users when the user is not on the site. iOS and Android devices already support their own push notification services so we want to develop it to FirefoxOS.

Status

Server side

This is being implemented by User:willyaranda and User:frsela at Telefónica.

Gecko implementation

User:Thinker has implemented the Gecko side.

Bug #763198 is the implementation bug.

Bug#776501 is the security bug.

Client API

The API will be an object at navigator.push with this interface: 

interface PushManager {
  DOMRequest requestURL(jsval watoken, jsval PbK);
  DOMRequest getCurrentURL();
  DOMRequest revokeURL(jsval URL);
}

requestURL(WAToken, publicKey)

asks the user if they'd like to allow the app requesting to send notifications. If the app has been granted permission already and is calling requestURL() again, the original values are returned and no user interaction is required.

Arguments

WAToken
the Web App Token identifies uniquely the user (or installation) of the app (or a shared WAToken, used for broadcast). It is generated by XXX

publicKey
used to verify the origin of the notification. This is a cryptographic key generated by the app and should be unique per user.

Returns

request.result will be a "JSON object" with the following structure 

dictionary PushURLResult {
  DOMString status;
  DOMString reason?;
  DOMString url?;
  DOMString messageType;
  DOMString WAtoken;
}

status
"SUCCESS" on successful registration of WAToken, otherwise, "ERROR".

SUCCESS parameters

url
returns the URL the app server may use to send a Push Notification messages to the user.

messageType
registeredWA response to this message

WAToken
same value as the WAToken parameter

Error parameters

reason
Optional value which may contain a more explicit message error.

WAtoken
same value as the WAToken parameter

getCurrentURL()

lets the app ask Firefox if the app has a push URL without bothering the user. The function behaves the same way as requestURL() except for the case when requestURL() would prompt the user. I.e. if the user has already granted permission, or if the user has permanently denied permission, then getCurrentURL behaves the same as requestURL. However if the user hasn't yet made a decision, then getCurrentURL results in a success event, but with request.result set to null.

Arguments

There are no arguments for this function

Returns

This function returns the stored values for requestURL() or Null if no stored values exist.

revokeURL(url)

lets the app indicate that it no longer wants to be able to push messages using the indicated URL for this installation.

Arguments

url
The URL returned by a previously successful requestURL() call.

Examples

Simple usage would look like this: 

function getPushURL() {
  var push = (navigator.push ||
              navigator.mozPush ||
              navigator.webkitPush);
  // Ask the user to allow notifications
  var request = push.requestURL(watoken, PbK);
  request.onsuccess = function() {
    var url = request.result.url;
    console.log('Push URL: ' + url);
    // We got a new push URL, store it on the server.
    jQuery.post('/push-urls/', {url: url});
  };
}

If a website wants to display a button which allows the user to start using the push feature for the website, it could do something like this 

function displayPushButton(buttonElement) {
  var push = (navigator.push ||
              navigator.mozPush ||
              navigator.webkitPush);
  // Ask the user to allow notifications
  var request = push.getCurrentURL();
  request.onsuccess = function() {
    var result = request.result;
    if (result) {
      // Hide button as we already have the push URL
      buttonElement.hidden = true;
    }
    else {
      // Display button
      buttonElement.hidden = false;
      button.disabled = false;
      button.textContent = "Enable push notifications";
      button.onclick = getPushURL;
    }
  };
  request.onerror = function() {
    if (request.error.name == "DeniedError") {
      // Indicate to user that it's disabled due to user choice
      button.disabled = true;
      button.textContent = "Disabled, change settings to enable";
    }
  }
}

Server API

On the server side we're looking at an HTTP interface that accepts a JSON POST with these attributes:

  • messageType: "notification". Mandatory
  • id: a server side generated id to identify the notification. Not mandatory.
  • message: Main body. This could contain a maximum of 1024 bytes. Can be anything that fits in UTF8. Mandatory
  • signature: The text message signed with the Private Key that is verified and, if fails, the notification is thrown away and not accepted. Mandatory
  • ttl: Maximum time of live of the notification. The server will discard any notification in a maximum time or in the ttl time, whatever first occurs. Not mandatory.
  • timestamp: Time when the notification was sent. Not mandatory.
  • priority: A priority value, from 1 to 4. 1 should be delivered instantly, and 4 co

HTTP Status Codes in response:

  • 200: Notification accepted for delivery
  • 400: Notification rejected.

HTTP Body response:

When received a 400, there is a JSON with the status ERROR and a possible reason.

Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/PushAPI&oldid=471515"