Ubuntu Push Notifications

Merge lp:~chipaca/ubuntu-push/appname-from-dbus-path into lp:ubuntu-push

appname-from-dbus-path
Merge into trunk

Proposed by John Lenton on 2014-06-06

Status:	Superseded
Proposed branch:	lp:~chipaca/ubuntu-push/appname-from-dbus-path
Merge into:	lp:ubuntu-push
Diff against target:	1038 lines (+498/-98) 19 files modified bus/endpoint.go (+4/-4) bus/testing/testing_endpoint_test.go (+1/-1) client/service/service.go (+19/-25) client/service/service_test.go (+16/-39) debian/changelog (+14/-0) debian/rules (+0/-1) nih/nih.go (+1/-1) scripts/register (+43/-0) scripts/unicast (+2/-0) server/acceptance/acceptanceclient.go (+1/-1) server/acceptance/cmd/acceptanceclient.go (+3/-1) server/acceptance/suites/suite.go (+2/-2) server/acceptance/suites/unicast.go (+11/-3) server/api/handlers.go (+104/-8) server/api/handlers_test.go (+193/-2) server/store/inmemory.go (+26/-0) server/store/inmemory_test.go (+44/-0) server/store/store.go (+8/-0) signing-helper/signing-helper.cpp (+6/-10)
To merge this branch:	bzr merge lp:~chipaca/ubuntu-push/appname-from-dbus-path
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Ubuntu Push Hackers		2014-06-06	Pending
Review via email: mp+222319@code.launchpad.net

This proposal has been superseded by a proposal from 2014-06-06.

Commit message

switch dbus api to retrieve appname from dbus path

Description of the change

switch dbus api to retrieve appname from dbus path

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

John Lenton

Stuart Bishop

Ubuntu Push Hackers

 === modified file 'bus/endpoint.go'
 --- bus/endpoint.go	2014-05-15 11:28:06 +0000
 +++ bus/endpoint.go	2014-06-06 12:14:20 +0000
@@ -29,7 +29,7 @@
   *    Endpoint (and its implementation)
   */
--type BusMethod func([]interface{}, []interface{}) ([]interface{}, error)
++type BusMethod func(string, []interface{}, []interface{}) ([]interface{}, error)
  type DispatchMap map[string]BusMethod
  // bus.Endpoint represents the DBus connection itself.
@@ -249,12 +249,12 @@
  				endp.log.Errorf("WatchMethod: unknown method %s", msg.Member)
  			} else {
  				args := msg.AllArgs()
--				rvals, err := meth(args, extra)
++				rvals, err := meth(string(msg.Path), args, extra)
  				if err != nil {
  					reply = dbus.NewErrorMessage(msg, err_iface, err.Error())
--					endp.log.Errorf("WatchMethod: %s(%#v, %#v) failure: %#v", msg.Member, args, extra, err)
++					endp.log.Errorf("WatchMethod: %s(%v, %#v, %#v) failure: %#v", msg.Member, msg.Path, args, extra, err)
  				} else {
--					endp.log.Debugf("WatchMethod: %s(%#v, %#v) success: %#v", msg.Member, args, extra, rvals)
++					endp.log.Debugf("WatchMethod: %s(%v, %#v, %#v) success: %#v", msg.Member, msg.Path, args, extra, rvals)
  					reply = dbus.NewMethodReturnMessage(msg)
  					err = reply.AppendArgs(rvals...)
  					if err != nil {
 === modified file 'bus/testing/testing_endpoint_test.go'
 --- bus/testing/testing_endpoint_test.go	2014-06-02 10:04:34 +0000
 +++ bus/testing/testing_endpoint_test.go	2014-06-06 12:14:20 +0000
@@ -229,7 +229,7 @@
  // Test that WatchMethod updates callArgs
  func (s *TestingEndpointSuite) TestWatchMethodUpdatesCallArgs(c *C) {
  	endp := NewTestingEndpoint(nil, condition.Work(true))
--	foo := func([]interface{}, []interface{}) ([]interface{}, error) { return nil, nil }
++	foo := func(string, []interface{}, []interface{}) ([]interface{}, error) { return nil, nil }
  	foomp := bus.DispatchMap{"foo": foo}
  	endp.WatchMethod(foomp)
  	c.Check(GetCallArgs(endp), DeepEquals, []callArgs{
 === modified file 'client/service/service.go'
 --- client/service/service.go	2014-05-21 10:03:18 +0000
 +++ client/service/service.go	2014-06-06 12:14:20 +0000
@@ -21,10 +21,12 @@
  import (
  	"errors"
  	"os"
++	"strings"
  	"sync"
  	"launchpad.net/ubuntu-push/bus"
  	"launchpad.net/ubuntu-push/logger"
++	"launchpad.net/ubuntu-push/nih"
+ )
  // Service is the dbus api
@@ -51,7 +53,7 @@
  	AlreadyStarted = errors.New("already started")
  	BusAddress     = bus.Address{
  		Interface: "com.ubuntu.PushNotifications",
--		Path:      "/com/ubuntu/PushNotifications",
++		Path:      "/com/ubuntu/PushNotifications/*",
  		Name:      "com.ubuntu.PushNotifications",
+ 	}
+ )
@@ -133,31 +135,26 @@
  	BadArgType  = errors.New("Bad argument type")
+ )
--func (svc *Service) register(args []interface{}, _ []interface{}) ([]interface{}, error) {
--	if len(args) != 1 {
++func (svc *Service) register(path string, args, _ []interface{}) ([]interface{}, error) {
++	if len(args) != 0 {
  		return nil, BadArgCount
+ 	}
--	appname, ok := args[0].(string)
--	if !ok {
--		return nil, BadArgType
--	}
++	raw_appname := path[strings.LastIndex(path, "/")+1:]
++	appname := string(nih.Unquote([]byte(raw_appname)))
--	rv := os.Getenv("PUSH_REG_" + appname)
++	rv := os.Getenv("PUSH_REG_" + raw_appname)
  	if rv == "" {
--		rv = "this-is-an-opaque-block-of-random-bits-i-promise"
++		rv = appname + "::this-is-an-opaque-block-of-random-bits-i-promise"
+ 	}
  	return []interface{}{rv}, nil
+ }
--func (svc *Service) notifications(args []interface{}, _ []interface{}) ([]interface{}, error) {
--	if len(args) != 1 {
++func (svc *Service) notifications(path string, args, _ []interface{}) ([]interface{}, error) {
++	if len(args) != 0 {
  		return nil, BadArgCount
+ 	}
--	appname, ok := args[0].(string)
--	if !ok {
--		return nil, BadArgType
--	}
++	appname := string(nih.Unquote([]byte(path[strings.LastIndex(path, "/")+1:])))
  	svc.lock.Lock()
  	defer svc.lock.Unlock()
@@ -171,18 +168,15 @@
  	return []interface{}{msgs}, nil
+ }
--func (svc *Service) inject(args []interface{}, _ []interface{}) ([]interface{}, error) {
--	if len(args) != 2 {
++func (svc *Service) inject(path string, args, _ []interface{}) ([]interface{}, error) {
++	if len(args) != 1 {
  		return nil, BadArgCount
+ 	}
--	appname, ok := args[0].(string)
--	if !ok {
--		return nil, BadArgType
--	}
--	notif, ok := args[1].(string)
--	if !ok {
--		return nil, BadArgType
--	}
++	notif, ok := args[0].(string)
++	if !ok {
++		return nil, BadArgType
++	}
++	appname := string(nih.Unquote([]byte(path[strings.LastIndex(path, "/")+1:])))
  	return nil, svc.Inject(appname, notif)
+ }
 === modified file 'client/service/service_test.go'
 --- client/service/service_test.go	2014-05-21 10:05:24 +0000
 +++ client/service/service_test.go	2014-06-06 12:14:20 +0000
@@ -97,23 +97,13 @@
  // registration tests
  func (ss *serviceSuite) TestRegistrationFailsIfBadArgs(c *C) {
--	for i, s := range []struct {
--		args []interface{}
--		errt error
--	}{
--		{nil, BadArgCount},                 // no args
--		{[]interface{}{}, BadArgCount},     // still no args
--		{[]interface{}{42}, BadArgType},    // bad arg type
--		{[]interface{}{1, 2}, BadArgCount}, // too many args
--	} {
--		reg, err := new(Service).register(s.args, nil)
--		c.Check(reg, IsNil, Commentf("iteration #%d", i))
--		c.Check(err, Equals, s.errt, Commentf("iteration #%d", i))
--	}
++	reg, err := new(Service).register("", []interface{}{1}, nil)
++	c.Check(reg, IsNil)
++	c.Check(err, Equals, BadArgCount)
+ }
  func (ss *serviceSuite) TestRegistrationWorks(c *C) {
--	reg, err := new(Service).register([]interface{}{"this"}, nil)
++	reg, err := new(Service).register("/this", nil, nil)
  	c.Assert(reg, HasLen, 1)
  	regs, ok := reg[0].(string)
  	c.Check(ok, Equals, true)
@@ -125,7 +115,7 @@
  	os.Setenv("PUSH_REG_stuff", "42")
  	defer os.Setenv("PUSH_REG_stuff", "")
--	reg, err := new(Service).register([]interface{}{"stuff"}, nil)
++	reg, err := new(Service).register("/stuff", nil, nil)
  	c.Assert(reg, HasLen, 1)
  	regs, ok := reg[0].(string)
  	c.Check(ok, Equals, true)
@@ -138,10 +128,10 @@
  func (ss *serviceSuite) TestInjectWorks(c *C) {
  	svc := NewService(ss.bus, ss.log)
--	rvs, err := svc.inject([]interface{}{"hello", "world"}, nil)
++	rvs, err := svc.inject("/hello", []interface{}{"world"}, nil)
  	c.Assert(err, IsNil)
  	c.Check(rvs, IsNil)
--	rvs, err = svc.inject([]interface{}{"hello", "there"}, nil)
++	rvs, err = svc.inject("/hello", []interface{}{"there"}, nil)
  	c.Assert(err, IsNil)
  	c.Check(rvs, IsNil)
  	c.Assert(svc.mbox, HasLen, 1)
@@ -162,7 +152,7 @@
  		condition.Work(false))
  	svc := NewService(bus, ss.log)
  	svc.SetMessageHandler(func([]byte) error { return errors.New("fail") })
--	_, err := svc.inject([]interface{}{"hello", "xyzzy"}, nil)
++	_, err := svc.inject("/hello", []interface{}{"xyzzy"}, nil)
  	c.Check(err, NotNil)
+ }
@@ -173,13 +163,10 @@
  	}{
  		{nil, BadArgCount},
  		{[]interface{}{}, BadArgCount},
--		{[]interface{}{1}, BadArgCount},
--		{[]interface{}{1, 2}, BadArgType},
--		{[]interface{}{"1", 2}, BadArgType},
--		{[]interface{}{1, "2"}, BadArgType},
--		{[]interface{}{1, 2, 3}, BadArgCount},
++		{[]interface{}{1}, BadArgType},
++		{[]interface{}{1, 2}, BadArgCount},
  	} {
--		reg, err := new(Service).inject(s.args, nil)
