Open Radar

 
Area:
Notifications

Summary:
When sending push notifications using "token-based trust" (as opposed to "certificate-based trust"), a connection to the APNs server will reject notifications from all teams/topics after a notification is sent using a key for a second team.

Steps to Reproduce:
1. Open a connection to an APNs server without mutual TLS authentication (i.e. in token authentication mode).
2. Send a push notification signed with key A to a topic owned by team A.
3. The APNs server responds with HTTP/200 (notification accepted).
4. Send a push notification signed with key B to a topic owned by team B.
5. The APNs server responds with HTTP/403 (InvalidProviderToken).
6. Send a push notification signed with key A to a topic owned by team A.
7. The APNs server responds with HTTP/403 (InvalidProviderToken), even though the token was previously valid.

Expected Results:
The APNs server accepts notifications from multiple teams, provided that each notification is signed correctly with a valid key.

Alternatively (and much less desirably), the APNs server rejects notifications for topics owned by teams other than the first, but continues to accept notifications sent to topics owned by the team that owns the key from the first notification.

Actual Results:
The APNs server rejects all notifications from all teams/topics after a notification is sent using a key from a second team.

Version:
n/a

Notes:
For additional discussion, please see https://forums.developer.apple.com/thread/72999.

As discussed in https://forums.developer.apple.com/thread/71523, the APNs docs initially suggested that token-based connections might only be able to handle notifications for a single app, but after following up with an Apple evangelist, that passage was found to be in error and removed.

Configuration:
APNs via HTTP/2 with token-based trust

Attachments: