Since iOS 9 application changes apns token after reinstallation of an application.
But iOS 8 and 7 doesn't do it.
How can I distinguish next situation using iOS 8 and iOS 7?
User installed an app.
User launched app and allowed push notifications in the app. (I getted some token)
User logged in/registered. (I connected token with registered user).
User deleted the app.
User installed the app, launched it once and allowed push notifications. (getted the same token, )
After these actions, this unregisterd user will get notifications about some actions in his account without needs to log in.
If it were a bank/finance app, it would influence the security of registered user.
How to prevent this?
You can call
[[UIApplication sharedApplication] unregisterForRemoteNotifications];
in
-application:didFinishLaunchingWithOptions: method. Then, when user logs in, register for remote notifications.
But anyway, if app is uninstalled and installed again, it will not receive push notifications until -registerForRemoteNotifications get called, and you must call this method ONLY after user authentication. Even if token is same as previous one, it will associated with this new user, and your server should handle that.
Related
I need to refresh push token if user don't run app for long time. I tried to use background mode and application:performFetchWithCompletionHandler:
method. Inside this method I call - registerUserNotificationSettings:(UIUserNotificationSettings )notificationSettings. And then I expect that didRegisterUserNotificationSettings (UIUserNotificationSettings)notificationSettings will be called but this not happen. Is there any way to register in APNS without running app?
Simple Answer is No
APNs can issue a new device token for a variety of reasons:
User installs your app on a new device
User restores device from a backup
User reinstalls the operating system
Other system-defined events
As a result, apps must request the device token at launch time, as described in APNs-to-Device Connection Trust and Device Tokens. For code examples, see Registering to Receive Remote Notifications.
Apple Documentation : https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/APNSOverview.html
I have application which has successfully integrated apple push notifications, when user logs in to the application app registers with the push notification and token is saved on our back-end, when user sign out from the app, we remove the push notification tokens from our back-end. but if user uninstall app from the device WITHOUT SIGN-OUT from app, and then re-install,in that case we can still send push notifications to the device, since app is newly installed and not logged in any user we have to remove tokens from the backend. since iOS app does not have any API for uninstallation events how can I remove device token from back-end. I can use push notification feedback service to get uninstalled device tokens but how can I resolve the issue when user removes the application and then reinstall.
I tested this scenario with skype, it also have this issue. (install Skype > Log In > (now you can send app to Background and send some chats from any other device, you will get push notifications) > then Remove app from Device without Sign-Out from Skype > Re-Install Skype > now if we send skype chat we receives push notifications but skype app is newly installed and no one is logged in)
I guess the best thing you can do is to preventively unregister/remove the tokens, when the app is started without a logged in user. You should update the registration anyways each time the app is started, so register/unregister at each app start, depending on if a user is logged in or not. This way, if the user reinstalls the app and starts it the first time, it will be unregistered.
This is the best behaviour you can achieve, as it is the same for Twitter, Facebook, Skype, etc...
I think you are not able to get an event or detect if a user has removed the app or not. What you can do is to send periodic notifications to a device (only setting the badge, without sending a notification) and remove the tokens for what you get a 401 status code. Then you know the app has been removed and you can delete the token.
Yeah! as you have quoted yourself it will continue to send notification unless your server has the info that someone has logged out. Obviously you won't get the info when your app was uninstalled and then reinstalled.
Workaround: If your app is reinstalled you can call an API to deregister since no user is logged in.
I'm working on some iOS apps, all under the same publisher, that all have push notifications enabled. When I call registerForRemoteNotificationTypes, I get the user prompt to allow or disallow push notifications, but I application:didRegisterForRemoteNotificationsWithDeviceToken: gets called with token data before the user chooses an option. And it gets called again when they press OK. Is this normal?
Also of note: multiple apps appear to get the same token when running on the same device.
This is from Apple docs.
When you send this message, the device initiates the registration
process with Apple Push Service. If it succeeds, the application
delegate receives a device token in the
application:didRegisterForRemoteNotificationsWithDeviceToken: method;
if registration doesn’t succeed, the delegate is informed via the
application:didFailToRegisterForRemoteNotificationsWithError: method.
If the application delegate receives a device token, it should connect
with its provider and pass it the token.
AND
The first time a push-enabled app registers for push notifications,
iOS asks the user if they wish to receive notifications for that app.
Once the user has responded to this alert it is not presented again
unless the device is restored or the app has been uninstalled for at
least a day.
I think what you are observing is normal. There is no mention that application:didRegisterForRemoteNotificationsWithDeviceToken
will only be called if user grants permission. I think you can optimize it by caching device token in NSUserDefaults and in this method check if the new token not equal to cached token.
It's an old question, but I've just encountered this issue and it seems to be related to remote-notification background mode. application:didRegisterForRemoteNotificationsWithDeviceToken is called on my iPhone before accepting push notification permission only when this background mode is turned on.
