Login/Register
Web Notification push throws 400 from python on Chrome
Asked Answered
pythongoogle-chromefirefoxweb-notifications
L

1

8

I am using pywebpush 1.4.0 library to push Web Notifications from Django backend. The keys that I'm using were obtained from https://web-push-codelab.glitch.me/. Subscription seems to working fine. Moreover, I tested this on Firefox and it is working fine there.

I receive the following error server side while pushing on Chrome:

Push failed: <Response [400]>: <HTML>
<HEAD>
<TITLE>UnauthorizedRegistration</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>UnauthorizedRegistration</H1>
<H2>Error 400</H2>
</BODY>
</HTML>

The strange part is that my backend controls 3 domains and push is working fine even for Chrome on one domain and not working on others. I ruled out the following possible issues:

  • Improper Private and Public Key pairs as it is working fine on Firefox
  • Outdated pywebpush library as on one domain on Chrome it is working fine
  • Few answers (Chrome Web Notification Push Unauthorized Registration exception) pointed out to update the py-vapid version installed by pywebpush but it's version is already py-vapid==1.3.0

The only possibility I see is if Chrome doesn't allow push notifications on different domains from the same backend. Is anyone aware of such a limitation or could help me with any other pointers here?

Note: I'm using different keys for all the three domains.

Here is the code I'm using to push:

from pywebpush import webpush
webpush(subscription_info,
                data,
                vapid_private_key=vapid_private_key,
                vapid_claims={"sub": "mailto:[email protected]"})

The subscription_info is the json as received while subscribing a user, vapid_private_key is the corresponding private key.

Lotte answered 24/4, 2018 at 7:25 Comment(2)
Django channels can implement this function.Trichome
The issue is not in implementation. As I told, it is working fine on Firefox and for one of the domain on Chrome. The issue is while handling multiple domains on Chrome.Lotte
S
0

The FAQ lists the following reasons for your error (quote):

  • If you fail to define an Authorization header in the request to FCM.
  • Your application key used to subscribe the user doesn't match the key used to sign the Authorization header.
  • The expiration is invalid in your JWT, i.e. the expiration exceeds 24 hours or the JWT has expired.
  • The JWT is malformed or has invalid values

It also states the requirement of adding a applicationServerKey to the request, and that this is not mandated in Firefox. Your issue may lie here: are you sure that the vapid_private_key variable refers to a correct private key for each domain? It might be that it's actual consistently the key of your working domain.

It might be easier to find some potential errors if we had more of the code you used. Chrome just needs a single key per server, but should be able to handle several different servers subscribing.

Supererogate answered 4/5, 2018 at 8:41 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.