Push: allow using p8 keys

Author: SMillerDev

.gitignore

@@ -16,6 +16,7 @@ profile
 .DS_Store
 entrust_root_certification_authority.pem
 server_certificates_bundle_sandbox.pem
+UniversalPushNotificationClientSSLCertificate.p8
 *~
 Doc/Reference/html
 # Composer

ApnsPHP/Abstract.php

@@ -28,6 +28,9 @@
  */
 
 use Psr\Log\LoggerInterface;
+use Lcobucci\JWT\Signer\Key;
+use Lcobucci\JWT\Signer\Ecdsa\Sha256;
+use Lcobucci\JWT\Configuration;
 
 /**
  * Abstract class: this is the superclass for all Apple Push Notification Service
@@ -64,6 +67,9 @@ abstract class ApnsPHP_Abstract
 
 	protected $_sProviderCertificateFile; /**< @type string Provider certificate file with key (Bundled PEM). */
 	protected $_sProviderCertificatePassphrase; /**< @type string Provider certificate passphrase. */
+	protected $_sProviderToken; /**< @type string|null Provider Authentication token. */
+	protected $_sProviderTeamId; /**< @type string|null Apple Team Identifier. */
+	protected $_sProviderKeyId; /**< @type string|null Apple Key Identifier. */
 	protected $_sRootCertificationAuthorityFile; /**< @type string Root certification authority file. */
 
 	protected $_nWriteInterval; /**< @type integer Write interval in micro seconds. */
@@ -106,7 +112,7 @@ public function __construct($nEnvironment, $sProviderCertificateFile, $nProtocol
 			);
 		}
 		$this->_nProtocol = $nProtocol;
-
+		
 		$this->_nConnectTimeout = ini_get("default_socket_timeout");
 		$this->_nWriteInterval = self::WRITE_INTERVAL;
 		$this->_nConnectRetryInterval = self::CONNECT_RETRY_INTERVAL;
@@ -167,6 +173,26 @@ public function setProviderCertificatePassphrase($sProviderCertificatePassphrase
 		$this->_sProviderCertificatePassphrase = $sProviderCertificatePassphrase;
 	}
 
+	/**
+	 * Set the Team Identifier.
+	 *
+	 * @param  string $sTeamId Apple Team Identifier.
+	 */
+	public function setTeamId($sTeamId)
+	{
+		$this->_sProviderTeamId = $sTeamId;
+	}
+
+	/**
+	 * Set the Key Identifier.
+	 *
+	 * @param  string $sKeyId Apple Key Identifier.
+	 */
+	public function setKeyId($sKeyId)
+	{
+		$this->_sProviderKeyId = $sKeyId;
+	}
+
 	/**
 	 * Set the Root Certification Authority file.
 	 *
@@ -401,7 +427,7 @@ protected function _connect()
 	 */
 	protected function _httpInit()
 	{
-		$this->_log("INFO: Trying to initialize HTTP/2 backend...");
+		$this->_logger()->info("Trying to initialize HTTP/2 backend...");
 
 		$this->_hSocket = curl_init();
 		if (!$this->_hSocket) {
@@ -413,24 +439,41 @@ protected function _httpInit()
 		if (!defined('CURL_HTTP_VERSION_2_0')) {
 			define('CURL_HTTP_VERSION_2_0', 3);
 		}
-
-		if (!curl_setopt_array($this->_hSocket, array(
-			CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_2_0,
-			CURLOPT_SSLCERT => $this->_sProviderCertificateFile,
-			CURLOPT_SSLCERTPASSWD => empty($this->_sProviderCertificatePassphrase) ? null : $this->_sProviderCertificatePassphrase,
-			CURLOPT_RETURNTRANSFER => true,
-			CURLOPT_USERAGENT => 'ApnsPHP',
-			CURLOPT_CONNECTTIMEOUT => 10,
-			CURLOPT_TIMEOUT => 30,
-			CURLOPT_SSL_VERIFYPEER => true,
-			CURLOPT_VERBOSE => false
-		))) {
+		$aCurlOpts = array(
+            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_2_0,
+            CURLOPT_RETURNTRANSFER => true,
+            CURLOPT_USERAGENT => 'ApnsPHP',
+            CURLOPT_CONNECTTIMEOUT => 10,
+            CURLOPT_TIMEOUT => 30,
+            CURLOPT_SSL_VERIFYPEER => true,
+            CURLOPT_VERBOSE => false
+        );
+
+		if (strpos($this->_sProviderCertificateFile, '.pem') !== false) {
+            $this->_logger()->info("Initializing HTTP/2 backend with certificate.");
+		    $aCurlOpts[CURLOPT_SSLCERT] = $this->_sProviderCertificateFile;
+		    $aCurlOpts[CURLOPT_SSLCERTPASSWD] = empty($this->_sProviderCertificatePassphrase) ? null : $this->_sProviderCertificatePassphrase;
+        }
+
+        if (strpos($this->_sProviderCertificateFile, '.p8') !== false) {
+            $this->_logger()->info("Initializing HTTP/2 backend with key.");
+            $cKey   = new Key\LocalFileReference('file://' . $this->_sProviderCertificateFile);
+            $cToken = Configuration::forUnsecuredSigner()->builder()
+                                                        ->issuedBy($this->_sProviderTeamId)
+                                                        ->issuedAt(new DateTimeImmutable())
+                                                        ->withHeader('kid', $this->_sProviderKeyId)
+                                                        ->getToken(new Sha256(), $cKey);
+
+            $this->_sProviderToken = (string) $cToken;
+        }
+
+		if (!curl_setopt_array($this->_hSocket, $aCurlOpts)) {
 			throw new ApnsPHP_Exception(
 				"Unable to initialize HTTP/2 backend."
 			);
 		}
 
