Verified Commit dbeb4e68 authored by Richard Weinhold's avatar Richard Weinhold 🔨

adds support for explicit caCerts in APNS Handler

parent 7648f989
......@@ -18,7 +18,7 @@ $push->send($message, ['<device-token>' => 'fcm']);
### iOS
> NOTE: The `APNS` Handler uses the *new* apple push servers, which require HTTP2. Therefore, curl with HTTP2 support must be installed. If it's not available, use the *legacy* `APNSBinary` handler instead!
> NOTE: The `APNS` Handler uses the *new* apple push servers, which require HTTP2. Therefore, curl with HTTP2 support must be installed. If it's not available, use the *legacy*, ***deprecated*** `APNSBinary` handler instead.
```php
use ricwein\PushNotification\{PushNotification, Message, Handler, Config};
......
......@@ -18,37 +18,15 @@ class APNS extends Handler
Config::ENV_DEVELOPMENT => 'https://api.development.push.apple.com:443/3/device',
];
/**
* @var string
*/
private string $endpoint;
/**
* @var string
*/
private string $appBundleID;
/**
* @var int
*/
private int $port;
/**
* @var string
*/
private string $certPath;
/**
* @var string|null
*/
private ?string $certPassphrase;
/**
* @var int
*/
private ?string $caCertPath;
private int $timeout;
public function __construct(string $environment, string $appBundleID, string $certPath, ?string $certPassphrase = null, ?string $url = null, int $timeout = 10)
public function __construct(string $environment, string $appBundleID, string $certPath, ?string $certPassphrase = null, ?string $caCertPath = null, ?string $url = null, int $timeout = 10)
{
if ($url === null && isset(static::URLS[$environment])) {
$url = static::URLS[$environment];
......@@ -75,6 +53,7 @@ class APNS extends Handler
$this->certPath = $certPath;
$this->certPassphrase = $certPassphrase;
$this->timeout = $timeout;
$this->caCertPath = $caCertPath;
}
public function addDevice(string $token): void
......@@ -144,6 +123,13 @@ class APNS extends Handler
$options[CURLOPT_KEYPASSWD] = $this->certPassphrase;
}
if ($this->caCertPath !== null) {
$caCertPath = realpath($this->caCertPath);
if ($caCertPath === null || !file_exists($caCertPath) || !is_readable($caCertPath)) {
throw new RuntimeException("[APNS] CA not found or not readable for path: {$this->caCertPath}", 404);
}
$options[CURLOPT_CAINFO] = $caCertPath;
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
......
......@@ -21,27 +21,13 @@ class APNSBinary extends Handler
Config::ENV_DEVELOPMENT => 'tlsv1.2://gateway.sandbox.push.apple.com:2195',
];
/**
* @var string
*/
private string $endpoint;
/**
* @var string
*/
private string $certPath;
/**
* @var string|null
*/
private ?string $certPassphrase;
/**
* @var int
*/
private ?string $caCertPath;
private int $timeout;
public function __construct(string $environment, string $certPath, ?string $certPassphrase = null, ?string $url = null, int $timeout = 10)
public function __construct(string $environment, string $certPath, ?string $certPassphrase = null, ?string $caCertPath = null, ?string $url = null, int $timeout = 10)
{
if ($url !== null) {
$this->endpoint = $url;
......@@ -58,6 +44,7 @@ class APNSBinary extends Handler
$this->certPath = $certPath;
$this->certPassphrase = $certPassphrase;
$this->timeout = $timeout;
$this->caCertPath = $caCertPath;
}
public function addDevice(string $token): void
......@@ -126,6 +113,15 @@ class APNSBinary extends Handler
$sslOptions['passphrase'] = $this->certPassphrase;
}
// set CA certificate if given
if ($this->caCertPath !== null) {
$caCertPath = realpath($this->caCertPath);
if ($caCertPath === null || !file_exists($caCertPath) || !is_readable($caCertPath)) {
throw new RuntimeException("[APNSBinary] CA not found or not readable for path: {$this->caCertPath}", 404);
}
$sslOptions['cafile'] = $caCertPath;
}
// open tcp-stream to server
$stream = @stream_socket_client(
$this->endpoint,
......
......@@ -14,19 +14,8 @@ class FCM extends Handler
{
public const FCM_ENDPOINT = 'https://fcm.googleapis.com/fcm/send';
/**
* @var string
*/
private string $endpoint;
/**
* @var string
*/
private string $token;
/**
* @var int
*/
private int $timeout;
public function __construct(string $token, string $url = self::FCM_ENDPOINT, int $timeout = 30)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment