Apple Push Notifications - Token Based Connections to APNs (Part 3/4)

In this blog I will show how configure the sgcWebSockets JWT Client to send authenticated HTTP/2 requests to Apple Push Notification Servers.

Secure your communications with Apple Push Notification service (APNs) by using stateless authentication Tokens.

First you must obtain an Encryption Key and a Key ID from Apple Developer Account. Once a successful registration, you will obtain a 10-Character string with the Key ID and an Authentication Token signing key as a .p8 file extension.

You must use the sgcWebSockets JWT Client to generate a JWT using ES256 as algorithm. The token must not be generated for every HTTP/2 request, the token must not be refreshed before 20 minutes and not after 60 minutes.

Configure JWT Client 

Configure the JWT Client with the following values:

  • JWTOptions.Header.Algorithm: is the encryption algorithm you used to encrypt the token. APNs supports only the ES256 algorithm.
  • JWTOptions.Header.kid: is the 10-character Key ID obtained from your developer account.
  • JWTOptions.Payload.iss: the value for which is the 10-character Team ID you use for developing your company's apps. Obtain this value from your developer account.
  • JWTOptions.Payload.iat: The "issued at" time, whose value indicates the time at which this JSON token was generated. Specify the value as the number of seconds since Epoch, in UTC. The value must be no more than one hour from the current time.
  • JWTOptions.RefreshTokenAfter: set the value in seconds to 40 minutes (60*40).

Using Token-Based connections, requires to send the apns-topic with the value of your app's bundle ID/app id (example: com.example.application).

oHTTP := TsgcHTTP2Client.Create(nil);
oHTTP.TLSOptions.IOHandler := iohOpenSSL;

oJWT := TsgcHTTP_JWT_Client.Create(nil);
oHTTP.Authentication.Token.JWT := oJWT;
oJWT.JWTOptions.Header.alg := jwtES256;
oJWT.JWTOptions.Header.kid := 'apple key id';
oJWT.JWTOptions.Payload.iss := 'issuer';
oJWT.JWTOptions.Payload.iat := StrToInt64(GetDateTimeUnix(Now, False));
oJWT.JWTOptions.RefreshTokenAfter := 60*40;

oHTTP.Request.CustomHeaders.Add('apns-topic: com.example.application'); 
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Apple Push Notifications - Certificates Based Conn...
Apple Push Notifications - Send HTTP/2 notificatio...

Related Posts