++		reg, err := new(Service).inject("", s.args, nil)
  		c.Check(reg, IsNil, Commentf("iteration #%d", i))
  		c.Check(err, Equals, s.errt, Commentf("iteration #%d", i))
+ 	}
@@ -189,7 +176,7 @@
  // Notifications tests
  func (ss *serviceSuite) TestNotificationsWorks(c *C) {
  	svc := NewService(ss.bus, ss.log)
--	nots, err := svc.notifications([]interface{}{"hello"}, nil)
++	nots, err := svc.notifications("/hello", nil, nil)
  	c.Assert(err, IsNil)
  	c.Assert(nots, NotNil)
  	c.Assert(nots, HasLen, 1)
@@ -198,7 +185,7 @@
  		svc.mbox = make(map[string][]string)
+ 	}
  	svc.mbox["hello"] = append(svc.mbox["hello"], "this", "thing")
--	nots, err = svc.notifications([]interface{}{"hello"}, nil)
++	nots, err = svc.notifications("/hello", nil, nil)
  	c.Assert(err, IsNil)
  	c.Assert(nots, NotNil)
  	c.Assert(nots, HasLen, 1)
@@ -206,19 +193,9 @@
+ }
  func (ss *serviceSuite) TestNotificationsFailsIfBadArgs(c *C) {
--	for i, s := range []struct {
--		args []interface{}
--		errt error
--	}{
--		{nil, BadArgCount},                 // no args
--		{[]interface{}{}, BadArgCount},     // still no args
--		{[]interface{}{42}, BadArgType},    // bad arg type
--		{[]interface{}{1, 2}, BadArgCount}, // too many args
--	} {
--		reg, err := new(Service).notifications(s.args, nil)
--		c.Check(reg, IsNil, Commentf("iteration #%d", i))
--		c.Check(err, Equals, s.errt, Commentf("iteration #%d", i))
--	}
++	reg, err := new(Service).notifications("/foo", []interface{}{1}, nil)
++	c.Check(reg, IsNil)
++	c.Check(err, Equals, BadArgCount)
+ }
  func (ss *serviceSuite) TestMessageHandler(c *C) {
 === modified file 'debian/changelog'
 --- debian/changelog	2014-06-05 09:42:22 +0000
 +++ debian/changelog	2014-06-06 12:14:20 +0000
@@ -1,3 +1,17 @@
++ubuntu-push (0.31ubuntu1) UNRELEASED; urgency=medium
++
++  [ Samuele Pedroni ]
++  * Support registering tokens and sending notifications with a token
++  * Register script and scripts unicast support
++
++  [ Roberto Alsina ]
++  * Make signing-helper generate a HTTP header instead of a querystring.
++
++  [ John R. Lenton ]
++  * Switch dbus api to retrieve app name from dbus path.
++
++ -- John R. Lenton <john.lenton@canonical.com>  Fri, 06 Jun 2014 12:02:56 +0100
++
  ubuntu-push (0.3+14.10.20140605-0ubuntu1) utopic; urgency=medium
    [ John Lenton ]
 === modified file 'debian/rules'
 --- debian/rules	2014-05-02 12:42:27 +0000
 +++ debian/rules	2014-06-06 12:14:20 +0000
@@ -5,7 +5,6 @@
  export UBUNTU_PUSH_TEST_RESOURCES_ROOT := $(CURDIR)
  override_dh_auto_build:
--	cd $$( find ./ -type d -regex '\./[^/]*/src/launchpad.net' -printf "%h\n" | head -n1)
  	dh_auto_build --buildsystem=golang
  	(cd signing-helper && cmake . && make)
 === modified file 'nih/nih.go'
 --- nih/nih.go	2014-05-23 12:56:27 +0000
 +++ nih/nih.go	2014-06-06 12:14:20 +0000
@@ -45,7 +45,7 @@
  	return out
+ }
--// Quote() takes a byte slice and undoes the damage done to it by the quoting.
++// Unquote() takes a byte slice and undoes the damage done to it by Quote().
