iOS push notifications using TLS certificate vs. using authentication tokens

问题

I am reading the documentation for both push using TLS certificates and push using authentication tokens

But besides explaining how to configure each, the articles don't really explain the differences or pros/cons of both approaches. Can somebody explain them to me?

回答1:

Token-based authentication is newer and essentially simplifies APNS authentication. It is based on a public and private key pair that you can generate on your Apple developer account.

Here are the main reasons why it is simpler:

• The same key can be used for development and production apps whereas different certificates are needed when using certificate-based authentication.
• The same key is used for all your apps referenced in your Apple developer account. Certificate-based authentication needs one certificate per app.
• The key does not expire. Certificates do expire and need to be renewed every year or so.

A good source of intel is the 2016 WWDC video regarding APNS: https://developer.apple.com/videos/play/wwdc2016/724/

回答2:

For 2020, you can only realistically use the "token" method. The older approach is legacy and they will probably axe it.

Your private key will look like this

let keystring = `-----BEGIN PRIVATE KEY-----
MIGTAgEAMBMGByqGSM49Aas8d76as8das687asd687asd68as8brwUIWA46qcXis
zCu6dbd4s8d7b5s86gf98ugtr28re7089a7d6tbvpiiui524kyfpq9861eFJP7we
eE7rX4182609457ohgyj3lhgp98wfb698bfg69287f2k4htgwpo876grwo7XDklz
9fdg689d
-----END PRIVATE KEY-----`

your key id will look like this

let keyId = "CTU7XXBPRH"

and your Apple team id is your usual Apple team id, which looks like this:

let keyId = "YWD3UUTEWD"

Nowadays - thank goodness - it is relatively easy to get the private key and key id from inside your company's account on the Apple developer website.

If you want to test sending a push, I strongly recommend this outstanding new npm, APNS2 https://www.npmjs.com/package/apns2

let bn = new BasicNotification(deviceToken, 'Hello')

It's about that easy to send pushes.

Tips:

Don't forget the damned "development/sandbox" pushes only work ON AN IPHONE TETHERED TO YOUR MAC/XCODE!

• development/sandbox pushes - only for an iPhone tethered to your Mac with a build running from Xcode

• production pushes - they do work completely fine with TestFlight builds.

Additionally: don't forget that the so-called development/sandbox pushes are often flakey. Often, they don't arrive for hours, they don't arrive at all, they simply don't work in many regions.

Don't forget that it is TOTALLY OK to use the "production" ones, simply, with a TestFlight app.

So

1. Make a build
2. Push it to your TestFlight account. Wait a few minutes as usual until it comes through,
3. Install it from TestFlight to your phone
4. You will now get all the pushes - instantly!

Whereas if you

1. Make a build
2. Just build/run to your tethered iPhone
3. You do NOT get any pushes.
4. It's true that you can get the so-called "development" pushes, but they are often very flakey. (To be clear, when using APNS2, to order "development" pushes, simply use the extra line of code explained at the bottom here https://www.npmjs.com/package/apns2 )

来源：https://stackoverflow.com/questions/45081506/ios-push-notifications-using-tls-certificate-vs-using-authentication-tokens