Skip to content

Back/webpush #2662

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
p1gp1g wants to merge 37 commits into
base: master
Choose a base branch
from
+5,822 −167
Open

Back/webpush #2662

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
2efd214
feat(webpush): Add, update, activate and delete webpush subscription
p1gp1g Nov 18, 2025
8b87232
feat(webpush): Registration with new endpoint, p256dh or auth is 'cre…
p1gp1g Nov 19, 2025
a5b09aa
feat(webpush): Return error if too many appTypes are supplied
p1gp1g Nov 19, 2025
d9ffa95
feat(webpush): Send activation token during registration
p1gp1g Nov 19, 2025
ee564f7
feat(webpush): Prepare webpush requests
p1gp1g Nov 20, 2025
80c7390
feat(webpush): Send web push requests
p1gp1g Nov 20, 2025
094eccb
feat(webpush): Delete expired web push subscriptions
p1gp1g Nov 21, 2025
edb1d58
feat(webpush): Send web push delete notifs
p1gp1g Nov 21, 2025
fb3c960
feat(webpush): Fix tests after 'Delete expired web push subscriptions'
p1gp1g Nov 21, 2025
942c3d4
feat(webpush): Add Urgency to web push notifs
p1gp1g Nov 21, 2025
9481d4a
feat(webpush): Add support for 429 status code with web push
p1gp1g Nov 21, 2025
1423ea8
feat(webpush): Fix composer for webpush
p1gp1g Nov 21, 2025
20a9090
feat(webpush): Fix urgency
p1gp1g Nov 21, 2025
0621e1b
feat(webpush): Add support for VAPID
p1gp1g Nov 21, 2025
1b5cf32
feat(webpush): Fix missing $deleteAll
p1gp1g Nov 24, 2025
429b50f
feat(webpush): Add API endpoint to get the VAPID pubkey
p1gp1g Nov 24, 2025
4a69214
feat(webpush): Add webpush capability
p1gp1g Nov 24, 2025
676fb5c
feat(webpush): Fix apptypes
p1gp1g Nov 24, 2025
0c0f2b2
feat(webpush): Add tests for webpush
p1gp1g Nov 25, 2025
0aa109c
feat(webpush): Get apptypes as a string
p1gp1g Nov 26, 2025
e0c6bb0
feat(webpush): Fix tests for apptypes as string
p1gp1g Nov 27, 2025
aec0a1b
feat(webpush): Include WebPushController in ApplicationTest
p1gp1g Nov 27, 2025
424adbc
feat(webpush): Allow multiple delete with webpush
p1gp1g Nov 28, 2025
6363888
feat(webpush): Lint
p1gp1g Dec 2, 2025
1182172
feat(webpush): Add composer lock
p1gp1g Dec 2, 2025
0027d1b
feat(webpush): Fix OpenAPI
p1gp1g Dec 3, 2025
dc2fb55
feat(webpush): Small fixes
p1gp1g Dec 3, 2025
4ef6030
feat(webpush): Fix VAPID auth
p1gp1g Dec 4, 2025
c3df6e4
ci: Try to fix psalm for now
nickvergessen Dec 5, 2025
5fa1b47
ci(cs): Ignore lib/Vendor/ dir from coding standards
nickvergessen Dec 5, 2025
294025e
feat(webpush): Reduce max size for endpoint
p1gp1g Dec 5, 2025
e2c0181
feat(webpush): Lint
p1gp1g Dec 6, 2025
180cf92
feat(webpush): Update query count
p1gp1g Dec 8, 2025
de4a2bf
feat(webpush): Keep vendor dir
p1gp1g Dec 8, 2025
1c94e08
feat(webpush): Fix psalm CI
p1gp1g Dec 8, 2025
c6b6bc8
feat(webpush): Lint
p1gp1g Dec 9, 2025
c57b446
feat(webpush): Init VAPID in constructor
p1gp1g Dec 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat(webpush): Delete expired web push subscriptions 
Signed-off-by: sim <[email protected]>
  • Loading branch information
@p1gp1g
p1gp1g committed Dec 9, 2025
commit 094eccb8f57be5ace48e200e737be0d186f01cd1
55 changes: 45 additions & 10 deletions lib/Push.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use OC\Security\IdentityProof\Key;
use OC\Security\IdentityProof\Manager;
use OCA\Notifications\AppInfo\Application;
use OCA\Notifications\Vendor\Minishlink\WebPush\MessageSentReport;
use OCP\AppFramework\Http;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\Exceptions\InvalidTokenException;
Expand Down Expand Up @@ -175,7 +176,7 @@ public function flushPayloads(): void {
}