  func Unquote(s []byte) []byte {
  	out := make([]byte, 0, len(s))
 === added file 'scripts/register'
 --- scripts/register	1970-01-01 00:00:00 +0000
 +++ scripts/register	2014-06-06 12:14:20 +0000
@@ -0,0 +1,43 @@
++#!/usr/bin/python3
++"""
++request a unicast registration
++"""
++import argparse
++import json
++import requests
++import subprocess
++import datetime
++import sys
++
++
++def main():
++    parser = argparse.ArgumentParser(description=__doc__)
++    parser.add_argument('deviceid', nargs=1)
++    parser.add_argument('appid', nargs=1)
++    parser.add_argument('-H', '--host',
++                        help="host:port (default: %(default)s)",
++                        default="localhost:8080")
++    parser.add_argument('--no-https', action='store_true', default=False)
++    parser.add_argument('--insecure', action='store_true', default=False,
++                         help="don't check host/certs with https")
++    parser.add_argument('--auth_helper',  default="")
++    args = parser.parse_args()
++    scheme = 'https'
++    if args.no_https:
++        scheme = 'http'
++    url = "%s://%s/register" % (scheme, args.host)
++    body = {
++        'deviceid': args.deviceid[0],
++        'appid': args.appid[0],
++        }
++    headers = {'Content-Type': 'application/json'}
++    if args.auth_helper:
++        auth = subprocess.check_output([args.auth_helper, url]).strip()
++        headers['Authorization'] = auth
++    r = requests.post(url, data=json.dumps(body), headers=headers,
++                      verify=not args.insecure)
++    print(r.status_code)
++    print(r.text)
++
++if __name__ == '__main__':
++    main()
 === modified file 'scripts/unicast'
 --- scripts/unicast	2014-05-29 14:55:19 +0000
 +++ scripts/unicast	2014-06-06 12:14:20 +0000
@@ -52,6 +52,8 @@
          userid, devid = reg.split(':', 1)
          body['userid'] = userid
          body['deviceid'] = devid
++    else:
++        body['token'] = reg
      xauth = {}
      if args.user and args.password:
          xauth = {'auth': requests.auth.HTTPBasicAuth(args.user, args.password)}
 === modified file 'server/acceptance/acceptanceclient.go'
 --- server/acceptance/acceptanceclient.go	2014-05-23 12:30:32 +0000
 +++ server/acceptance/acceptanceclient.go	2014-06-06 12:14:20 +0000
@@ -155,7 +155,7 @@
  				return err
+ 			}
  			events <- fmt.Sprintf("%sbroadcast chan:%v app:%v topLevel:%d payloads:%s", sess.Prefix, recv.ChanId, recv.AppId, recv.TopLevel, pack)
--		case "connwarn":
++		case "warn", "connwarn":
  			events <- fmt.Sprintf("%sconnwarn %s", sess.Prefix, recv.Reason)
+ 		}
+ 	}
 === modified file 'server/acceptance/cmd/acceptanceclient.go'
 --- server/acceptance/cmd/acceptanceclient.go	2014-05-21 07:58:26 +0000
 +++ server/acceptance/cmd/acceptanceclient.go	2014-06-06 12:14:20 +0000
@@ -90,7 +90,9 @@
+ 		}
+ 	}
  	if len(cfg.AuthHelper) != 0 {
--		auth, err := exec.Command(cfg.AuthHelper[0], cfg.AuthHelper[1:]...).Output()
++		helperArgs := cfg.AuthHelper[1:]
++		helperArgs = append(helperArgs, "https://push.ubuntu.com/")
++		auth, err := exec.Command(cfg.AuthHelper[0], helperArgs...).Output()
  		if err != nil {
  			log.Fatalf("auth helper: %v", err)
