I am confused on relationship between registration id and tokens. In the tutorial for GCM from Google, we register for a registration id in the beginning. However, we also get a token. Now, in the diagrams, we send the registration id to the targeted server. However, do we also send the token? I know that the token is derived from the registration id. Is the token used as an authentication mechanism between GCM and the app and the server never knows about the token?
If you are looking for a basic knowledge about Google Cloud Messaging, IMO, you can refer to the following:
Basically, you need to do the steps:
Create a new project at Google Developers Console . At this
step, for simplicity, you just need to take note of 2 values: Project Number, which
will be used as SENDER_ID in the client project; and API server key (created at Credentials), which
will be used as API_KEY in the server project.
Create a new simple Android project for server side (with basic source code as my answer in the following links).
Create a new simple Android project for client side (with basic source code as my answer in the following links, I customized from the original source at Google Cloud Messaging - GitHub).
Run the client app, you will get the registration token (means that your device has successfully registered). Then, paste (hard-code) this token at CLIENT_REGISTRATION_TOKEN variable in server app (or write code to send this token to server app).
You can read more at the following questions, one of them you have read before with one of your previous questions:
How to implement a GCM Hello World for Android using Android Studio
Adding Google Cloud Messagin (GCM) for Android - Registration process
For more information:
Key Concepts from Google Cloud Messaging: Overview
Credentials
Sender ID A unique numerical value created when you configure your API project (given as "Project Number" in the Google Developers Console). The sender ID is used in the registration process to identify an app server that is permitted to send messages to the client app.
API Key An API key saved on the app server that gives the app server authorized access to Google services. In HTTP, the API key is
included in the header of POST requests that send messages. In XMPP,
the API key is used in the SASL PLAIN authentication request as a
password to authenticate the connection. You obtain the API key when
you configure your API project.
Registration Token An ID issued by the GCM connection servers to the client app that allows it to receive messages. Note that
registration tokens must be kept secret.
Hope this helps!
GCM now uses the concept of an InstanceID which represents a single install of an app on a device (Android or iOS). Each InstanceID can issue several tokens. These tokens are used to identify the InstanceID and can expire and be refreshed.
On the client device, you initialize an InstanceID, then with that InstanceID you generate a token (registration token). You send that token to your server, which uses the token to send messages to the InstanceID (installed application). If that token is invalidated for any reason like the application is uninstalled or the token is compromised, a new token should be generated and sent to your server.
I am still successfully registering with registration Id method until 11 May 2016
if (checkPlayServices()) {
gcm = GoogleCloudMessaging.getInstance(this);
regid = getRegistrationId(context);
if (regid.isEmpty()) {
registerInBackground();
}
} else {
Log.i(TAG, "No valid Google Play Services APK found.");
}
APA91bHLUfr71D6K7VTrRH3LGiLFxGNr3qRi3xOB_yNl0fLYsqhlgYXxHzOhQx2WKgqZI3sqxa1ZPORa0-5YBZ1_OFLm9cEg1bTh7wtrpCsHW91MSs2BMIXrHEqyjj2TeoVxnAzA5U8s
Related
I am building an push notification service using https://github.com/geeknam/python-gcm
this requires an API_KEY and Registation ID of device to send message.
I have created an app on console.developers.google.com and have got the API_KEY.
Now i have no clue how to get the Registration ID.
Are there dummy app(s) on installation of which it will return registration ID or something like that ?
I have created an app on console.developers.google.com and have got the API_KEY.
You'll only be able to get a valid Server Key when you create a project in Firebase Console. API Keys (recently) generated in the Developer's Console would not work for GCM (and FCM). From the note in the docs (under Server Key):
Starting from September 2016, you can create new server keys only in the Firebase Console using the Cloud Messaging tab of the Settings panel. Existing projects that need to create a new server key can be imported in the Firebase console without affecting their existing configuration.
Are there dummy app(s) on installation of which it will return registration ID or something like that?
You'll have to create your own dummy app where you'll have to call the getToken() to generate a Registration token (aka Registration ID). See the FCM Quickstart in GitHub.
Is it possible to use GCM without any GCM related logic on the client side? The idea is that mobile app shouldn't store / renew tokens etc. Mobile app should just initialise session with the middleware backend which will return back the internal device id and that's it (backend server will register device in GCM / APNs).
The goal is to reduce client side logic and simplify integration, so the flow probably should look like: APP <-> BACKEND <-> GCM
I do not think you can, the documentation states "this app must register with GCM and get a unique identifier called a registration token". There is a whole song and dance the client has to do with GCM that a backend isn't allowed to do. Plus, if the GCM server doesn't know which device is which registration id, it wouldn't know what client to send a notification to.
To GCM documentation states only one process of registering a client:
The client app obtains a registration token using the Instance ID API. The call to this API must have the authorized entity set to your app server's sender ID, and the scope set to the appropriate value for GCM (depending on your platform). Refer to the API reference for full detail on this API.
The client app passes the registration token to the app server.
The app server saves the registration token and acknowledges to the client app that the process completed successfully.
While publishing the Android app, I created a blunder. I commented the code which used to fetch GCM registration ID and send it to our server for persistence. We do have the device ID of all the users, however, their GCM Registration ID is missing on our server side. Is there any way, by which I can register all my users and get their GCM registration ID from the server directly using their respective device ID?
Also, if anyone gives me the correct solution, a Beer treat is assured!
In short No. The GCM InstanceID token identifies an app on a device, so more than the device's ID would be needed to generate the token. Google Play Services on your client device is used to generate the application's InstanceID token. This token cannot be generated from the device ID.
Each app on a device should have a unique InstanceID token, being able to generate this externally from the device with known parameters could be a security issue.
I know C2DM is deprecated and code should be migrated to Google Cloud Messaging for Android (GCM). But we have an existing application using C2DM. The application was built for a client and the client provided the original C2DM authorization token.
Recently, it appears that C2DM messaging stopped for our application. Our theory is that the client changed the password on the Google account and we now need an updated authorization token.
Is this correct? If the Google account's password changes, do you need to create a new authentication token? I can't find any document or SO post that discusses this.
In developer website
there is a Sender Auth Token in the credentials but how to get it?
Please tell me the steps as it is not clear to me.
as Written in Documentation like below.
Sender Auth Token :An API key that is saved on the 3rd-party application server that gives the application server authorized access to Google services. The API key is included in the header of POST requests that send messages.
you can get API KEY from you from HERE
you can get more informations here
EDITED
GCM SERVER SIDE IMPLEMENTATION IN DRUPAL