My goal is to setup Token Authentication Mode in Azure NotificationHub without using certificate on iOS. I generated the token as it is described here. Then I put the Token, Key ID, Bundle ID and Team ID into NotificationHub Apple(APNS) section (I am pretty sure that this is working, because I tried to change token to different value and there was an error: "Error updating notification hub". This means that all values were saved properly.
In my mobile app I followed this tutorial here. If I try to register user to NotificationHub I have this error:
Foundation.NSErrorException: Error Domain=NSURLErrorDomain Code=-1012 "(null)"
UserInfo={NSErrorFailingURLStringKey=https://dev...NotificationHub/Registrations/?
$filter=deviceToken+eq+''&api-version=2013-04, NSUnderlyingError=0x2811b89c0
{Error Domain=kCFErrorDomainCFNetwork Code=-1012 "(null)"
UserInfo={_kCFURLErrorAuthFailedResponseKey=<NSHTTPURLResponse: 0x281903cc0>
{ URL: https://dev...hubnamespace.servicebus.windows.net/dev...NotificationHub/Registrations/?
$filter=deviceToken+eq+''&api-version=2013-04 } { Status Code: 401, Headers {
"Content-Length" = (
0
);
Date = (
"Wed, 25 Mar 2020 11:51:09 GMT"
);
Server = (
"Microsoft-HTTPAPI/2.0"
);
"Strict-Transport-Security" = (
"max-age=2592000"
);
This means that there is an issue with authentication. Before this I had different testing solution with another NotificationHub. What I did differently that I created certificate in apple.developer.com and used Certificate Authentication Method and then I switched to Token Authentication Method. In this sample testing project everything worked without any issue. In my current project I didn't create certificate for APNS.
My question is if I need to create certificate even if I want to use Token? If so what is the point of creating token if I have to create certificate too?
Sorry for the issues you are encountering.
You are correct - if the Portal let you save the credentials then you have it set up correctly. Notification Hub actually authenticates with APNS on save to verify.
Receiving an authentication error when registering a device indicates there was an authentication issue between your iOS application and Notification Hub itself. There would not have been a corresponding call from the Notification Hubs SDK to APNS itself to get that rejection. I would recommend double checking how you are authenticating with your hub, as it should require both the Listen Access Policy/Connection string and the hub name in order to authenticate and register successfully.
This graphic from the Notification Hub docs (https://learn.microsoft.com/en-us/azure/notification-hubs/notification-hubs-push-notification-registration-management#registration-management-from-the-device) shows what I mean by this:
First of all, I would like to thank to Kyle Kamperschroer for helping me out.
To answer my question - you don't need to create certificate if you are using Token Based Authentication.
My connection string and azure hub name were correct. My issue was that RegisteredForRemoteNotifications method in AppDelegate wasn't called. Then the token was empty and it caused authentication issue in NotificationHub.
I solved this in developer.apple.com. I edited provisioning profile and select proper certificates.
There is also one thing which might probably fixed it. In Identifier section I checked PushNotifications and went through configuration without choosing certificate.
Related
I am creating an application in Azure tenant with Microsoft graph API. At the same time, I am also uploading a self-signed certificate for an application.
The OAuth client can request an access token by providing the user assertion. User assertion is self-signed x509 certificate.
I am observing different behaviors when trying to get access token using user assertion:
When tried to get access token for an application after 24 hrs of registration process, I am able to successfully get the access token.
When tried to get access token for an immediately registered application, it fails with following "Invalid_client" error.
So, does the app registration process takes time to register self-signed certificate?
It should take some time to take effect, I can reproduce your issue with a new uploaded self-assigned certificate, it will not take 24 hours, after about 10-20 mins, it works fine.
I'm trying to send push notification for iOS via Google cloud functions but it returns error that The provided registration token is not registered. But I've checked it by debugging my app and the FCM registration token is correct. After that I've tried to send push notification via Firebase console to single device by providing FCM token but it failed due to Unregistered registration token. How this happens because there is no issue with device FCM token?
I think it should be some careless mistake, you should make sure the things below:
The token is same with -[FIRMessagingDelegate messaging:(FIRMessaging *)messaging didReceiveRegistrationToken:(NSString *)fcmToken]
The GoogleService-Info.plist is downloaded from the same account with your Firebase push console.
Updated to the latest Firebase SDK.
From the Google Firebase document are some description of your error The provided registration token is not registered.
The provided registration token is not registered. A previously valid
registration token can be unregistered for a variety of reasons,
including:
The client app unregistered itself from FCM.
The client app was automatically unregistered. This can happen if the user uninstalls the application or, on iOS, if the APNS Feedback
Service reported the APNS token as invalid.
The registration token expired. For example, Google might decide to refresh registration tokens or the APNS token may have expired for iOS
devices.
The client app was updated, but the new version is not configured to receive messages. For all these cases, remove this registration token
and stop using it to send messages.
I also got a similar error. Something like this.
FirebaseMessagingError: The provided registration token is not registered. A previously valid registration token can be unregistered for a variety of reasons. See the error documentation for more details. Remove this registration token and stop using it to send messages.