+ 		}
 === modified file 'server/acceptance/suites/suite.go'
 --- server/acceptance/suites/suite.go	2014-05-02 09:56:49 +0000
 +++ server/acceptance/suites/suite.go	2014-06-06 12:14:20 +0000
@@ -89,7 +89,7 @@
  	// to kill the server process
  	KillGroup map[string]func(os.Signal)
  	// hook to adjust requests
--	MassageRequest func(req *http.Request) *http.Request
++	MassageRequest func(req *http.Request, message interface{}) *http.Request
  	// other state
  	httpClient *http.Client
+ }
@@ -124,7 +124,7 @@
  	request.Header.Set("Content-Type", "application/json")
  	if s.MassageRequest != nil {
--		request = s.MassageRequest(request)
++		request = s.MassageRequest(request, message)
+ 	}
  	resp, err := s.httpClient.Do(request)
 === modified file 'server/acceptance/suites/unicast.go'
 --- server/acceptance/suites/unicast.go	2014-05-15 16:41:54 +0000
 +++ server/acceptance/suites/unicast.go	2014-06-06 12:14:20 +0000
@@ -40,11 +40,19 @@
+ }
  func (s *UnicastAcceptanceSuite) TestUnicastToConnected(c *C) {
--	userId, auth := s.associatedAuth("DEV1")
++	_, auth := s.associatedAuth("DEV1")
++	res, err := s.PostRequest("/register", &api.Registration{
++		DeviceId: "DEV1",
++		AppId:    "app1",
++	})
++	c.Assert(err, IsNil)
++	c.Assert(res, Matches, ".*ok.*")
++	var reg map[string]interface{}
++	err = json.Unmarshal([]byte(res), &reg)
++	c.Assert(err, IsNil)
  	events, errCh, stop := s.StartClientAuth(c, "DEV1", nil, auth)
  	got, err := s.PostRequest("/notify", &api.Unicast{
--		UserId:   userId,
--		DeviceId: "DEV1",
++		Token:    reg["token"].(string),
  		AppId:    "app1",
  		ExpireOn: future,
  		Data:     json.RawMessage(`{"a": 42}`),
 === modified file 'server/api/handlers.go'
 --- server/api/handlers.go	2014-05-29 16:22:00 +0000
 +++ server/api/handlers.go	2014-06-06 12:14:20 +0000
@@ -51,6 +51,8 @@
  	ioError        = "io-error"
  	invalidRequest = "invalid-request"
  	unknownChannel = "unknown-channel"
++	unknownToken   = "unknown-token"
++	unauthorized   = "unauthorized"
  	unavailable    = "unavailable"
  	internalError  = "internal"
+ )
@@ -121,6 +123,11 @@
  		unknownChannel,
  		"Unknown channel",
+ 	}
++	ErrUnknownToken = &APIError{
++		http.StatusBadRequest,
++		unknownToken,
++		"Unknown token",
++	}
  	ErrUnknown = &APIError{
  		http.StatusInternalServerError,
  		internalError,
@@ -136,16 +143,33 @@
  		unavailable,
  		"Could not store notification",
+ 	}
++	ErrCouldNotMakeToken = &APIError{
++		http.StatusServiceUnavailable,
++		unavailable,
++		"Could not make token",
++	}
++	ErrCouldNotResolveToken = &APIError{
++		http.StatusServiceUnavailable,
++		unavailable,
++		"Could not resolve token",
++	}
++	ErrUnauthorized = &APIError{
++		http.StatusUnauthorized,
++		unauthorized,
++		"Unauthorized",
++	}
+ )
--type castCommon struct {
++type Registration struct {
++	DeviceId string `json:"deviceid"`
++	AppId    string `json:"appid"`
+ }
  type Unicast struct {
++	Token    string `json:"token"`
  	UserId   string `json:"userid"`
  	DeviceId string `json:"deviceid"`
  	AppId    string `json:"appid"`
--	//Registration string          `json:"registration"`
  	//CoalesceTag  string          `json:"coalesce_tag"`
