line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Mojolicious::Plugin::WebPush; |
2
|
4
|
|
|
4
|
|
17366
|
use Mojo::Base 'Mojolicious::Plugin'; |
|
4
|
|
|
|
|
9
|
|
|
4
|
|
|
|
|
25
|
|
3
|
4
|
|
|
4
|
|
672
|
use Mojo::JSON qw(decode_json encode_json); |
|
4
|
|
|
|
|
8
|
|
|
4
|
|
|
|
|
201
|
|
4
|
4
|
|
|
4
|
|
26
|
use Crypt::PK::ECC; |
|
4
|
|
|
|
|
13
|
|
|
4
|
|
|
|
|
242
|
|
5
|
4
|
|
|
4
|
|
29
|
use MIME::Base64 qw(encode_base64url decode_base64url); |
|
4
|
|
|
|
|
9
|
|
|
4
|
|
|
|
|
326
|
|
6
|
4
|
|
|
4
|
|
2541
|
use Crypt::JWT qw(encode_jwt decode_jwt); |
|
4
|
|
|
|
|
126708
|
|
|
4
|
|
|
|
|
296
|
|
7
|
4
|
|
|
4
|
|
1440
|
use Crypt::RFC8188 qw(ece_encrypt_aes128gcm); |
|
4
|
|
|
|
|
155292
|
|
|
4
|
|
|
|
|
8845
|
|
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
our $VERSION = '0.03'; |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
my @MANDATORY_CONF = qw( |
12
|
|
|
|
|
|
|
subs_session2user_p |
13
|
|
|
|
|
|
|
save_endpoint |
14
|
|
|
|
|
|
|
subs_create_p |
15
|
|
|
|
|
|
|
subs_read_p |
16
|
|
|
|
|
|
|
subs_delete_p |
17
|
|
|
|
|
|
|
); |
18
|
|
|
|
|
|
|
my @AUTH_CONF = qw(claim_sub ecc_private_key); |
19
|
|
|
|
|
|
|
my $DEFAULT_PUSH_HANDLER = <<'EOF'; |
20
|
|
|
|
|
|
|
event => { |
21
|
|
|
|
|
|
|
var msg = event.data.json(); |
22
|
|
|
|
|
|
|
var title = msg.title; |
23
|
|
|
|
|
|
|
delete msg.title; |
24
|
|
|
|
|
|
|
event.waitUntil(self.registration.showNotification(title, msg)); |
25
|
|
|
|
|
|
|
} |
26
|
|
|
|
|
|
|
EOF |
27
|
|
|
|
|
|
|
|
28
|
|
|
|
|
|
|
sub _decode { |
29
|
2
|
|
|
2
|
|
54
|
my ($bytes) = @_; |
30
|
2
|
|
|
|
|
5
|
my $body = eval { decode_json($bytes) }; |
|
2
|
|
|
|
|
8
|
|
31
|
|
|
|
|
|
|
# conceal error info like versions from attackers |
32
|
2
|
50
|
|
|
|
281
|
return (0, "Malformed request") if $@; |
33
|
2
|
|
|
|
|
7
|
(1, $body); |
34
|
|
|
|
|
|
|
} |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
sub _error { |
37
|
1
|
|
|
1
|
|
10
|
my ($c, $error) = @_; |
38
|
1
|
|
|
|
|
8
|
$c->render(status => 500, json => { errors => [ { message => $error } ] }); |
39
|
|
|
|
|
|
|
} |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
sub _make_route_handler { |
42
|
4
|
|
|
4
|
|
21
|
my ($subs_session2user_p, $subs_create_p) = @_; |
43
|
|
|
|
|
|
|
sub { |
44
|
2
|
|
|
2
|
|
17001
|
my ($c) = @_; |
45
|
2
|
|
|
|
|
7
|
my ($decode_ok, $body) = _decode($c->req->body); |
46
|
2
|
50
|
|
|
|
9
|
return _error($c, $body) if !$decode_ok; |
47
|
2
|
|
|
|
|
3
|
eval { validate_subs_info($body) }; |
|
2
|
|
|
|
|
6
|
|
48
|
2
|
100
|
|
|
|
510
|
return _error($c, $@) if $@; |
49
|
|
|
|
|
|
|
return $subs_session2user_p->($c->session)->then( |
50
|
1
|
|
|
|
|
5116
|
sub { $subs_create_p->($_[0], $body) }, |
