<< Buy an app for the whole family | The Flexbox CSS Standard >>

Anatomy of a Push Notification

by Jeremy Foster 15. November 2012 09:20

I can hardly stand not knowing how something works under the hood. More often than not, I'd rather have a working knowledge of a system than the convenience or function of the system itself. It's why I chased degrees in Computer Electronics and Computer Engineering in the first place. I don't know so much about all of the fancy things that engineers put into processors and primary system boards these days, but I'm relieved to have at least a fundamental understanding of a control bus, a machine clock, a MOSFET, an assembly program, and the higher level software abstractions. But I digress…

What I want to talk about right now is the anatomy of a push notification message. I was intimidated by the subject when I was first introduced to it, but I've climbed on top of the general concept now and feel confident enough to post on the matter.

I do have to say that I'm pretty excited about the convenience of Windows Azure Mobile Services (WAMS) abstractions over the process, but I don't want to use it blindly without understanding what it's doing under the hood. I'm going to start with a review of the process and players in a typical push notification. You can find this diagram and an overview of the process here.

The green is you and the blue is Microsoft. You are writing an app and you are responsible for a cloud service to communicate with WNS.

In my typical attempt to make complex sound easy, I'm going to walk you through this process.

[Steps 1-3] Your app asks Windows for a channel.

You ask Windows for a channel, Windows asks WNS (this happens transparent to you), and then Windows gives you a channel. This channel is just a string. Here's a sample URI with an ellipse since it's actually much longer.

https://bn1.notify.windows.com/?token=AgYAAABrcyAqFeh...wfOG5%2bD4TCeHU%3d

By the way, the channel that Windows gives you also includes an expiration time which may be helpful.
[Step 4] Your app sends this URI to your cloud service

You can use whatever means you choose, but I would hope that you'd find a smart and secure way to do that. A potential attacker would have to get this URI and also your Package Security Identifier and Client Secret in order to start sending malicious app notifications, but still.
[Step 5] Your cloud service asks WNS (Microsoft's server) for an access token and then triggers a push

Here's where the bulk of the "magic" happens. Your service does two HTTP calls. The first gets it an access token (which you'll likely want to cache), and the second (and subsequent) initiates a push to your app. WNS knows where your app is because of the URI that you sent it.

Here are examples of those two raw HTTP messages…

First message

POST /accesstoken.srf HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: https://login.live.com
Content-Length: 211
grant_type=client_credentials&client_id=ms-app%3a%2f%2fS-1-15-2-2972962901-2322836549-3722629029-1345238579-3987825745-2155616079-650196962&client_secret=Vex8L9WOFZuj95euaLrvSH7XyoDhLJc7&scope=notify.windows.com

It's just a simple POST to login.live.com/accesstoken.srf. The client_id is actually the Package Security Identifier (SID) that you get from your developer dashboard at http://dev.windows.com, and the client_secret is the Client Secret that you find in the same place.

The response to a successful access token request is something like…

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 422
Content-Type: application/json
{
"access_token":"EgAcAQMAAAAALYAAY/c+Huwi3Fv4Ck10UrKNmtxRO6Njk2MgA=",
"token_type":"bearer"
}

With that, your service has what it needs to submit notifications to be pushed to your app.

Second message

Your service has the access token and that's all it needs to issue requests for WNS to push to your app.

Here's a push message that changes the text on your tile…

POST https://bn1.notify.windows.com/?token=AgYAAABrcyAqFeh...wfOG5%2bD4TCeHU%3d HTTP/1.1
Content-Type: text/xml
X-WNS-Type: wns/tile
Authorization: Bearer EgAcAQMAAAAALYAAY/c+Huwi3Fv4Ck10UrKNmtxRO6Njk2MgA=
Host: bn1.notify.windows.com
Content-Length: 32

<tile><visual><binding template="TileSquareText03"><text id="1">Message sent from push</text></binding></visual></tile>

Notice a few things about this message…
- Just like the request for an access token, this is a secure post to https
- The message is sent to the channel URI
- You can find valid values for the Content-Type and X-WNS-Type headers here
- The Authorization header always has that word Bearer, a space, and then the access token received from the first call
[Step 6] WNS sends the notification to your app

This step is all on WNS and Windows and you don't have to do anything except for verify that the process worked.

And there you have it. You can find numerous services that wrap this process for you and make it easy, but now you know the guts of what's going on under the hood. It's not exactly something you want to try to explain to your mom, but it's not exactly quantum physics either.

