So, I have an app in the store, I have downloaded it on my phone and obtained push token for that device. I tested silent push notification sending and indeed, it works, my device received it.
I wanted to check what is the time after push token will become invalid. First thing I did was simply uninstalled an app and was paying attention after which time I will start getting {"reason":"Unregistered","timestamp:1234567890} to my curl request which looks like this:
curl -d '{"aps":{"content-available":"1"}}' --cert "/Users/uerceg/Desktop/ProductionCertForMyAppsPush.pem":"password" -H "apns-topic:com.my.app" --http2 https://api.push.apple.com/3/device/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Once I have uninstalled an app from my device, it generally varies from case to case (I guess Feedback Service has some kind of tokens refresh logic I am not really aware of, nor I found some documentation about it, anyway), but it takes from 3-12 minutes to start receiving information that my app is uninstalled. Lovely.
After that, I wanted to test one more case - selecting Erase All Content and Settings and completely wiping out everything from my iPhone without restoring any backup afterwards.
Once I did that, app is removed as well. But curl request is always returning status 200. I waited for 5 days and after 5 days, it is still returning 200 as if app is installed, but my guess is that it shouldn't. Once erasing everything, I have newly installed my app, got new push token which I use to successfully send silent push notifications again.
Sure, if I have mechanism to identify that this particular device newly installed an app, I can update the token on the backend side not to send notification to that device anymore, but my question still remains: Why is Apple not invalidating the token in case where I have deleted my app by erasing and resetting my iPhone?
Maybe this is expected behaviour and my question doesn't make sense, but if it is expected behaviour, can you please point me to some documentation which is explaining this?
Thanks in advance.
Likely for the same reason that if you make a backup of your phone, and restore from backup, existing push keys still work. Invalidating the key on a device that is getting wiped would take out the potential that same key could be used from a backup.
Related
I have a very simple PHP test script that initially works, using the following server config:
$domain = "gateway.sandbox.push.apple.com";
$url = 'ssl://' . $domain . ':2195';
I'm receiving PushKit notifications every time I expect them including when the phone is locked. However testing it over and over while trying to implement the server side and convert it to HTTP/2, it just stops working reliably and only seems to trigger when I'm inside the application.
Inside the application: always works
Outside of the application including just backgrounded the app: works in the beginning, then stops working
It's very hard to get it to work if I don't know if even the most basic form of sending the message (through the PHP test script works). Also it worries me that my production application might suffer from the same kind of throttling if a user is sending too many messages (i.e. mom trying to call from the hospital 10x in a row).
I do always trigger CallKit in my PushKit code path every time so I think I'm good regarding to the changes in VoIP pushes in iOS 13.
What could be the cause of this different over time? How (if possible) can I prevent it? How can I detect it?
For that one person that upvoted my question but didn’t find a response:
Killing the app makes the OS think depriotitize it and it leads to the OS not forwarding the VoIP push anymore. To mitigate this problem as a developer you need to start the debugger without launching the app, so when you open the app from the push it can attach. Then kill the app only through the stop button in Xcode.
Testers need to be instructed about this problem. If you’re sure the code works for you and it stops working for the tester, they need to uninstall the app, restart the phone and install it again. If possible never kill the app manually. This sucks, I know it.
What I did as a test is following:
I made example app where I enabled push notifications and implemented mechanism for handling them.
I was testing sending of silent push notifications to my app with curl and that works pretty well. I am testing that with:
curl -v -d '{"aps":{"content-available":1}}' --cert "/Users/me/Desktop/mycert.pem":"" -H "apns-topic:com.domain.name" --http2 https://api.development.push.apple.com/3/device/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
As an answer from Apple, I am always seeing following:
< HTTP/2.0 200
< apns-id:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX
Which is fine and as expected, according to Table 6-4 from the official docs: https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/APNsProviderAPI.html
Now I delete the app from my device and I retry the same request kinda hoping that I will start getting status code 410 and info that The device token is no longer active for the topic. How ever, that doesn't happen and I am always getting 200 status code like everything's fine and that the push token is still available.
1 - 1.5 hours after deletion, I am still getting 200 as an answer.
Do you maybe know how often does Apple refresh push tokens list and when I can expect to eventually start getting 410? And also - is 410 status (and Instant Feedback in general) testable at all while testing the app outside of production environment?
Thanks in advance for any kind of answer.
Cheers
Okay, so from what I have discovered, seems that Instant Feedback service from Apple is working just fine and is able to detect uninstall pretty fast. There was a small trick in how to test these things properly with sandbox service.
If you make an app which you are testing locally on your device and your app is the only one installed on your phone from that provisioning profile (vendor), stuff which I faced as an issue in my question will be encountered. For some reason, even if you uninstall the app (which was the only one on the phone installed from your provisioning profile), Apple is always responding with 200.
