web-push-libs
Sending web push to APNs (https://web.push.apple.com) responds with 403 Forbidden
Has anyone got web push working with iOS Safari (w/PWA)?
I posted the following on StackOverflow, but got no response.
We can send web push from java server to PWA on Android/Chrome works fine, but sending to PWA on iPhone/Safari fails with 403 Forbidden.
Works fine on Android phone
- PWA gets installed on Android phone via Chrome
- User clicks Subscribe button in app and grants permission
- App gets Subscription using server's VAPID public key
- PWA sends Subscription (endpoint, keys) to server
- Server sends web push to subscription endpoint (https://fcm.googleapis.com/fcm/send/...)
- FCM responds with 201 Created
- PWA service worker gets the "push" event and shows the notification
Request to fcm.googleapis.com
url:https://fcm.googleapis.com/wp/evZRV...IeBQGGaRfGK
Authorization=vapid t=eyJ0eXAiOi...o2jHfWJGw, k=BHBlZKwyYa...SclQckMDxE
Content-Encoding=aes128gcm
TTL=2419200
Crypto-Key=p256ecds...lQckMDxE=
Content-Type=application/octet-stream
method:POST
protocol version:HTTP/1.1
entity:[Content-Length: 219,Chunked: false]
Response
statusline:HTTP/1.1 201 Created
Location=https://fcm.googleapis.com/0:1705097911549557%0f493ae6f9fd7ecd
X-Content-Type-Options=nosniff
X-Frame-Options=SAMEORIGIN
X-Xss-Protection=0
Date=Fri, 12 Jan 2024 22:18:31 GMT
Content-Length=0
Content-Type=text/html; charset=UTF-8
Alt-Svc=h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
protocol version:HTTP/1.1
entity:[Content-Type: text/html; charset=UTF-8,Content-Length: 0,Chunked: false]
Fails on iPhone
- PWA gets installed on iPhone via Safari
- User clicks Subscribe button in app and grants permission
- App gets Subscription using server's VAPID public key
- PWA sends Subscription (endpoint, keys) to server
- Server sends web push to subscription endpoint (https://web.push.apple.com/...)
- FCM responds with 403 Forbidden
- PWA service worker never gets the "push" event
Request to web.push.apple.com
url:https://web.push.apple.com/QPU8aHza...q44-RonI
Authorization=vapid t=eyJ0eXAiO...DKVX7h5g, k=BHBlZKwy...QckMDxE
Content-Encoding=aes128gcm
TTL=2419200
Crypto-Key=p256ecdsa=BHBlZKwy...clQckMDxE=
Content-Type=application/octet-stream
method:POST
protocol version:HTTP/1.1
entity:[Content-Length: 219,Chunked: false]
Response
statusline:HTTP/1.1 403 Forbidden
content-type=text/plain; charset=UTF-8
apns-id=3597065D-3C81-ED1D-A56C-E5CED97D3BC1
protocol version:HTTP/1.1
entity:org.apache.http.client.entity.DecompressingEntity@6cbc2aee
I'm using the webpush-java library to prepare the web push request. Here's the send code:
JSONObject json = new JSONObject();
json.put("title", "Hello");
json.put("body", "This is a test.");
json.put("sub","mailto:[email protected]");
PushService pushService = new PushService(publicKey, privateKey);
Notification notification = new Notification(subscription, json);
HttpPost httppost = pushService.preparePost(notification, Encoding.AES128GCM);
HttpClient httpclient = HttpClients.createDefault();
HttpResponse response = httpclient.execute(httppost);
Any help would be greatly appreciated.
Here's the StackOverflow post for reference. https://stackoverflow.com/questions/77809621/sending-web-push-to-apns-https-web-push-apple-com-responds-with-403-forbidde
It seems to me that your usage of the library is non-standard. Why bother creating your own Http objects? Maybe try following the simpler usage in the example code?
Seems to be related to this: https://github.com/web-push-libs/webpush-java/issues/201#issuecomment-1443258546
Thanks for the link @krissvaa to the comment. By adding a subject to the PushService it works 🥳 :
PushService(
"publicKey",
"privateKey",
"mailto:[email protected]",
)
Dang. My bad. I should have updated you on how I got it working. Yes, adding the subject got it going.
The docs on the webpush-java library don't show this way of instantiating the PushService. I did find it clearly shown on webpush.