$this->deferPayloads = false;
$this->wpClient->flush();
$this->wpClient->flush(fn ($r) => $this->webPushCallback($r));
$this->sendNotificationsToProxies();
}

Expand Down Expand Up @@ -329,6 +330,7 @@ public function webPushToDevice(int $id, IUser $user, array $devices, INotificat

if (!$this->validateToken($device['token'], $maxAge)) {
// Token does not exist anymore
$this->deleteWebPushToken($device['token']);
continue;
}

Expand All @@ -339,13 +341,13 @@ public function webPushToDevice(int $id, IUser $user, array $devices, INotificat
$this->log->error('JSON error while encoding push notification: ' . $e->getMessage(), ['exception' => $e]);
} catch (\InvalidArgumentException) {
// Failed to encrypt message for device: public key is invalid
//TODO $this->deletePushToken($device['token']);
$this->deleteWebPushToken($device['token']);
}
}
$this->printInfo('');

if (!$this->deferPayloads) {
$this->wpClient->flush();
$this->wpClient->flush(fn ($r) => $this->webPushCallback($r));
}
}

Expand Down Expand Up @@ -381,6 +383,7 @@ public function proxyPushToDevice(int $id, IUser $user, array $devices, INotific

if (!$this->validateToken($device['token'], $maxAge)) {
// Token does not exist anymore
$this->deleteProxyPushToken($device['token']);
continue;
}

Expand All @@ -396,7 +399,7 @@ public function proxyPushToDevice(int $id, IUser $user, array $devices, INotific
$this->log->error('JSON error while encoding push notification: ' . $e->getMessage(), ['exception' => $e]);
} catch (\InvalidArgumentException) {
// Failed to encrypt message for device: public key is invalid
$this->deletePushToken($device['token']);
$this->deleteProxyPushToken($device['token']);
}
}
$this->printInfo('');
Expand Down Expand Up @@ -501,6 +504,7 @@ public function proxyPushDeleteToDevice(string $userId, IUser $user, array $devi
$device['token'] = (int)$device['token'];
if (!$this->validateToken($device['token'], $maxAge)) {
// Token does not exist anymore
$this->deleteProxyPushToken($device['token']);
Copy link
Member

@nickvergessen nickvergessen Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When the device was inactive for 60 days we shouldn't delete it directly.
It's possible that the device/user is coming back online.
The problem is the comment is misleading by now.

continue;
}

Expand Down Expand Up @@ -532,7 +536,7 @@ public function proxyPushDeleteToDevice(string $userId, IUser $user, array $devi
}
} catch (\InvalidArgumentException) {
// Failed to encrypt message for device: public key is invalid
$this->deletePushToken($device['token']);
$this->deleteProxyPushToken($device['token']);
}
}

Expand All @@ -541,6 +545,15 @@ public function proxyPushDeleteToDevice(string $userId, IUser $user, array $devi
}
}

/**
* Delete expired web push subscriptions
*/
protected function webPushCallback (MessageSentReport $report): void {
if ($report->isSubscriptionExpired()) {
$this->deleteWebPushTokenByEndpoint($report->getEndpoint());
Copy link
Member

@nickvergessen nickvergessen Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This permanently removes all the device entries, even if the subscription is continued in the future?