5e383899-ff84-4d2d-8bd3-cda05a623cc0|4|5.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04

Tags:

Windows 8

Push Notifications for Specific UsersSometimes you want to do push notifications to a certain user, but other times you want to push to a...I give you my word...I’m excited about what I just implemented. I’m always excited when I figure something out or learn s...A Metro Netflix Browser in HTML/JS - The Hub PageA previous post illustrated how to call into the Netflix API to create a quick and dirty grid of mov...

Comments (9) -

Brian Lakstins

11/16/2012 5:15:44 AM #

Thanks for the overview of how this works.  I've often wondered how to "push" to an only sometimes connected client.

Do you know if the Notification Service Platform keeps an open connection to the WNS, or does it poll?  Any idea how much bandwidth gets used even when there are no notifications going through?

Do you know if this is the way it works for Windows Phone too?  If so, any idea if the cell phone carrier controls the WNS, or does Microsoft?

In your explorations, did you find that a 3rd party could have their own WNS?

Jeremy Foster

11/18/2012 3:35:46 PM #

The inner workings of the Notification Service Platform are not available to you are me as far as I know, so we don't know. I imagine it has to be polling. Windows is going to make sure all minimum performance limits are met, so I for one don't worry about that.
It does work pretty much like this for Windows Phone. The cell phone carriers don't control the WNS, Microsoft does.
I don't know for sure about the possibility of a 3rd party notification service, but I would guess that it's not possible. Why might you want to do that 3rd party?

Brian Lakstins

11/19/2012 10:55:31 AM #

I was thinking that a 3rd party sever might be desirable in an enterprise environment, where the Microsoft WNS would be considered a 3rd party server that is outside the corporate firewall.

It would be nice to be able to use "push" notifications in a corporate application limited to internal use only.

Jeremy Foster

11/20/2012 1:38:47 PM #

Yeah, good point. Then Windows would have to be pointed to your local notification server so that when apps asked for a channel it would come from there.

Andre Calil

11/20/2012 5:17:52 AM #

Hey Jeremy, thanks for the overview. However, there is one thing that's still not clear to me: is this the process to send notifications to a single user of your app or to all the users that have your app?
I imagine that, as a developer, sometimes I need to send an individual message, while sometimes I just want to broadcast something to all my-app-users.

If that's the process to all the users, I believe we have a synchronization problem, because not all of them may be online at that time, right?
Does WAMS have a queue message service (or something like it)?

Regards

Jeremy Foster

11/20/2012 9:12:12 AM #

Great question. I should have talked about that. The process I outlined is a notification to a single user. The channel that your app requests from Windows essentially identifies the _app_ and the _user_. When you send that channel to your service and then your service uses it to send a push, WNS knows both the app and the unique user. If you want to send a notification to _all_ of the users of your app, then you need to store the channels as they are created (as users launch your app and each requests a unique channel from Windows). Likely, you would want to store those in the cloud. Using a table in Azure Mobile Services is certainly a great way to do it. Then you can enumerate that table to do a push to everyone.

Andre Calil

11/20/2012 9:46:36 AM #

Well, but it's still not an easy way to broadcast a message, right?

Let's suppose that I've deployed an app that lets users select to be notified for some events. Let's say that 200k users (popular app, uh?) configured the app to receive notifications about incoming storms.
When my cloud app (that is, my backend) receives a message about a new storm, it would query the database to know who to be notified and would retrieve this 200k list.

As far as I could understand, the cloud app would have to manage the delivery for all these messages, right? Can't WAMS handle this? My backend could simply say "deliver [this] to [them]".

Thanks for the quick answer, BTW.

PS: last week I've passed the 70-480 exam thanks to that Jump Start session that you and Palermo recorded some weeks ago. Thank you very much =)

Jeremy Foster

11/20/2012 1:36:32 PM #

WAMS can "handle it" in a number of ways. You have all of the channels in the channel table and you can add an ID for the user in there too. You may have all of the users that have elected to receive weather notices in the user configuration table. Then you have a weatherEvent table that you write weather events to with a severity value in one column. WAMS can be configured so that whenever a weather event is written to the table with a severity of greater than 7 (I'm making this up then it sends a notification to all channels for users that have configured to receive them. That is just script that you write in WAMS so the server does all the work for you. Your app does nothing. Does that help?

Jigar

4/4/2013 10:56:01 AM #

I Got 200 OK response from WNS server to my local server, but don't get response from WNS to my App. tried a lot on that.

I worked as per this articles of msdn for notification.
msdn.microsoft.com/.../jj709907.aspx

Pingbacks and trackbacks (1)+

Add comment

Name* Required Please choose another name

E-mail*

Country

What's the opposite of up?

b i u quote

Comment
Preview

Notify me when new comments are added

Anatomy of a Push Notification

First message

Second message

Related posts

Comments (9) -

Pingbacks and trackbacks (1)+

Add comment