Skip to content

Validate requests in APNSTestServer and fix JWT claim encoding#246

Merged
kylebrowning merged 1 commit into
mainfrom
feat/test-server-parity
Jul 14, 2026
Merged

Validate requests in APNSTestServer and fix JWT claim encoding#246
kylebrowning merged 1 commit into
mainfrom
feat/test-server-parity

Conversation

@kylebrowning

Copy link
Copy Markdown
Owner

The mock server was too lax to catch regressions — deleting the client's bearer-token code passed all 88 tests.

Server (matching documented APNs behavior):

  • Validates authorization bearer JWTs (structure, ES256 header, iss, numeric iat ≤ 1h) → 403 MissingProviderToken/InvalidProviderToken/ExpiredProviderToken.
  • Emits apns-unique-id on device-push responses; apns-request-id echoed on broadcast paths only.
  • Channel create returns 201; malformed apns-id → 400 BadMessageId; real reason strings (BadPath, MissingChannelId).
  • Per-type payload limits (VoIP 5 KB), topic-suffix enforcement per push type, background+priority-10 rejected, priority 1 and the controls push type accepted.
  • Thread-safe captured state (NIOLockedValueBox), a broadcast request log, and a response-override hook for error-path tests.

Library fixes the new validation pinned:

  • JWT iat was encoded as a JSON string (RFC 7519 requires a number) and kid was wrongly duplicated into the payload.
  • Fixes the wall-clock race in testToken.

@kylebrowning
kylebrowning merged commit 1f9d864 into main Jul 14, 2026
6 checks passed
@kylebrowning
kylebrowning deleted the feat/test-server-parity branch July 14, 2026 05:38
@kylebrowning
kylebrowning restored the feat/test-server-parity branch July 14, 2026 05:39
@kylebrowning
kylebrowning deleted the feat/test-server-parity branch July 14, 2026 05:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant