What exactly is the pushnotificationproxy at https://push-notifications.nextcloud.com/?

#1

Hi

Since 12.0 there is the ability to receive push notifications on (mobile) clients. I was testing the Android 2.0.0 client and successfully received a push notification.

I just noticed in my NC logs there is a message about https://push-notifications.nextcloud.com/ and I was wondering what exactly this server does, why it’s needed etc? I found https://github.com/nextcloud/notifications/pull/59 which refers to https://github.com/nextcloud/pushnotificationproxy, IMO it would be very good if this server would be open-source too.

Thanks!

cc @nickvergessen

#2

In order to send notifications to Firebase (Google Service to send push notifications to iOS and Android) you need to use your app developer certificate.
Since we can not ship this with our server code (because than anyone could release stuff for our Android app), we have this proxy in place.

On first opening of the Android/iOS app, it registeres it’s push token + a random string to the push-proxy and passes the random string to the NC server.
The NC server does send encrypted messages with the target random string to the proxy and the proxy forwards them via firebase to the push token.

This way:

  1. Nextcloud (push proxy) does not know the target user (only a random + push token)
  2. Nextcloud (push proxy) does not know the content of the notification
  3. Google (firebase) does not know the nextcloud instance
  4. Google (firebase) does not know the content of the notification

Also there is https://github.com/nextcloud/notifications/issues/82 open, not sure what the status is.

#3

Thanks for your explanation, makes sense!

Do you think it would be possible to open-source the proxy server?

1 Like
#4

I just stumbled across this as well. Is there any reason why the push proxy is not open sourced?

1 Like
#5

Hi,

We are very keen about the status of this one.

For people who are enrolled in ios developer program and owning their own certificates the open sourcing of this crucial part is not only more than welcome but mandatory. There several(!) reasons why we cannot rely on a push proxy which is out of our hands.

@nickvergessen thanks for all the work and we hope you can prioritize the publication of the push proxy. For decision making it would be nice to know when or even if it will be published at all. Thank you!