51
|
|
|
|
|
|
|
)->then( |
52
|
1
|
|
|
|
|
444
|
sub { $c->render(json => { data => { success => \1 } }) }, |
53
|
0
|
|
|
|
|
0
|
sub { _error($c, @_) }, |
54
|
1
|
|
|
|
|
5
|
); |
55
|
4
|
|
|
|
|
68
|
}; |
56
|
|
|
|
|
|
|
} |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
sub _make_auth_helper { |
59
|
4
|
|
|
4
|
|
12
|
my ($app, $conf) = @_; |
60
|
4
|
|
50
|
|
|
30
|
my $exp_offset = $conf->{claim_exp_offset} || 86400; |
61
|
4
|
|
|
|
|
37
|
my $key = Crypt::PK::ECC->new($conf->{ecc_private_key}); |
62
|
4
|
|
|
|
|
23978
|
my $aud = $app->webpush->aud; |
63
|
4
|
|
|
|
|
18881
|
my $claims_start = { aud => $aud, sub => $conf->{claim_sub} }; |
64
|
4
|
|
|
|
|
115
|
my $pkey = encode_base64url $key->export_key_raw('public'); |
65
|
4
|
|
|
0
|
|
105
|
$app->helper('webpush.public_key' => sub { $pkey }); |
|
0
|
|
|
|
|
0
|
|
66
|
|
|
|
|
|
|
sub { |
67
|
3
|
|
|
3
|
|
1460
|
my ($c) = @_; |
68
|
3
|
|
|
|
|
27
|
my $claims = { exp => time + $exp_offset, %$claims_start }; |
69
|
3
|
|
|
|
|
21
|
my $token = encode_jwt key => $key, alg => 'ES256', payload => $claims; |
70
|
3
|
|
|
|
|
9303
|
"vapid t=$token,k=$pkey"; |
71
|
4
|
|
|
|
|
1732
|
}; |
72
|
|
|
|
|
|
|
} |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
sub _aud_helper { |
75
|
5
|
|
|
5
|
|
1731
|
$_[0]->ua->server->url->path(Mojo::Path->new->trailing_slash(0)).''; |
76
|
|
|
|
|
|
|
} |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
sub _verify_helper { |
79
|
3
|
|
|
3
|
|
9347
|
my ($app, $auth_header_value) = @_; |
80
|
3
|
|
|
|
|
16
|
(my $schema, $auth_header_value) = split ' ', $auth_header_value; |
81
|
3
|
50
|
|
|
|
12
|
return if $schema ne 'vapid'; |
82
|
3
|
|
|
|
|
26
|
my %k2v = map split('=', $_), split ',', $auth_header_value; |
83
|
3
|
|
|
|
|
11
|
eval { |
84
|
3
|
|
|
|
|
17
|
my $key = Crypt::PK::ECC->new; |
85
|
3
|
|
|
|
|
229
|
$key->import_key_raw(decode_base64url($k2v{k}), 'P-256'); |
86
|
3
|
|
|
|
|
8570
|
decode_jwt token => $k2v{t}, key => $key, alg => 'ES256', verify_exp => 0; |
87
|
|
|
|
|
|
|
}; |
88
|
|
|
|
|
|
|
} |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
sub _encrypt_helper { |
91
|
3
|
|
|
3
|
|
7513
|
my ($c, $plaintext, $receiver_key, $auth_key) = @_; |
92
|
3
|
50
|
33
|
|
|
28
|
die "Invalid p256dh key specified\n" |
93
|
|
|
|
|
|
|
if length($receiver_key) != 65 or $receiver_key !~ /^\x04/; |
94
|
3
|
|
|
|
|
21
|
my $onetime_key = Crypt::PK::ECC->new->generate_key('prime256v1'); |
95
|
3
|
|
|
|
|
8795
|
ece_encrypt_aes128gcm( |
96
|
|
|
|
|
|
|
$plaintext, (undef) x 2, $onetime_key, $receiver_key, $auth_key, |
97
|
|
|
|
|
|
|
); |
98
|
|
|
|
|
|
|
} |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
sub _send_helper { |
101