We added receiving push notifications to an iPhone app. Everything was working in the test/sandbox environment, we were getting token id's from the app and could send push notifications from our server.
But now the app is approved and came out of the Appstore we were getting empty push tokens/notifications id's send to our server. We already have over 600 of them... Note that end users do get the popup to approve of receiving notifications in the app, the app is just sending empty tokens to our server after approval. So probably empty tokens are handed out by the APNS server.
The following issue showed us that this is probably due to missing 'push notification' entitlement in the provisioning profile we used to make the build for the app store:
How do I check if an iOS distribution provisioning profile has push notifications enabled?
The missing entitlement was due to a bug in Apple's provisiong protal website, but after 'Modify any existing profile before you download the new one' as mentioned in the following article
http://developer.apple.com/library/mac/#documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/ProvisioningDevelopment/ProvisioningDevelopment.html
We now have the correct entitlement in our .mobileprovision file:
<key>Entitlements</key>
<dict>
..
<key>aps-environment</key>
<string>production</string>
..
So we are rebuilding our app and adding it to the store. And hoping to get push notifications then.
I hope the above might help some others. But now to get to my actual question: Will we start receiving new push tokens also for the 600+ users that already downloaded the current version when they install the next update out of the store? Or do we need to add some initial code to our app? The registerForRemoteNotifications method is right now only called on application startup. Will it also be triggered when the push token id is changed from empty ('') to an actual token? Of course we do not want to wait another (small) week for the new AppStore approval and only then find out that push notification still aren't working for some users. I'm hoping some expert out there can tell us.
Note: We are using an iPhone app developed in MonoTouch, and using the (old) APNS-Sharp library to send the notifications from our server, but I don't think those details are relevant for this issue.
When those 600+ users install the next update and run the application again, your application will call registerForRemoteNotifications (since you said you call it on startup), and will get the non empty device token (when application:didRegisterForRemoteNotificationsWithDeviceToken: is called).
Apple state in their docs that you should always call this method at startup instead of using a cached copy of the device token, because the device token is not guaranteed to remain the same. So you shouldn't have any problem.
Here's the relevant quote from the APNS docs :
An application should register every time it launches and give its
provider the current token. It calls
the registerForRemoteNotificationTypes: method to kick off the
registration process. The parameter of this method takes a
UIRemoteNotificationType (or, for OS X, a NSRemoteNotificationType)
bit mask that specifies the initial types of notifications that the
application wishes to receive—for example, icon-badging and sounds,
but not alert messages. In iOS, users can thereafter modify the
enabled notification types in the Notifications preference of the
Settings application. In both iOS and OS X, you can retrieve the
currently enabled notification types by calling the
enabledRemoteNotificationTypes method. The operating system does not
badge icons, display alert messages, or play alert sounds if any of
these notifications types are not enabled, even if they are specified
in the notification payload.
This is also relevant :
By requesting the device token and passing it to the provider every
time your application launches, you help to ensure that the provider
has the current token for the device. If a user restores a backup to a
device or computer other than the one that the backup was created for
(for example, the user migrates data to a new device or computer), he
or she must launch the application at least once for it to receive
notifications again. If the user restores backup data to a new device
or computer, or reinstalls the operating system, the device token
changes. Moreover, never cache a device token and give that to your
provider; always get the token from the system whenever you need it.
If your application has previously registered, calling
registerForRemoteNotificationTypes: results in the operating system
passing the device token to the delegate immediately without incurring
additional overhead.
We are working on an app that is suposed to receive push notifications. On our test device when we were prompted for an ok to send notifications we clicked ok but failed to store the token that we received. (The request to the server on our end was not handled properly and the token was not stored anywhere else by us).
We have tried the following to have the function didRegisterForRemoteNotificationsWithDeviceToken trigger again (to no avail):
Completely remove the app and reinstall
Turn off notifications for our app in the iPhone settings
However, we cant get it to 'prompt' us again, and the APN development server seems to have already registered so I am assuming that is why the didRegisterForRemoteNotificationsWithDeviceToken doesnt trigger again.
In the end we cannot get a new token, and I don't know how to retrieve the already registered token. Does anyone know how to retrieve the already registered token?
if you call registerForRemoteNotificationTypes: method of UIApplication every time your application launch, the application:didRegisterForRemoteNotificationsWithDeviceToken: delegate method will be called every time also. When the first time registration, iOS will ask user if they want receive notifications, and iOS connect the Apple Notification Service to register and get device token. After that, registerForRemoteNotificationTypes: method call will neither ask user nor connect APN, iOS will immediately call delegate method with the already registered token.
if you want to the Application launching to ask user again, call the unregisterForRemoteNotifications , then call registerForRemoteNotificationTypes: method again.
some detail information related: iOS Application Client Side Device Token Management With Apple Push Notification
I found that the app will always call didRegisterForRemoteTrigger when the application is fully closed and started again, and this will give you the already registered token. I am not sure why it did not call this method when I first tried to recover the token, but this seems to be the solution.