Comment by nicoburns - Hacker Neue

nicoburns 2 days ago parent

Thanks! It looks like that repo is GPL though, which I respect but isn't going to work for my usage (where I'm trying to build a generic UI toolkit that can be used by all sorts of applications including closed source ones).

grishka 2 days ago

It's just two broadcast receivers (one for receiving the push token, another for receiving actual notifications), and one broadcast sender to ask GSF to give you a token. This code is so trivial it's not even worth separating into a library.

Here's how you request a push token:

    Intent intent = new Intent("com.google.iid.TOKEN_REQUEST");
    intent.setPackage("com.google.android.gms");
    intent.putExtra("app", PendingIntent.getBroadcast(context, 0, new Intent(), PendingIntent.FLAG_IMMUTABLE));
    intent.putExtra("sender", FCM_SENDER_ID);
    intent.putExtra("subtype", FCM_SENDER_ID);
    intent.putExtra("scope", "*");
    intent.putExtra("kid", "|ID|1|");
    context.sendBroadcast(intent);

Here are the two receivers:

    <receiver android:name=".PushNotificationReceiver" android:exported="true" android:permission="com.google.android.c2dm.permission.SEND">
        <intent-filter>
            <action android:name="com.google.android.c2dm.intent.RECEIVE" />
        </intent-filter>
    </receiver>
    <receiver android:name=".api.PushSubscriptionManager$RegistrationReceiver" android:exported="true" android:permission="com.google.android.c2dm.permission.SEND">
        <intent-filter>
            <action android:name="com.google.android.c2dm.intent.REGISTRATION"/>
        </intent-filter>
    </receiver>

The first one is where you get notifications. The parameters you sent from the server will simply be your intent extras.

The second one is where you get push tokens. There will be a "registration_id" extra string which is your token. It may start with "|ID|1|" (the "kid" parameter from the request, not quite sure what it does), in which case you need to remove that part.

You want to refresh your push token every time your app gets updated and also just periodically if you haven't done it in a while. I do it every 30 days.

homebrewer 1 day ago

Coming from the npm world, I see enough code for at least two libraries.

But seriously, write this as a blog post, more people need to know about this, and I'd like to have something "authoritative" to send references to.

threecheese 1 day ago

Did you just invent a way to circumvent the GPL? Brilliant! j/k ofc

prophesi 1 day ago

Their comment would technically be proprietary code since there's no license alongside it, but grishka wrote the original implementation of the reverse engineered code in that mastodon commit in the first place. So I'd imagine it's free game to use it as a reference (IANAL)

dotancohen 1 day ago

Grishka expresses that the code is trivial. Trivial inventions are not covered by patents. I believe, therefore, that a license for trivial code is not necessary.

But if someone knows better I would appreciate any correction. Legal matters are seldom clear or logical. Your jurisdiction may vary, etc etc.

grishka 1 day ago

In case there are any doubts, consider this code and its description public domain.

But then I'm not sure how much code is enough to be considered copyrightable. Is "2*2" copyrightable? Clearly not, because it's too trivial. Where is the line?

dotancohen 1 day ago

A long standing question, I think Joel mentioned such a question once on the Stackoverflow blog.

Thanks, Grishka.

hxtk 1 day ago

Patent != copyright. You can patent an algorithm (e.g., Adaptive Replacement Caching, which was scheduled to go into public domain this year but unfortunately got renewed successfully) but when it gets to the level of an actual specific implementation, it's a matter of copyright law.

It's why black-box clones where you look at an application and just try to make one with the same externally-observable behavior without looking at the code is legal (as long as you don't recycle copyrighted assets like images or icons) but can be infringing if you reuse any of the actual source code.

This was an issue that got settled early on and got covered in my SWE ethics class in college, but then more recently was re-tried in Oracle v Google in the case of Google cloning the Java standard library for the Android SDK.

I have no idea how copyright applies here. StackOverflow has a rule in their terms of use that all the user-generated content there is redistributable under some kind of creative commons license that makes it easy to reuse. Perhaps HN has a similar rule? Not that I'm aware of, though.

oezi 1 day ago

This is a copyright question not patent one.

cyberax 2 days ago

If you need something permissively licensed, I believe microG also has implementation of the notification protocol: https://github.com/microg/GmsCore/blob/cb9be8f682d7649dae23b...

It's Apache 2.

This item has no comments currently.