|
2
|
|
|
2
|
|
3035
|
my ($c, $message, $user_id, $ttl, $urgency) = @_; |
102
|
2
|
|
50
|
|
|
8
|
$ttl ||= 30; |
103
|
2
|
|
50
|
|
|
6
|
$urgency ||= 'normal'; |
104
|
|
|
|
|
|
|
$c->webpush->read_p($user_id)->then(sub { |
105
|
2
|
|
|
2
|
|
994
|
my ($subs_info) = @_; |
106
|
|
|
|
|
|
|
my $body = $c->webpush->encrypt( |
107
|
|
|
|
|
|
|
encode_json($message), |
108
|
2
|
|
|
|
|
9
|
map decode_base64url($_), @{$subs_info->{keys}}{qw(p256dh auth)} |
|
2
|
|
|
|
|
172
|
|
109
|
|
|
|
|
|
|
); |
110
|
2
|
|
|
|
|
15347
|
my $headers = { |
111
|
|
|
|
|
|
|
Authorization => $c->webpush->authorization, |
112
|
|
|
|
|
|
|
'Content-Length' => length($body), |
113
|
|
|
|
|
|
|
'Content-Encoding' => 'aes128gcm', |
114
|
|
|
|
|
|
|
TTL => $ttl, |
115
|
|
|
|
|
|
|
Urgency => $urgency, |
116
|
|
|
|
|
|
|
}; |
117
|
2
|
|
|
|
|
16
|
$c->app->ua->post_p($subs_info->{endpoint}, $headers, $body); |
118
|
|
|
|
|
|
|
})->then(sub { |
119
|
2
|
|
|
2
|
|
88153
|
my ($tx) = @_; |
120
|
|
|
|
|
|
|
return $c->webpush->delete_p($user_id)->then(sub { |
121
|
1
|
|
|
|
|
309
|
{ data => { success => \1 } } |
122
|
2
|
100
|
66
|
|
|
8
|
}) if $tx->res->code == 404 or $tx->res->code == 410; |
123
|
1
|
50
|
|
|
|
30
|
return { errors => [ { message => $tx->res->body } ] } |
124
|
|
|
|
|
|
|
if $tx->res->code > 399; |
125
|
1
|
|
|
|
|
11
|
{ data => { success => \1 } }; |
126
|
|
|
|
|
|
|
}, sub { |
127
|
0
|
|
|
0
|
|
0
|
{ errors => [ { message => $_[0] } ] } |
128
|
2
|
|
|
|
|
14
|
}); |
129
|
|
|
|
|
|
|
} |
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
sub register { |
132
|
4
|
|
|
4
|
1
|
288
|
my ($self, $app, $conf) = @_; |
133
|
4
|
|
|
|
|
26
|
my @config_errors = grep !exists $conf->{$_}, @MANDATORY_CONF; |
134
|
4
|
50
|
|
|
|
21
|
die "Missing config keys @config_errors\n" if @config_errors; |
135
|
|
|
|
|
|
|
$app->helper('webpush.create_p' => sub { |
136
|
4
|
|
|
4
|
|
30760
|
eval { validate_subs_info($_[2]) }; |
|
4
|
|
|
|
|
17
|
|
137
|
4
|
50
|
|
|
|
18
|
return Mojo::Promise->reject($@) if $@; |
138
|
4
|
|
|
|
|
30
|
$conf->{subs_create_p}->(@_[1,2]); |
139
|
4
|
|
|
|
|
44
|
}); |
140
|
4
|
|
|
6
|
|
1851
|
$app->helper('webpush.read_p' => sub { $conf->{subs_read_p}->($_[1]) }); |
|
6
|
|
|
|
|
5722
|
|
141
|
4
|
|
|
3
|
|
1300
|
$app->helper('webpush.delete_p' => sub { $conf->{subs_delete_p}->($_[1]) }); |
|
3
|
|
|
|
|
3413
|
|
142
|
4
|
|
|
|
|
1309
|
$app->helper('webpush.aud' => \&_aud_helper); |
143
|
|
|
|
|
|
|
$app->helper('webpush.authorization' => (grep !$conf->{$_}, @AUTH_CONF) |
144
|
0
|
|
|
0
|
|
0
|
? sub { die "Must provide @AUTH_CONF\n" } |
145
|
4
|
50
|
|
|
|
1453
|
: _make_auth_helper($app, $conf) |
146
|
|
|
|
|
|
|
); |
147
|
4
|
|
|
|
|
1682
