From 159f582aa5b64f31cdd7252b38ba0b7bf8ffca23 Mon Sep 17 00:00:00 2001 From: mohamed Date: Sun, 11 Sep 2016 12:06:33 -0700 Subject: [PATCH 1/2] api key only needed for old google apis, new fcm.googleapis.com doesnt require it --- lib/webpush/request.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/webpush/request.rb b/lib/webpush/request.rb index 23473cd..3ff5777 100644 --- a/lib/webpush/request.rb +++ b/lib/webpush/request.rb @@ -62,7 +62,7 @@ def api_key end def api_key? - !(api_key.nil? || api_key.empty?) && @endpoint =~ /\Ahttps:\/\/.+\.googleapis\.com/ + !(api_key.nil? || api_key.empty?) && @endpoint =~ /\Ahttps:\/\/(android|gcm-http)\.googleapis\.com/ end def encrypted_payload? From 4818cd5f4df27e008e88cb160d026ea0996e5d94 Mon Sep 17 00:00:00 2001 From: mohamed Date: Mon, 12 Sep 2016 08:28:02 -0700 Subject: [PATCH 2/2] add a standards-compliant Chrome endpoint authorization header test --- spec/webpush/request_spec.rb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/spec/webpush/request_spec.rb b/spec/webpush/request_spec.rb index e8a5112..38d54b4 100644 --- a/spec/webpush/request_spec.rb +++ b/spec/webpush/request_spec.rb @@ -24,12 +24,18 @@ end describe 'from :api_key' do - it 'inserts Authorization header when api_key present, and endpoint is for Chrome' do + it 'inserts Authorization header when api_key present, and endpoint is for Chrome\'s non-standards-compliant GCM endpoints' do request = Webpush::Request.new('https://gcm-http.googleapis.com/gcm/xyz', api_key: "api_key") expect(request.headers['Authorization']).to eq("key=api_key") end + it 'does not insert Authorization header for Chrome\'s new standards-compliant endpoints, even if api_key is present' do + request = Webpush::Request.new('https://fcm.googleapis.com/fcm/send/ABCD1234', api_key: "api_key") + + expect(request.headers['Authorization']).to be_nil + end + it 'does not insert Authorization header when endpoint is not for Chrome, even if api_key is present' do request = Webpush::Request.new('https://some.random.endpoint.com/xyz', api_key: "api_key")