  	ExpireOn string          `json:"expire_on"`
  	Data     json.RawMessage `json:"data"`
@@ -183,15 +207,15 @@
+ }
  func checkRequestAsPost(request *http.Request, maxBodySize int64) *APIError {
++	if request.Method != "POST" {
++		return ErrWrongRequestMethod
++	}
  	if err := checkContentLength(request, maxBodySize); err != nil {
  		return err
+ 	}
  	if request.Header.Get("Content-Type") != JSONMediaType {
  		return ErrWrongContentType
+ 	}
--	if request.Method != "POST" {
--		return ErrWrongRequestMethod
--	}
  	return nil
+ }
@@ -325,7 +349,10 @@
+ }
  func checkUnicast(ucast *Unicast) (time.Time, *APIError) {
--	if ucast.UserId == "" || ucast.DeviceId == "" || ucast.AppId == "" {
++	if ucast.AppId == "" {
++		return zeroTime, ErrMissingIdField
++	}
++	if ucast.Token == "" && (ucast.UserId == "" || ucast.DeviceId == "") {
  		return zeroTime, ErrMissingIdField
+ 	}
  	return checkCastCommon(ucast.Data, ucast.ExpireOn)
@@ -341,9 +368,21 @@
  	if apiErr != nil {
  		return apiErr
+ 	}
--	chanId := store.UnicastInternalChannelId(ucast.UserId, ucast.DeviceId)
++	chanId, err := sto.GetInternalChannelIdFromToken(ucast.Token, ucast.AppId, ucast.UserId, ucast.DeviceId)
++	if err != nil {
++		switch err {
++		case store.ErrUnknownToken:
++			return ErrUnknownToken
++		case store.ErrUnauthorized:
++			return ErrUnauthorized
++		default:
++			h.logger.Errorf("could not resolve token: %v", err)
++			return ErrCouldNotResolveToken
++		}
++	}
++
  	msgId := generateMsgId()
--	err := sto.AppendToUnicastChannel(chanId, ucast.AppId, ucast.Data, msgId, expire)
++	err = sto.AppendToUnicastChannel(chanId, ucast.AppId, ucast.Data, msgId, expire)
  	if err != nil {
  		h.logger.Errorf("could not store notification: %v", err)
  		return ErrCouldNotStoreNotification
@@ -378,6 +417,62 @@
  	fmt.Fprintf(writer, `{"ok":true}`)
+ }
++type RegisterHandler struct {
++	*context
++}
++
++func checkRegister(reg *Registration) *APIError {
++	if reg.DeviceId == "" || reg.AppId == "" {
++		return ErrMissingIdField
++	}
++	return nil
++}
++
++func (h *RegisterHandler) doRegister(sto store.PendingStore, reg *Registration) (string, *APIError) {
++	apiErr := checkRegister(reg)
++	if apiErr != nil {
++		return "", apiErr
++	}
++	token, err := sto.Register(reg.DeviceId, reg.AppId)
++	if err != nil {
++		h.logger.Errorf("could not make a token: %v", err)
++		return "", ErrCouldNotMakeToken
++	}
++	return token, nil
++}
++
++func (h *RegisterHandler) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
++	var apiErr *APIError
++	defer func() {
++		if apiErr != nil {
++			RespondError(writer, apiErr)
++		}
++	}()
++
++	reg := &Registration{}
++
++	sto, apiErr := h.prepare(writer, request, reg)
++	if apiErr != nil {
++		return
++	}
++	defer sto.Close()
++
++	token, apiErr := h.doRegister(sto, reg)
++	if apiErr != nil {
++		return
++	}
++
++	writer.Header().Set("Content-Type", "application/json")
++	res, err := json.Marshal(map[string]interface{}{
++		"ok":    true,
++		"token": token,
++	})
++	if err != nil {
++		panic(fmt.Errorf("couldn't marshal our own response: %v", err))
++	}
++	writer.Write(res)
++}
++
  // MakeHandlersMux makes a handler that dispatches for the various API endpoints.