|
$app->helper('webpush.verify_token' => \&_verify_helper); |
148
|
4
|
|
|
|
|
1926
|
$app->helper('webpush.encrypt' => \&_encrypt_helper); |
149
|
4
|
|
|
|
|
2066
|
$app->helper('webpush.send_p' => \&_send_helper); |
150
|
4
|
|
|
|
|
2100
|
my $r = $app->routes; |
151
|
|
|
|
|
|
|
$r->post($conf->{save_endpoint} => _make_route_handler( |
152
|
4
|
|
|
|
|
36
|
@$conf{qw(subs_session2user_p subs_create_p)}, |
153
|
|
|
|
|
|
|
), 'webpush.save'); |
154
|
4
|
|
|
|
|
1687
|
push @{ $app->renderer->classes }, __PACKAGE__; |
|
4
|
|
|
|
|
28
|
|
155
|
|
|
|
|
|
|
$app->serviceworker->add_event_listener( |
156
|
4
|
|
33
|
|
|
73
|
push => $conf->{push_handler} || $DEFAULT_PUSH_HANDLER |
157
|
|
|
|
|
|
|
); |
158
|
4
|
|
|
|
|
546
|
$self; |
159
|
|
|
|
|
|
|
} |
160
|
|
|
|
|
|
|
|
161
|
|
|
|
|
|
|
sub validate_subs_info { |
162
|
11
|
|
|
11
|
0
|
29315
|
my ($info) = @_; |
163
|
11
|
50
|
|
|
|
43
|
die "Expected object\n" if ref $info ne 'HASH'; |
164
|
11
|
|
|
|
|
54
|
my @errors = map "no $_", grep !exists $info->{$_}, qw(keys endpoint); |
165
|
11
|
|
|
|
|
60
|
push @errors, map "no $_", grep !exists $info->{keys}{$_}, qw(auth p256dh); |
166
|
11
|
100
|
|
|
|
74
|
die "Errors found in subscription info: " . join(", ", @errors) . "\n" |
167
|
|
|
|
|
|
|
if @errors; |
168
|
|
|
|
|
|
|
} |
169
|
|
|
|
|
|
|
|
170
|
|
|
|
|
|
|
1; |
171
|
|
|
|
|
|
|
|
172
|
|
|
|
|
|
|
=encoding utf8 |
173
|
|
|
|
|
|
|
|
174
|
|
|
|
|
|
|
=head1 NAME |
175
|
|
|
|
|
|
|
|
176
|
|
|
|
|
|
|
Mojolicious::Plugin::WebPush - plugin to aid real-time web push |
177
|
|
|
|
|
|
|
|
178
|
|
|
|
|
|
|
=head1 SYNOPSIS |
179
|
|
|
|
|
|
|
|
180
|
|
|
|
|
|
|
# Mojolicious::Lite |
181
|
|
|
|
|
|
|
my $sw = plugin 'ServiceWorker' => { debug => 1 }; |
182
|
|
|
|
|
|
|
my $webpush = plugin 'WebPush' => { |
183
|
|
|
|
|
|
|
save_endpoint => '/api/savesubs', |
184
|
|
|
|
|
|
|
subs_session2user_p => \&subs_session2user_p, |
185
|
|
|
|
|
|
|
subs_create_p => \&subs_create_p, |
186
|
|
|
|
|
|
|
subs_read_p => \&subs_read_p, |
187
|
|
|
|
|
|
|
subs_delete_p => \&subs_delete_p, |
188
|
|
|
|
|
|
|
ecc_private_key => 'vapid_private_key.pem', |
189
|
|
|
|
|
|
|
claim_sub => "mailto:admin@example.com", |
190
|
|
|
|
|
|
|
}; |
191
|
|
|
|
|
|
|
|
192
|
|
|
|
|
|
|
sub subs_session2user_p { |
193
|
|
|
|
|
|
|
my ($session) = @_; |
194
|
|
|
|
|
|
|
return Mojo::Promise->reject("Session not logged in") if !$session->{user_id}; |
195
|
|
|
|
|
|
|
Mojo::Promise->resolve($session->{user_id}); |
196
|
|
|
|
|
|
|
} |
197
|
|
|
|
|
|
|
|
198
|
|
|
|
|
|
|
sub subs_create_p { |
199
|
|
|
|
|
|
|
my ($session, $subs_info) = @_; |
200
|
|
|
|
|
|
|
app->db->save_subs_p($session->{user_id}, $subs_info); |
201
|
|
|
|
|
|
|
} |
202
|
|
|
|
|
|
|
|
203
|
|
|
|
|
|
|
sub subs_read_p { |
204
|
|
|
|
|
|
|
my ($user_id) = @_; |
205
|
|
|
|
|
|
|
app->db->lookup_subs_p($user_id); |
206
|
|
|
|
|
|
|
} |
207
|
|
|
|
|
|
|
|
208
|
|
|
|
|
|
|
sub subs_delete_p { |
209
|
|
|
|
|
|
|
my ($user_id) = @_; |
210
|
|
|
|
|
|
|
app->db->delete_subs_p($user_id); |
211
|
|
|
|
|
|
|
} |
212
|
|
|
|
|
|
|
|
213
|
|
|
|
|
|
|
=head1 DESCRIPTION |
214
|
|
|
|
|
|
|
|
215
|
|
|
|
|
|
|
L is a L plugin. In |
216
|
|
|
|
|
|
|
order to function, your app needs to have first installed |
217
|
|
|
|
|
|
|
L as shown in the synopsis above. |
218
|
|
|
|
|
|
|
|
219
|
|
|
|
|
|
|
=head1 METHODS |
220
|
|
|
|
|
|
|
|
221
|
|
|
|
|
|
|
L inherits all methods from |
222
|
|
|
|
|
|
|
L and implements the following new ones. |
223
|
|
|
|
|
|
|
|
224
|
|
|
|
|
|
|
=head2 register |
225
|
|
|
|
|
|
|
|
226
|
|
|
|
|
|
|
my $p = $plugin->register(Mojolicious->new, \%conf); |
227
|
|
|
|
|
|
|
|
228
|
|
|
|
|
|
|
Register plugin in L application, returning the plugin |
229
|
|
|
|
|
|
|
object. Takes a hash-ref as configuration, see L for keys. |
230
|
|
|
|
|
|
|
|
231
|
|
|
|
|
|
|
=head1 OPTIONS |
232
|
|
|
|
|
|
|
|
233
|
|
|
|
|
|
|
=head2 save_endpoint |
234
|
|
|
|
|
|
|
|
235
|
|
|
|
|
|
|
Required. The route to be added to the app for the service worker to |
236
|
|
|
|
|
|
|
register users for push notification. The handler for that will call |
237
|
|
|
|
|
|
|
the L. If success is indicated, it will return JSON: |
238
|
|
|
|
|
|
|
|
239
|
|
|
|
|
|
|
{ "data": { "success": true } } |
240
|
|
|
|
|
|
|
|
241
|
|
|
|
|
|
|
If failure: |
242
|
|
|
|
|
|
|
|
243
|
|
|
|
|
|
|
{ "errors": [ { "message": "The exception reason" } ] } |
244
|
|
|
|
|
|
|
|
245
|
|
|
|
|
|
|
This will be handled by the provided service worker. In case it is |
246
|
|
|
|
|
|
|
required by the app itself, the added route is named C. |
247
|
|
|
|
|
|
|
|
248
|
|
|
|
|
|
|
=head2 subs_session2user_p |
249
|
|
|
|
|
|
|
|
250
|
|
|
|
|
|
|
Required. The code to be called to look up the user currently identified |
251
|
|
|
|
|
|
|
by this session, which returns a promise of the user ID. Must reject |
252
|
|
|
|
|
|
|
if no user logged in and that matters. It will be passed parameters: |
253
|
|
|
|
|
|
|
|
254
|
|
|
|
|
|
|
=over |
255
|
|
|
|
|
|
|
|
256
|
|
|
|
|
|
|
=item * |
257
|
|
|
|
|
|
|
|
258
|
|
|
|
|
|
|
The L object, to correctly identify |
259
|
|
|
|
|
|
|
the user. |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
=back |
262
|
|
|
|
|
|
|
|
263
|
|
|
|
|
|
|
=head2 subs_create_p |
264
|
|
|
|
|
|
|
|
265
|
|
|
|
|
|
|
Required. The code to be called to store users registered for push |
266
|
|
|
|
|
|
|