What needs to be done is following: After you install your app which you are testing, create a new dummy app with another bundle ID, but which also coming from your provisioning profile, enable push notifications in it as well and install it on your device. So now, you have two apps that you made - one which you are developing and testing the Instant Feedback service with and another one which kinda "zombie" app which just sits in there and does nothing.
After this, uninstall your test app, try to send silent push notification and Apple will respond with status code 410 as expected.
Dummy way, but for some reason that's how it should be while testing. Behaviour in production should be as expected and w/o any need to have a dummy (or any other) app from same vendor installed on iOS device.
Apples docs are a bit vague on when a device's deviceToken can change. It pays to code defensively, and to test that code.
I've written my app so that at startup it registers for push notifications and handles the didRegisterForRemoteNotificationsWithDeviceToken callback.
My didRegisterForRemoteNotificationsWithDeviceToken saves the last device token to user defaults, and if the token is still the same, it moves on. If it doesn't have a saved token at all, or if the tokens don't match, it uploads the new token our server.
I also have a mechanism that lets me name my test devices with human-readable names like "4s_1" "5s_1" "5s_2", etc. I have a server command line tool that takes the human-readable device name, looks up the device's 'identifierForVendor' from that, and then looks up the device token using the identifier. It then triggers a sandbox notification.
It seems that deleting the app and reinstalling it causes the 'identifierForVendor' to change, but not the deviceToken, which is exactly the opposite of what I'd like to have happen for testing. I want some value that never changes to uniquely identify a test device, and away to change the device token so I can test my code.
EDIT: Since writing this I've changed the app to generate it's own UUID and save that to the keychain as suggested by Wain in his answer.
Is there a way to force Apple's APNs to change a device's token so I can test out my code (both client side and server side) for handling the case where the token changes?
I don't believe so.
If you want a single unique identifier then you should create one explicitly and store it in the keychain, then you can store the device name and all other details against this so you have a single point of truth.
Any identifier you stored in the keychain would survive until it was explicitly removed or the device was restored from a backup without that keychain content.
I'm not sure if this approach also resets the token, but you may try to reset the permission:
Resetting the Push Notifications Permissions Alert on iOS The first
time a push-enabled app registers for push notifications, iOS asks the
user if they wish to receive notifications for that app. Once the user
has responded to this alert it is not presented again unless the
device is restored or the app has been uninstalled for at least a day.
If you want to simulate a first-time run of your app, you can leave
the app uninstalled for a day. You can achieve the latter without
actually waiting a day by following these steps:
Delete your app from the device. Turn the device off completely and
turn it back on. Go to Settings > General > Date & Time and set the
date ahead a day or more. Turn the device off completely again and
turn it back on.
Regarding the change of device identifiers: You could install a second application on your test devices (a blank one from the same issuer). If you reinstall your actual app, the identifierForVendor shouldn't change.
Client side you could test be changing the stored device token.
Terminate App in device
Download (xcode devices window) the Container.
Find default in Library/Perferences/ app bundle plist.
Edit entry in plist.
Replace Container (xcode devices window)
Important: I found a restart of the device was required for the changes to take effect.
Then on restart your old device token will be incorrect and what ever action is required can be done.
I used this when debugging an adhoc app I did not have src code for. But, if you have src code might be easier to just make the compare of deviceTokens fail.
In order for us to send users iOS notifications the following flow occurs: a user installs our app, registers with APNS, and sends the registration token to our server to be used later to send notifications.
The above process is repeated for every device on which the user installs our app; we'd like them to get notifications on all their devices.
In addition to this, the process is repeated when a user uninstalls our app and reinstalls on the same device.
Every time the process repeats we get a new, distinct registration token. This is all well and good however, we noticed that only recently when our app is uninstalled, the device token remains valid after it is reinstalled and a new token is generated. It is our understanding that a single unique token can exist for a device.
Apple's documentation seems to suggest this as well (https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/ApplePushService.html#//apple_ref/doc/uid/TP40008194-CH100-SW12)
The form of this phase of token trust ensures that only APNs generates the token which it will later honor, and it can assure itself that a token handed to it by a device is the same token that it previously provisioned for that particular device—and only for that device.
When a new token is generated after reinstall and sent to our backend, we've got two device tokens that point to the same device and as a result we send multiple notifications to that device. Are we misunderstanding the documentation? If so, what's the typical way of dealing with the reinstall scenario?
Thanks!
We just did a test here. On our iOS 8.4.1 test device after reinstalling our app we've received the same token, whereas on iOS 9.1 we always receive a new token after re-installing. This wouldn't be a problem if APNS invalidates the older device tokens, but as far as I can tell it does not. The result is that we're sending duplicate notifications to our users to the same device. Maybe it takes some time to invalidate older token?
