Back/webpush

[p1gp1g]

This PR adds web push support to send push notifications. Web Push is defined by 3 RFCs: RFC8030 (the requests), RFC8291 (encryption) and RFC8292 (server authorization).

It can then be used by the web application to receive real time notifications, even when nextcloud isn't opened in a tab, and without the notify_push app (which adds a websocket support to nextcloud). This is particularly useful for collaborative work, as nexcloud isn't always opened but we can expect to be notified anyway. This support is in the second PR

This support also allow to get push notifications on Android without the proxy:

• FCM servers can be notified with webpush
• UnifiedPush can be used, for user who prefer or can't use the Play Services

Fix #1225

Required for:
nextcloud/android#8684
nextcloud/talk-android#257

Which will also fix:
nextcloud/android#12151 (won't be necessary)
nextcloud/android#11898 (duplicate)
nextcloud/android#5510 (supersede, openpush was a research project, and their website now link to unifiedpush)
nextcloud/android#8800 (another duplicated ?)
nextcloud/android#3333 (UP supports allow using FCM without the proprietary lib)
(There might be other issues)

[wrenix]

You do not signoff your commits, could you please check the DCO CI job?

[p1gp1g]

@provokateurin it may interest you for Neon

[nickvergessen]

We'll check the rough idea later this week, but CI seems pretty red at the moment 🙈

[p1gp1g]

We'll check the rough idea later this week, but CI seems pretty red at the moment 🙈

Indeed, I'm fixing it. I was waiting for the CI to run

PS: I forgot to mention, this feature is part of a grant with NLnet

[nickvergessen]

It's conflicting in composer.lock so CI is not starting 🙈

[p1gp1g]

Should be ok now

[p1gp1g]

@nickvergessen Can you run the CI again ?

[p1gp1g]

I will need some help to fix the CI.

• The static-psalm-analysis raises many UndefinedClass: I don't know how you manage to fix this on other existent classes?
• The integration tests fail, I think it is because test:integration runs tests/Integration/run.sh and it misses mozart compose, used to get minishlink/web-push. I can't run the CI on my own repo, I think that because the workflows use your own runners. Do you mind if I push a commit that I think should work ? We probably can expect one or 2 tries before
  it works

[p1gp1g]

The changes for the android-lib are ready, once this PR is done: nextcloud/android-library@master...p1gp1g:nextcloud-library:feat/webpush

[p1gp1g]

@nickvergessen : Are you OK to run the CI if I push a potential fix for it? (cf. #2662 (comment))

[nickvergessen]

You were missing some files to set up Mozart correctly, I added them. Let's see what that does to CI.

[nickvergessen]

Something is wrong here.
It might be that your dependency brings in psr/clock or in a different version or something

[p1gp1g]

it has moved to the packages list, same version: it may be possible another lib use it. Is it a problem since the lib is still listed ?

[nickvergessen]

The problem is that it should be here, but aparently is not anymore as per Psalm:

Error: lib/BackgroundJob/GenerateUserSettings.php:21:3: MissingDependency: OCP\AppFramework\Utility\ITimeFactory depends on class or interface psr\clock\clockinterface that does not exist (see https://psalm.dev/157)

[p1gp1g]

Is it ok if I do composer require psr/clock --dev and update the lock, so it will be explicitly included in dev requirement ?

[nickvergessen]

I'm not sure how that fully works, but psr/clock is part of server's 3rdparty directory already and we should not duplicate it or create a conflict or something.
Maybe you can try if provide solves that?
https://github.com/ChristophWurst/nextcloud_sentry/blob/9e8385fb2c0c170edbedc3d81f3d304f50197cd6/composer.json#L27-L29

[p1gp1g]

If I understand correctly, we have to add the "provide" to nextcloud/ocp, I can push a test using a temporary repo to override nextcloud/ocp

[p1gp1g]

I've tested different combinations, with/without provide, in notification app, in ocp, with require/require-dev and nothing works: p1gp1g#1 any idea ?

[p1gp1g]

I've found the issue: mozart removes the vendor directory after namespacing, and psc/clock is a transitive dependence of the webpush lib

[p1gp1g]

Thank you. I think we need to ignore the new vendor directories too?

[nickvergessen]

I think we need to ignore the new vendor directories too?

The vendor-bin/ part is correctly ignored already:

/vendor-bin/*/vendor

But since this app is shipped with the server it has to be buildable repeatingly, so we need to commit lib/Vendor/ at the end of the pull request work or in a follow up. (Please don't commit it yet, as it makes the PR even more unreadable and not loadable in the GitHub UI)

[p1gp1g]

OK, I see, maybe excluding them from the lint checks then ?

[p1gp1g]

The psalm CI was fixed, but there was still some errors. The lint error is fixed now, and I moved the VAPID initialization to fix other CI. There shouldn't be much to do now. The openapi CI is expected to fail because lib/Vendor isn't included in the git repo at this moment

[p1gp1g]

OK, the CI is finally good 👍

[blizzz]

The openapi CI is expected to fail because lib/Vendor isn't included in the git repo at this moment

Are you sure? I think the lib/Vendor is just misleading, the actual mismatch that leads to the error state happens before. Did you try regenerating the openapi specs?

[p1gp1g]

The openapi CI is expected to fail because lib/Vendor isn't included in the git repo at this moment

Are you sure? I think the lib/Vendor is just misleading, the actual mismatch that leads to the error state happens before. Did you try regenerating the openapi specs?

Yes, the openapi jsons are updated in the PR, and if I run composer run openapi nothing changes

[nickvergessen]

Yeah that's okay for now.

---

Unfortunately I'm sick atm, but I hope to be able to review it in more detail later this or next week.

[p1gp1g]

I wish you good recovery. I'll finish UnifiedPush support for Talk android until then :)

[github-actions]

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

(If you believe you should not receive this message, you can add yourself to the blocklist.)

[wrenix]

Why not put lib/Vendor into the .gitignore ?

[nickvergessen]

Why not put lib/Vendor into the .gitignore ?

Because we need repeatable builds and packages, so any shipped code needs to be checked in at the end.