notifications, which must return a promise of a true value if the |
267
|
|
|
|
|
|
|
operation succeeds, or reject with a reason. It will be passed parameters: |
268
|
|
|
|
|
|
|
|
269
|
|
|
|
|
|
|
=over |
270
|
|
|
|
|
|
|
|
271
|
|
|
|
|
|
|
=item * |
272
|
|
|
|
|
|
|
|
273
|
|
|
|
|
|
|
The ID to correctly identify the user. Please note that you ought to |
274
|
|
|
|
|
|
|
allow one person to have several devices with web-push enabled, and to |
275
|
|
|
|
|
|
|
design accordingly. |
276
|
|
|
|
|
|
|
|
277
|
|
|
|
|
|
|
=item * |
278
|
|
|
|
|
|
|
|
279
|
|
|
|
|
|
|
The C hash-ref, needed to push actual messages. |
280
|
|
|
|
|
|
|
|
281
|
|
|
|
|
|
|
=back |
282
|
|
|
|
|
|
|
|
283
|
|
|
|
|
|
|
=head2 subs_read_p |
284
|
|
|
|
|
|
|
|
285
|
|
|
|
|
|
|
Required. The code to be called to look up a user registered for push |
286
|
|
|
|
|
|
|
notifications. It will be passed parameters: |
287
|
|
|
|
|
|
|
|
288
|
|
|
|
|
|
|
=over |
289
|
|
|
|
|
|
|
|
290
|
|
|
|
|
|
|
=item * |
291
|
|
|
|
|
|
|
|
292
|
|
|
|
|
|
|
The opaque information your app uses to identify the user. |
293
|
|
|
|
|
|
|
|
294
|
|
|
|
|
|
|
=back |
295
|
|
|
|
|
|
|
|
296
|
|
|
|
|
|
|
Returns a promise of the C hash-ref. Must reject if |
297
|
|
|
|
|
|
|
not found. |
298
|
|
|
|
|
|
|
|
299
|
|
|
|
|
|
|
=head2 subs_delete_p |
300
|
|
|
|
|
|
|
|
301
|
|
|
|
|
|
|
Required. The code to be called to delete up a user registered for push |
302
|
|
|
|
|
|
|
notifications. It will be passed parameters: |
303
|
|
|
|
|
|
|
|
304
|
|
|
|
|
|
|
=over |
305
|
|
|
|
|
|
|
|
306
|
|
|
|
|
|
|
=item * |
307
|
|
|
|
|
|
|
|
308
|
|
|
|
|
|
|
The opaque information your app uses to identify the user. |
309
|
|
|
|
|
|
|
|
310
|
|
|
|
|
|
|
=back |
311
|
|
|
|
|
|
|
|
312
|
|
|
|
|
|
|
Returns a promise of the deletion result. Must reject if not found. |
313
|
|
|
|
|
|
|
|
314
|
|
|
|
|
|
|
=head2 ecc_private_key |
315
|
|
|
|
|
|
|
|
316
|
|
|
|
|
|
|
A value to be passed to L: a simple scalar is a |
317
|
|
|
|
|
|
|
filename, a scalar-ref is the actual key. If not provided, |
318
|
|
|
|
|
|
|
L will (obviously) not be able to function. |
319
|
|
|
|
|
|
|
|
320
|
|
|
|
|
|
|
=head2 claim_sub |
321
|
|
|
|
|
|
|
|
322
|
|
|
|
|
|
|
A value to be used as the C claim by the L, |
323
|
|
|
|
|
|
|
which needs it. Must be either an HTTPS or C URL. |
324
|
|
|
|
|
|
|
|
325
|
|
|
|
|
|
|
=head2 claim_exp_offset |
326
|
|
|
|
|
|
|
|
327
|
|
|
|
|
|
|
A value to be added to current time, in seconds, in the C claim |
328
|
|
|
|
|
|
|
for L. Defaults to 86400 (24 hours). The maximum |
329
|
|
|
|
|
|
|
valid value in RFC 8292 is 86400. |
330
|
|
|
|
|
|
|
|
331
|
|
|
|
|
|
|
=head2 push_handler |
332
|
|
|
|
|
|
|
|
333
|
|
|
|
|
|
|