-		$this->_log("INFO: Initialized HTTP/2 backend.");
+		$this->_logger()->info("Initialized HTTP/2 backend.");
 
 		return true;
 	}
@@ -443,7 +486,7 @@ protected function _httpInit()
 	 */
 	protected function _binaryConnect($sURL)
 	{
-		$this->_log("Trying {$sURL}...");
+		$this->_logger()->info("Trying {$sURL}...");
 		$sURL = $this->_aServiceURLs[$this->_nEnvironment];
 
 		$this->_logger()->info("Trying {$sURL}...");
@@ -478,7 +521,7 @@ protected function _binaryConnect($sURL)
 
 		return true;
 	}
-
+	
 	/**
 	 * Return the Logger (with lazy loading)
 	 */

ApnsPHP/Push.php

@@ -255,11 +255,25 @@ public function send()
 	 */
 	private function _httpSend(ApnsPHP_Message $message, &$sReply)
 	{
-		$aHeaders = array('Content-Type: application/json');
-		$sTopic = $message->getTopic();
-		if (!empty($sTopic)) {
-			$aHeaders[] = sprintf('apns-topic: %s', $sTopic);
+        $aHeaders = array('Content-Type: application/json');
+		if (!empty($message->getTopic())) {
+			$aHeaders[] = sprintf('apns-topic: %s', $message->getTopic());
 		}
+		if (!empty($message->getExpiry())) {
+			$aHeaders[] = sprintf('apns-expiration: %s', $message->getExpiry());
+		}
+		if (!empty($message->getPriority())) {
+			$aHeaders[] = sprintf('apns-priority: %s', $message->getPriority());
+		}
+		if (!empty($message->getCollapseId())) {
+			$aHeaders[] = sprintf('apns-collapse-id: %s', $message->getCollapseId());
+		}
+		if (!empty($message->getCustomIdentifier())) {
+			$aHeaders[] = sprintf('apns-id: %s', $message->getCustomIdentifier());
+		}
+		if (!empty($this->_sProviderToken)) {
+		    $aHeaders[] = sprintf('Authorization: Bearer %s', $this->_sProviderToken);
+        }
 
 		if (!(curl_setopt_array($this->_hSocket, array(
 			CURLOPT_POST => true,

composer.json

@@ -6,9 +6,10 @@
 	"homepage": "https://github.com/M2mobi/ApnsPHP",
 	"license": "BSD-3-Clause",
 	"require": {
-		"php": ">=5.3.0",
+		"php": ">=7.2.0",
 		"psr/log": "~1.0",
-		"lib-openssl": "*"
+		"lib-openssl": "*",
+		"lcobucci/jwt": "^3.4.3"
 	},
 	"autoload": {
         "psr-0": {"ApnsPHP_": ""}

sample_push.php

@@ -48,7 +48,7 @@
 
 // Set a custom identifier. To get back this identifier use the getCustomIdentifier() method
 // over a ApnsPHP_Message object retrieved with the getErrors() message.
-$message->setCustomIdentifier("Message-Badge-3");
+$message->setCustomIdentifier('7530A828-E58E-433E-A38F-D8042208CF96');
 
 // Set badge icon to "3"
 $message->setBadge(3);

sample_push_http.php

@@ -31,10 +31,13 @@
 // Instantiate a new ApnsPHP_Push object
 $push = new ApnsPHP_Push(
 	ApnsPHP_Abstract::ENVIRONMENT_SANDBOX,
-	'UniversalPushNotificationClientSSLCertificate.pem',
+	'UniversalPushNotificationClientSSLCertificate.p8',
 	ApnsPHP_Abstract::PROTOCOL_HTTP
 );
 
+$push->setTeamId('sgfdgfdfgd');
+$push->setKeyId('klgjhkojmh75');
+
 // Set the write interval to null for the HTTP/2 Protocol.
 $push->setWriteInterval(0);
 
@@ -52,7 +55,7 @@
 
 // Set a custom identifier. To get back this identifier use the getCustomIdentifier() method
 // over a ApnsPHP_Message object retrieved with the getErrors() message.
-$message->setCustomIdentifier("Message-Badge-3");
+$message->setCustomIdentifier('7530A828-E58E-433E-A38F-D8042208CF96');
 
 // Set badge icon to "3"
 $message->setBadge(3);