Authtoken Changes

[gauntface]

cc @wibblymat @petele

At the moment you can make the following request:

library.sendWebPush(gcmSubscription, 'Hello, World!');

The library will switch out the gcm endpoint for the webpush gcm endpoint which is great.

However this will try and make a request without an auth token, i.e. we know that this will fail.

The actual code should be:

library.addAuthToken('https://android.googleapis.com/gcm/send', API_KEY);
library.sendWebPush(gcmSubscription, 'Hello, World!');

This will then add an edditional header 'Authorization'. At the moment I think this is only required for GCM, and Authorization may be specific to GCM Web Push.

My main fears are:

1.) We expect developers to set the pattern
2.) If the developer passes in GCM endpoint as is vs the new web push url, the web push url will fail while the only GCM would work
3.) I don't think this is needed or used for any other push service

This API as a result feels likely to cause confusion / errors.

At the very least I would like the API to error if there is no auth token and the endpoint is for a GCM endpoint.

But I would like to see the addAuthToken be swapped for addGCMAuthToken();

@wibblymat was there a reason for leaving this so generic for all push services?