Override the default push-event handler supplied to |
334
|
|
|
|
|
|
|
L. The default |
335
|
|
|
|
|
|
|
will interpret the message as a JSON object. The key C will be |
336
|
|
|
|
|
|
|
the notification title, deleted from that object, then the object will be |
337
|
|
|
|
|
|
|
the options passed to C<< .showNotification >>. |
338
|
|
|
|
|
|
|
|
339
|
|
|
|
|
|
|
See |
340
|
|
|
|
|
|
|
L |
341
|
|
|
|
|
|
|
for possibilities. |
342
|
|
|
|
|
|
|
|
343
|
|
|
|
|
|
|
=head1 HELPERS |
344
|
|
|
|
|
|
|
|
345
|
|
|
|
|
|
|
=head2 webpush.create_p |
346
|
|
|
|
|
|
|
|
347
|
|
|
|
|
|
|
$c->webpush->create_p($user_id, $subs_info)->then(sub { |
348
|
|
|
|
|
|
|
$c->render(json => { data => { success => \1 } }); |
349
|
|
|
|
|
|
|
}); |
350
|
|
|
|
|
|
|
|
351
|
|
|
|
|
|
|
=head2 webpush.read_p |
352
|
|
|
|
|
|
|
|
353
|
|
|
|
|
|
|
$c->webpush->read_p($user_id)->then(sub { |
354
|
|
|
|
|
|
|
$c->render(text => 'Info: ' . to_json(shift)); |
355
|
|
|
|
|
|
|
}); |
356
|
|
|
|
|
|
|
|
357
|
|
|
|
|
|
|
=head2 webpush.delete_p |
358
|
|
|
|
|
|
|
|
359
|
|
|
|
|
|
|
$c->webpush->delete_p($user_id)->then(sub { |
360
|
|
|
|
|
|
|
$c->render(json => { data => { success => \1 } }); |
361
|
|
|
|
|
|
|
}); |
362
|
|
|
|
|
|
|
|
363
|
|
|
|
|
|
|
=head2 webpush.authorization |
364
|
|
|
|
|
|
|
|
365
|
|
|
|
|
|
|
my $header_value = $c->webpush->authorization; |
366
|
|
|
|
|
|
|
|
367
|
|
|
|
|
|
|
Won't function without L and L. Returns |
368
|
|
|
|
|
|
|
a suitable C header value to send to a push service. |
369
|
|
|
|
|
|
|
Valid for a period defined by L. Not currently cached, |
370
|
|
|
|
|
|
|
but could become so to avoid unnecessary computation. |
371
|
|
|
|
|
|
|
|
372
|
|
|
|
|
|
|
=head2 webpush.aud |
373
|
|
|
|
|
|
|
|
374
|
|
|
|
|
|
|
my $aud = $c->webpush->aud; |
375
|
|
|
|
|
|
|
|
376
|
|
|
|
|
|
|
Gives the app's value it will use for the C JWT claim, useful mostly |
377
|
|
|
|
|
|
|
for testing. |
378
|
|
|
|
|
|
|
|
379
|
|
|
|
|
|
|
=head2 webpush.public_key |
380
|
|
|
|
|
|
|
|
381
|
|
|
|
|
|
|
my $pkey = $c->webpush->public_key; |
382
|
|
|
|
|
|
|
|
383
|
|
|
|
|
|
|
Gives the app's public VAPID key, calculated from the private key. |
384
|
|
|
|
|
|
|
|
385
|
|
|
|
|
|
|
=head2 webpush.verify_token |
386
|
|
|
|
|
|
|
|
387
|
|
|
|
|
|
|
my $bool = $c->webpush->verify_token($authorization_header_value); |
388
|
|
|
|
|
|
|
|
389
|
|
|
|
|
|
|
Cryptographically verifies a JSON Web Token (JWT), such as generated |
390
|
|
|
|
|
|
|
by L. |
391
|
|
|
|
|
|
|
|
392
|
|
|
|
|
|
|
=head2 webpush.encrypt |
393
|
|
|
|
|
|
|
|
394
|
|
|
|
|
|
|
use MIME::Base64 qw(decode_base64url); |
395
|
|
|
|
|
|
|
my $ciphertext = $c->webpush->encrypt($data_bytes, |
396
|
|
|
|
|
|
|