We decided to do a server-side fix for this and remove duplicate tokens for one user from our database. Not a good and permanent solution, but a short-term fix for us since our users use the app usually on one device only.
Yes, I am seeing a single device with the same app (my app), which has been issued different APNS over its short life, many of which are still capable of still receiving a push notification (from production APNS server).
The easy fix would be to just have our backend APNS sending service to only honor the last APNS token received. This is doable, assuming there is another primary key that is unique to every iOS device. Well, since UUID is no longer available, then we have to rely on the Apple Vendor ID. That problem with the Apple Vendor ID is that value can also change over time, so be sure to account for that.
We currently only send push notifications to devices which have our unique member/user ID. This is known to our app, once a user has signed into our app. So, we could use our member/user ID, but if a member/user has multiple devices, that means if we use the last APNS token value as the one that wins, than the same member could NOT have multiple iOS devices receiving push notifications (think iPad and iPhone, pretty common these days).
So, with that being said, when upper-management wants to send push notifications to devices in which no unique member/user has actually signed into, there is a risk of the streams getting crossed.
We have the same problem that we found 2 valid device tokens for 1 device.
However, when we tried to verify "uninstalling and reinstalling would generate a new device token, and the former device token is still valid", we got the opposite result.
Namely, the new device token was generated, but the former device toke became invalid.
I verified this on 3/9/2016 and 3/10/2016.
Not sure if Apple has fixed this bug partially:
a) when the app is uninstalled and reinstalled from now on, the old deviceToken become invalid. (no new issues)
b) currently valid device tokens will continue to be valid. (old issues can't be fixed, the device will still receive multi notificatioins from each valid device token)
Looks like we'll have to use "identifierForVendor" to distinguish a unique device: Cleaning our registration table (and keep the latest deviceToken only) if we see 2 deviceTokens share the same identifierForVendor.
"Every time the process repeats we get a new, distinct registration token".
Are you sure about that? 100% sure?
In my experience if you uninstall the app, then re-install it then 99.99% of the time you will get the same device token. If you are getting a new unique device token every single time you uninstall and then reinstall the app then that is something I've never seen in multiple years and multiple apps. Hence maybe something strange is going on.
There are instances when a new device token will get generated but they are rare, are you sure you are not doing something else between uninstallation/re-installation?
P.S. there is a different device token for production builds and release builds, eliminate this factor from your observations - i.e. make sure you're not doing something like installing a prod build, then uninstalling it and re-installing a dev build or vice versa. Even if you are doing this the total number of unique dev tokens would still only be two (though only one is valid per environment).
I was able to show an Alert View like the image above after registering for Remote Notifications.
But when i delete my Project App and build it again, it will not show anymore.
Will there be any chances to show the alert view again to the same device?
What i like is to get my device token again because I failed to store the device token temporarily in the NSUserDefaults.
Delete your app from the device.
Turn the device off completely and turn it back on.
Go to Settings > General > Date & Time and set the date ahead a day
or more.
Turn the device off completely again and turn it back on.
reference: https://developer.apple.com/library/ios/technotes/tn2265/_index.html
Addressing the question of presenting the push notifications permissions dialog again as needed for testing -- this is certainly a workaround, but here goes:
Having just finished work on an app that uses Push Notifications extensively, and having tried all the usual permutations, without success ... I ultimately realized that the most streamlined way to work around that issue was to get a device to use only for testing (i.e., a low-end iPod Touch).
To reset the dialog, do a Settings > General > Reset > Erase All Content and Settings. Go thru the device's setup process, reinstall the app and Go.
This was the only way I found to test the 'first launch' experience on demand, as needed during the course of development/testing. It also added a lot of additional versatility to the process.
Shouldn't have needed to resort to all this, but I'm very glad I did, as it turned out to be a real godsend. FWIW.
[P.S. It will probably also prove handy in the future for testing beta versions of the OS, etc.]
At launch, your app should be requesting a token via:
- (void)registerForRemoteNotificationTypes:(UIRemoteNotificationType)types
and will get a token from iOS in the delegate message:
– application:didRegisterForRemoteNotificationsWithDeviceToken:
iOS will prompt the user to allow notifications only when necessary. If remote notifications are already authorized for your app the alert will not appear and your app will get a valid token.
Net is you can't force the alert but you don't need to.
Yes.
http://developer.apple.com/library/ios/#technotes/tn2265/_index.html
If you want to simulate a first-time run of your app, you can leave the app uninstalled for a day. You can achieve the latter without actually waiting a day by setting the system clock forward a day or more, turning the device off completely, then turning the device back on.
Temporarily change your package id.
com.mycompany.app - > com.mycompany.app1