}
}

protected function sendNotificationsToProxies(): void {
$pushNotifications = $this->payloadsToSend;
$this->payloadsToSend = [];
Expand Down Expand Up @@ -628,7 +641,7 @@ protected function sendNotificationsToProxies(): void {
// Proxy returns null when the array is empty
foreach ($bodyData['unknown'] as $unknownDevice) {
$this->printInfo('<comment>Deleting device because it is unknown by the push server: ' . $unknownDevice . '</comment>');
$this->deletePushTokenByDeviceIdentifier($unknownDevice);
$this->deleteProxyPushTokenByDeviceIdentifier($unknownDevice);
}
}

Expand Down Expand Up @@ -671,7 +684,6 @@ protected function validateToken(int $tokenId, int $maxAge): bool {
if ($type === IToken::WIPE_TOKEN) {
// Token does not exist any more, should drop the push device entry
$this->printInfo('Device token is marked for remote wipe');
$this->deletePushToken($tokenId);
Copy link
Member

@nickvergessen nickvergessen Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be kept with deleteProxyPushToken

$this->cache->set('t' . $tokenId, 0, 600);
return false;
}
Expand All @@ -685,7 +697,6 @@ protected function validateToken(int $tokenId, int $maxAge): bool {
} catch (InvalidTokenException) {
// Token does not exist any more, should drop the push device entry
$this->printInfo('<error>InvalidTokenException is thrown</error>');
$this->deletePushToken($tokenId);
Copy link
Member

@nickvergessen nickvergessen Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be kept with deleteProxyPushToken

$this->cache->set('t' . $tokenId, 0, 600);
return false;
}
Expand Down Expand Up @@ -939,7 +950,31 @@ protected function getWebPushDevicesForUsers(array $userIds): array {
* @param int $tokenId
* @return bool
*/
protected function deletePushToken(int $tokenId): bool {
protected function deleteWebPushToken(int $tokenId): bool {
$query = $this->db->getQueryBuilder();
$query->delete('notifications_webpush')
->where($query->expr()->eq('token', $query->createNamedParameter($tokenId, IQueryBuilder::PARAM_INT)));

return $query->executeStatement() !== 0;
}

/**
* @param string $endpoint
* @return bool
*/
protected function deleteWebPushTokenByEndpoint(string $endpoint): bool {
$query = $this->db->getQueryBuilder();
$query->delete('notifications_webpush')
->where($query->expr()->eq('endpoint', $query->createNamedParameter($endpoint)));

return $query->executeStatement() !== 0;
}

/**
* @param int $tokenId
* @return bool
*/
protected function deleteProxyPushToken(int $tokenId): bool {
$query = $this->db->getQueryBuilder();
$query->delete('notifications_pushhash')
->where($query->expr()->eq('token', $query->createNamedParameter($tokenId, IQueryBuilder::PARAM_INT)));
Expand All @@ -951,7 +986,7 @@ protected function deletePushToken(int $tokenId): bool {
* @param string $deviceIdentifier
* @return bool
*/
protected function deletePushTokenByDeviceIdentifier(string $deviceIdentifier): bool {
protected function deleteProxyPushTokenByDeviceIdentifier(string $deviceIdentifier): bool {
$query = $this->db->getQueryBuilder();
$query->delete('notifications_pushhash')
->where($query->expr()->eq('deviceidentifier', $query->createNamedParameter($deviceIdentifier)));
Expand Down
11 changes: 7 additions & 4 deletions lib/WebPushClient.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,10 @@
namespace OCA\Notifications;

use OCA\Notifications\Vendor\Base64Url\Base64Url;
use OCA\Notifications\Vendor\Minishlink\WebPush\MessageSentReport;
use OCA\Notifications\Vendor\Minishlink\WebPush\Subscription;
use OCA\Notifications\Vendor\Minishlink\WebPush\Utils;
use OCA\Notifications\Vendor\Minishlink\WebPush\WebPush;
use OCA\Notifications\Vendor\Minishlink\WebPush\Subscription;
use Psr\Log\LoggerInterface;

class WebPushClient {
Expand Down Expand Up @@ -81,10 +82,12 @@ public function enqueue(string $endpoint, string $uaPublicKey, string $auth, str
);
}

// TODO remove 404 and others
public function flush(): void {
/**
* @param callable $callback
* @psalm-param $callback callable(MessageSentReport): void
*/
public function flush(callable $callback): void {
$c = $this->getClient();
$callback = function($r) {};
$c->flushPooled($callback);
}
}