Updating APNs to HTTP/2 usage (AGPUSH-1452) - some questions about authentification with Apple
by Matthias Wessendorf
Hey guys,
we are planing the estimates and amount of work needed to bring our APNs
API calls to latest and greatest. Besides the HTTP/2 stuff, Apple has some
other interesting changes:
* AGPUSH-1482 one certificate for push
* AGPUSH-1900 Token based authentification
I think this naturally leads to a few questions
- AGPUSH-1482
With this Apple removes the need for different certificates for the
different stages (PROD/DEV). But what about backwards compatiblity? We
could deprecate the "old" Variant type, and create a new variant, just
having one certificate, but still keeping the choice of PROD/DEV, because
they still have different APIs to call in, for PROD and DEV. But they just
don't worry about the type of the certificate anymore. Implementation wise
this means the one cert is applied regardless of the chosen stage. Also,
changing the stage in the UI, does NOT require to update the certificate
anymore.
- AGPUSH-1900
Should we just ignore the "one certificate" thing and just do token based
auth? Not sure... perhaps some shops are still 'relying' on the certificate
based solution. So, the token-based auth could result into a new iOS
variant (JWT token flavor'd). The DEV/PROD stage is a thing here as well ;-)
My suggestion is:
* deprecate current iOS type in the UI, and QUICKLY remove it
* add "one certificate style auth" variant for iOS
* add "Token auth" variant for iOS
What do folks generally feel about this topic?
Greetings,
Matthias
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
twitter: http://twitter.com/mwessendorf
8 years, 3 months
