Last active
November 13, 2017 07:08
-
-
Save nickvergessen/c00882b5e85a2b2b4d3df4636c0052a9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reply to: https://social.tchncs.de/@Billie/98993004627789275 | |
Let me clarify this a bit here, since there seems to be a bit of confusion with some | |
false conclusions. | |
Yes, the f-droid version of the Nextcloud Android app is without Google Play Services. | |
Therefor it comes without Push notifications at the moment and we also do not pull for | |
them repeatingly to not drain your battery. | |
However this is only for Push. You can still read the notifications in the notifications | |
section (screenshot which prints the "google play services missing" message above). | |
When you open the section it will pull for new notifications on demand. | |
Also note, that the push notifications are encrypted with a key, which the Android app | |
sends to the Nextcloud server (when push is available). So the android app tells the | |
Nextcloud server: "hi I want to be pushed to and this is my device key which you use to | |
encrypt them and here is also the a token which you can use as my address". | |
As for the server code: No, it does not contain any google related code. | |
As per above the devices register on the server and therefor the server knows, when a | |
notification should trigger a push notification and when not. Also we have a stupid | |
proxy in place , which authenticates towards google instead of your Nextcloud server to: | |
1. hiding your server from google | |
2. protects our developer cert (which is needed to authenticate at google and otherwise everyone could do this) | |
3. verifies that the Server is allowed to push to that device. | |
The proxy is very stupid and only has: | |
1. a hash of "username+server url" to verify the target | |
2. the public key to verify the signature of the message | |
3. the google push token | |
You can read more about this in the related docs: https://github.com/nextcloud/notifications/blob/master/docs/push-v2.md |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment