Question 58347 in Telegram API Question posted in
A comprehensive official documentation can be found here.

Telegram API – account.registerDevice webpush token problem: WEBPUSH_TOKEN_INVALID

I’m working with the Telegram API in my application and I need to handle updates.

The last line of the Working with Updates documentation says that Telegram can send push notifications for updates.

To subscribe to the push notifications, I need call the account.registerDevice method and pass in the token in the below format:

{
    endpoint: Absolute URL exposed by the push service where the application server can send push messages,
    keys: {
        p256dh: Base64url-encoded P-256 elliptic curve Diffie-Hellman public key
        auth: Base64url-encoded authentication secret
    }
}

I have a few question about this data:

  • Is endpoint the URL in my application that receives updates?
  • What is p256dh and auth?
Tags:

2

Answers


  1. 0

    Is endpoint the URL in my application that receives updates?

    Yes

    What is p256dh?

    You have to create your own public key for your endpoint, as the communication is cryptographically secured.

    # generate a private key for a curve
openssl ecparam -name prime256v1 -genkey -noout -out private-key.pem

# generate corresponding public key
openssl ec -in private-key.pem -pubout -out public-key.pem
    Login or Signup to reply.
  2. 0

    The keys generated by the commands Semnodime provided don’t seem to work. I believe they are too long. You can try using the public key from the online key generator I linked below to see if that was the problem. This could result in a WEBPUSH_KEY_INVALID error.

    Additionally, make sure to convert the token object to a string with JSON.stringify if you use node.js:

    const token = JSON.stringify({ 
  endpoint: "YOUR_ENDPOINT_URL",
  keys: {
    p256dh,
    auth
  }
})

    This has worked for me:

    const crypto = require("crypto");

const keyCurve = crypto.createECDH('prime256v1');
keyCurve.generateKeys();

const publicKey = keyCurve.getPublicKey();
const privateKey = keyCurve.getPrivateKey();

const p256dh = publicKey.toString("base64url"); // make sure it's base64url not just base64
const auth = crypto.randomBytes(16).toString("base64url");

// pass to account.registerDevice. I use gram.js
// add a comment below if you have questions.
const registrationInfo = {
  tokenType: 10,
  token: JSON.stringify({ // I was forgetting this and got a WEBPUSH_TOKEN_INVALID error.
    endpoint: "YOUR_ENDPOINT_URL",
    keys: {
      p256dh,
      auth
    }
  }),
  appSandbox: true, // or false
  secret: Buffer.from(""),
  otherUids: [],
  noMuted: false,
}

    Note that auth is just a random sequence of 16 octets encoded in base64url which can be generated with the following:

    const auth = crypto.randomBytes(16).toString("base64url");

    There is a online key generator. If the link is broken, here is an archived page.

    For more info on the key system, check this.

    More info on auth.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search