From 835ca09af7d87c5172c61f74b71a4f2b9a4a00fb Mon Sep 17 00:00:00 2001 From: Mat Scales Date: Fri, 18 Mar 2016 11:51:27 +0000 Subject: [PATCH] Simplify docs, remove auth token methods --- README.md | 51 ++++++--------------------------------------------- src/push.js | 45 ++++++++------------------------------------- 2 files changed, 14 insertions(+), 82 deletions(-) diff --git a/README.md b/README.md index e7e0167..c9c98af 100644 --- a/README.md +++ b/README.md @@ -31,60 +31,21 @@ Install the module using npm: Require the module: -`const webpush = require('web-push-encryption');` +`var webpush = require('web-push-encryption');` Send a message: `webpush.sendWebPush('Yay! Web Push!', subscription);` -API ---- +If the push service requires an authentication header (notably Google Cloud +Messaging, used by Chrome) then you can add that as a third parameter: -**sendWebPush** -`webpush.sendWebPush(message, subscription);` - -Encrypts a message and sends it the the subscribed client using the Web Push -protocol. The subscription parameter is the serialised PushSubscription object -obtained from the client when susbscribing. One way to get this object in the -correct format is by calling `JSON.stringify(subscription)` and then -transmitting the resulting string to the server. - -The message is a String, and will be the value of the `data` property of the -PushEvent that the client receives. - -**addAuthToken** -`.addAuthToken(pattern, token)` - -Some push providers (notably Google Cloud Messaging (GCM), used by Chrome's push -implementation) require an `Authentication:` token to be sent with push -requests. You can specify which tokens to send for which push providers. Both -`pattern` and `token` are Strings. When sending the message to the endpoint, the -endpoint is matched against each pattern that has been set. If any pattern is a -substring of the endpoint then the associated token will be sent in the request. - -For example, to set the token for GCM you could use a pattern of -`https://android.googleapis.com/gcm`. - -**encrypt** -`.encrypt(message, subscription)` - -This method performs the neccessary encryption but does not actually send the -Web Push request. This allows you to use an alternative implementation of the -Web Push protocol. The output is an Object: - -```javascript -{ - ciphertext: Buffer, - salt: Buffer, - serverPublicKey: Buffer +``` +if (subscription.endpoint.indexOf('https://android.googleapis.com/gcm/send/') === 0) { + webpush.sendWebPush('A message for Chrome', subscription, MY_GCM_KEY); } ``` -These are the raw values needed to construct the body (`ciphertext`), -`Encryption` header (`salt`) and `Crypto-Key` header (`serverPublicKey`). For -more details of the Web Push protocol, see -https://webpush-wg.github.io/webpush-encryption/ - Support ------- diff --git a/src/push.js b/src/push.js index 333d056..4f3d6ee 100644 --- a/src/push.js +++ b/src/push.js @@ -43,54 +43,27 @@ function createHeaderField(name, value) { return `${name}=${ub64(value)}`; } -const authTokens = []; - -/** - * Returns the appropriate authentication token, if any, for the endpoint we are - * trying to send to. - * @param {String} endpoint URL of the endpoint - * @return {String} The authentication token - */ -function getAuthToken(endpoint) { - for (let i = 0; i < authTokens.length; i++) { - if (endpoint.indexOf(authTokens[i].pattern) !== -1) { - return authTokens[i].token; - } - } -} - -/** - * Adds a new authentication token. The pattern is a simple string. An endpoint - * will use the given authentication token if the pattern is a substring of the - * endpoint. - * @param {String} pattern The pattern to match on - * @param {String} token The authentication token - */ -function addAuthToken(pattern, token) { - authTokens.push({pattern, token}); -} - /** * Sends a message using the Web Push protocol * @param {String} message The message to send * @param {Object} subscription The subscription details for the client we * are sending to + * @param {String} authToken Optional token to be used in the + * `Authentication` header if the endpoint + * requires it. * @return {Promise} A promise that resolves if the push was sent successfully * with status and body. */ -function sendWebPush(message, subscription) { - let endpoint = subscription.endpoint; - const authToken = getAuthToken(endpoint); - +function sendWebPush(message, subscription, authToken) { // If the endpoint is GCM then we temporarily need to rewrite it, as not all // GCM servers support the Web Push protocol. This should go away in the // future. - endpoint = endpoint.replace(GCM_URL, TEMP_GCM_URL); + const endpoint = subscription.endpoint.replace(GCM_URL, TEMP_GCM_URL); const payload = encrypt(message, subscription); const headers = { - 'Encryption': createHeaderField('salt', payload.salt), - 'Crypto-Key': createHeaderField('dh', payload.serverPublicKey) + 'Encryption': `salt=${ub64(payload.salt)}`, + 'Crypto-Key': `dh=${ub64(payload.serverPublicKey)}` }; if (authToken) { @@ -116,8 +89,6 @@ function sendWebPush(message, subscription) { module.exports = { sendWebPush, - addAuthToken, ub64, - createHeaderField, - getAuthToken + createHeaderField };