map decode_base64url($_), @{$subscription_info->{keys}}{qw(p256dh auth)} |
397
|
|
|
|
|
|
|
); |
398
|
|
|
|
|
|
|
|
399
|
|
|
|
|
|
|
Returns the data encrypted according to RFC 8188, for the relevant |
400
|
|
|
|
|
|
|
subscriber. |
401
|
|
|
|
|
|
|
|
402
|
|
|
|
|
|
|
=head2 webpush.send_p |
403
|
|
|
|
|
|
|
|
404
|
|
|
|
|
|
|
my $result_p = $c->webpush->send_p($jsonable_data, $user_id, $ttl, $urgency); |
405
|
|
|
|
|
|
|
|
406
|
|
|
|
|
|
|
JSON-encodes the given value, encrypts it according to the given user's |
407
|
|
|
|
|
|
|
subscription data, adds a VAPID C header, then sends it |
408
|
|
|
|
|
|
|
to the relevant web-push endpoint. |
409
|
|
|
|
|
|
|
|
410
|
|
|
|
|
|
|
Returns a promise of the result, which will be a hash-ref with either a |
411
|
|
|
|
|
|
|
C key indicating success, or an C key for an array-ref of |
412
|
|
|
|
|
|
|
hash-refs with a C giving reasons. |
413
|
|
|
|
|
|
|
|
414
|
|
|
|
|
|
|
If the sending gets a status code of 404 or 410, this indicates the |
415
|
|
|
|
|
|
|
subscriber has unsubscribed, and L will be used to |
416
|
|
|
|
|
|
|
remove the registration. This is considered success. |
417
|
|
|
|
|
|
|
|
418
|
|
|
|
|
|
|
The C must be one of C, C, C (the default) |
419
|
|
|
|
|
|
|
or C. The C defaults to 30 seconds. |
420
|
|
|
|
|
|
|
|
421
|
|
|
|
|
|
|
=head1 TEMPLATES |
422
|
|
|
|
|
|
|
|
423
|
|
|
|
|
|
|
Various templates are available for including in the app's templates: |
424
|
|
|
|
|
|
|
|
425
|
|
|
|
|
|
|
=head2 webpush-askPermission.html.ep |
426
|
|
|
|
|
|
|
|
427
|
|
|
|
|
|
|
JavaScript functions, also for putting inside a C |
456
|
|
|
|
|
|
|
|
457
|
|
|
|
|
|
|
Each application must decide when to ask such permission, bearing in |
458
|
|
|
|
|
|
|
mind that once permission is refused, it is very difficult for the user |
459
|
|
|
|
|
|
|
to change such a refusal. |
460
|
|
|
|
|
|
|
|
461
|
|
|
|
|
|
|
When it is granted, the JavaScript code will communicate with the |
462
|
|
|
|
|
|
|
application, registering the needed information needed to web-push. |
463
|
|
|
|
|
|
|
|
464
|
|
|
|
|
|
|
=head1 SEE ALSO |
465
|
|
|
|
|
|
|
|
466
|
|
|
|
|
|
|
L, L, L. |
467
|
|
|
|
|
|
|
|
468
|
|
|
|
|
|
|
L - command-line control of web-push. |
469
|
|
|
|
|
|
|
|
470
|
|
|
|
|
|
|
RFC 8292 - Voluntary Application Server Identification (for web push). |
471
|
|
|
|
|
|
|
|
472
|
|
|
|
|
|
|
L - Encrypted Content-Encoding for HTTP (using C). |
473
|
|
|
|
|
|
|
|
474
|
|
|
|
|
|
|
L |
475
|
|
|
|
|
|
|
|
476
|
|
|
|
|
|
|
=head1 ACKNOWLEDGEMENTS |
477
|
|
|
|
|
|
|
|
478
|
|
|
|
|
|
|
Part of this code is ported from |
479
|
|
|
|
|
|
|
L. |
480
|
|
|
|
|
|
|
|
481
|
|
|
|
|
|
|
=cut |
482
|
|
|
|
|
|
|
|
483
|
|
|
|
|
|
|
__DATA__ |