So I simply generated a new token and replaced it with the old one.
And it started working fine.
I also got a similar error on the released build iOS device.
The provided registration token is not registered. A previously valid registration token can be unregistered for a variety of reasons. See the error documentation for more details. Remove this registration token and stop using it to send messages.
I fixed it by reuploading correct .p12 certificate on the firebase messaging
I got a mail from firebase support team:
"In your case, please note that you can only upload up to 2 APN certificates. One for development and another for production. Since one of the APN certificates is invalid, you should delete the incorrect one. To be able to delete an APN certificate, the user must have an 'owner' permission/role. Upon checking, you don’t have enough permission to make this change. I suggest you reach out to the project owner to request the necessary permission or to delete the APN certificate.
Just to add, As of I/O 2017, developers can use either auth keys or certs for their APNs. We recommend that you use auth keys because they are easier to configure and do not expire. If both cert and an auth key is uploaded, our server will use the auth key.
Our system can not validate auth keys like it does certificates. We do not have a way of validating that APNs will accept them without sending an actual message. With certs, we open a connection to APNs before accepting them, and if they are invalid APNs reject them and we can return the error to the user."
I was experiencing this issue and it turned out that our server was sending a bad notification payload for a certain use case. When this happened, Firebase would send a return code of 400 and unregister the token.
The fix for us was to fix the use case sending the bad payload. The error in our payload was due to "DeviceTokenNotForTopic". Be sure to check that you aren't getting errors when posting notifications prior to when you get in this bad state.
Im trying to get the access token from OAuth 2.0 Playground through POSTMAN. Theses are the configurations. When the Request the token it says Could not complete Oauth2 login. Any reason why i cannot get the token?. How to resolve this?
I also encounter the same problem yesterday. After debugging the request I figure out that postman sends the request to this domain: https://app.getpostman.com
, which is blocked in our internal network. When it is unblocked authorization request working successfully.
To add to Joshi's answer, the missing part that the Google API needs to know how
to call back to Postman.
In the first screen is where Postman shows you the callback URL to use, which as of March 2018 is https://www.getpostman.com/oauth2/callback I imagine this can change.
In the second screen is in the Google API settings where you set that callback URL. Your "Client ID for Web Application" needs to call back to Postman to complete the authorization.
In my case (ubuntu) I had to turn off SSL verification
File > Settings > General Tab > REQUEST Section > SSL certificate verification = OFF:
Source: https://community.postman.com/t/could-not-complete-oauth-2-0-login-check-postman-console-for-more-details/6350
I'm trying to configure my iOS app to receiver notifications with Firebase.
If I export the certificate and the private key without a password and try to upload it (production or development) on Firebase console I get the error "Incorrect password".
If I export the certificate and the private key with a password I get the error "An unknown server error ocurred" or "There was an error reading your certificate".
I don't understand why that is happening. I did follow the tutorial correctly. Can someone help me?
You should be using an APNS Authentication Key rather than the certificates. This is the new preferred method in iOS for a provider to register and send messages with APNS
From Firebase:
Configuration with auth keys is recommended as they are the more
current method for sending notifications to iOS
From Apple:
For a provider to communicate with APNs, it must employ a valid
authentication key certificate (for token-based connection trust) or
SSL certificate (for certificate-based connection trust). You obtain
either of these certificates from your online developer account, as
explained in “Configure push notifications” in Xcode Help. To choose
between the two certificate types, read Provider-to-APNs Connection
Trust. Whichever certificate type you choose, provider connection
trust is prerequisite to a provider sending push notification requests
to APNs.
while exporting just select the Apple Push Service part and don't select the private key from Keychain Access and export than in firebase Production APNs certificate browse the p12 file you just created, it will work.
I don't know when this implementation will be deprecated but it works as of now (19 Feb 2018).
You should export only the certificate and don't select the private key . Please see this screenshot
This maybe a really dumb question but has had me stumped for days now. I have setup an MDM server. Then through the iPCU (iPhone Configuration Utility) I push a configuration profile with the relevant checkin and server URLs. I also add a credentials certificate installed on my machine and specify that as the identity.
After I push the profile to the device however, I get the following error...
MDM: Cannot Authenticate. Error: NSError:
Desc : A transaction with the server at https://heshang.abc.lk/MDMServer/checkin has
failed with the status 404.
US Desc: A transaction with the server at https://heshang.abc.lk/MDMServer/checkin has failed with the status 404.
Domain : MCHTTPTransactionErrorDomain
Code : 23001
Type : MCFatalError
Params : (
"https://heshang.abc.lk/MDMServer/checkin",
404
)
I checked whether the check-in url is accessible through device and it is. So what is causing this authentication error that I am getting ? It is not an SSL error either because I have accessed the MDM server via the device (an iPad) and I don't get an HTTPS error when doing so.
What is causing this authentication error ?
The device uses HTTP PUT when it contacts the MDM Server. Can you verify your web server is configured to handle/route an HTTP PUT request correctly?