  func MakeHandlersMux(storeForRequest StoreForRequest, broker broker.BrokerSending, logger logger.Logger) *http.ServeMux {
  	ctx := &context{
@@ -388,5 +483,6 @@
  	mux := http.NewServeMux()
  	mux.Handle("/broadcast", &BroadcastHandler{context: ctx})
  	mux.Handle("/notify", &UnicastHandler{context: ctx})
++	mux.Handle("/register", &RegisterHandler{context: ctx})
  	return mux
+ }
 === modified file 'server/api/handlers_test.go'
 --- server/api/handlers_test.go	2014-05-01 18:58:16 +0000
 +++ server/api/handlers_test.go	2014-06-06 12:14:20 +0000
@@ -192,6 +192,16 @@
  	intercept func(meth string, err error) error
+ }
++func (isto *interceptInMemoryPendingStore) Register(appId, deviceId string) (string, error) {
++	token, err := isto.InMemoryPendingStore.Register(appId, deviceId)
++	return token, isto.intercept("Register", err)
++}
++
++func (isto *interceptInMemoryPendingStore) GetInternalChannelIdFromToken(token, appId, userId, deviceId string) (store.InternalChannelId, error) {
++	chanId, err := isto.InMemoryPendingStore.GetInternalChannelIdFromToken(token, appId, userId, deviceId)
++	return chanId, isto.intercept("GetInternalChannelIdFromToken", err)
++}
++
  func (isto *interceptInMemoryPendingStore) GetInternalChannelId(channel string) (store.InternalChannelId, error) {
  	chanId, err := isto.InMemoryPendingStore.GetInternalChannelId(channel)
  	return chanId, isto.intercept("GetInternalChannelId", err)
@@ -262,6 +272,14 @@
  	u = unicast()
  	u.UserId = ""
++	u.DeviceId = ""
++	u.Token = "TOKEN"
++	expire, apiErr = checkUnicast(u)
++	c.Assert(apiErr, IsNil)
++	c.Check(expire.Format(time.RFC3339), Equals, future)
++
++	u = unicast()
++	u.UserId = ""
  	expire, apiErr = checkUnicast(u)
  	c.Check(apiErr, Equals, ErrMissingIdField)
@@ -353,6 +371,40 @@
  	c.Check(s.testlog.Captured(), Equals, "ERROR could not store notification: fail\n")
+ }
++func (s *handlersSuite) TestDoUnicastFromTokenFailures(c *C) {
++	fail := errors.New("fail")
++	sto := &interceptInMemoryPendingStore{
++		store.NewInMemoryPendingStore(),
++		func(meth string, err error) error {
++			if meth == "GetInternalChannelIdFromToken" {
++				return fail
++			}
++			return err
++		},
++	}
++	ctx := &context{logger: s.testlog}
++	bh := &UnicastHandler{ctx}
++	u := &Unicast{
++		Token:    "tok",
++		AppId:    "app1",
++		ExpireOn: future,
++		Data:     json.RawMessage(`{"a": 1}`),
++	}
++	apiErr := bh.doUnicast(sto, u)
++	c.Check(apiErr, Equals, ErrCouldNotResolveToken)
++	c.Check(s.testlog.Captured(), Equals, "ERROR could not resolve token: fail\n")
++	s.testlog.ResetCapture()
++
++	fail = store.ErrUnknownToken
++	apiErr = bh.doUnicast(sto, u)
++	c.Check(apiErr, Equals, ErrUnknownToken)
++	c.Check(s.testlog.Captured(), Equals, "")
++	fail = store.ErrUnauthorized
++	apiErr = bh.doUnicast(sto, u)
++	c.Check(apiErr, Equals, ErrUnauthorized)
++	c.Check(s.testlog.Captured(), Equals, "")
++}
++
  func newPostRequest(path string, message interface{}, server *httptest.Server) *http.Request {
  	packedMessage, err := json.Marshal(message)
  	if err != nil {
@@ -427,7 +479,7 @@
  	dest := make(map[string]bool)
  	err = json.Unmarshal(body, &dest)
  	c.Assert(err, IsNil)
--	c.Check(dest, DeepEquals, map[string]bool{"ok": true})
++	c.Assert(dest, DeepEquals, map[string]bool{"ok": true})
  	top, _, err := sto.GetChannelSnapshot(store.SystemInternalChannelId)
  	c.Assert(err, IsNil)
@@ -639,7 +691,7 @@
  	c.Check(response.Header.Get("Content-Type"), Equals, "application/json")
  	body, err := getResponseBody(response)
  	c.Assert(err, IsNil)
--	c.Check(string(body), Matches, ".*ok.*")
++	c.Assert(string(body), Matches, ".*ok.*")
  	chanId := store.UnicastInternalChannelId("user2", "dev3")
  	c.Check(<-bsend.chanId, Equals, chanId)
@@ -682,3 +734,142 @@
  	c.Assert(err, IsNil)
  	checkError(c, response, ErrMissingIdField)
+ }
++
++func (s *handlersSuite) TestCheckRegister(c *C) {
++	registration := func() *Registration {
++		return &Registration{
++			DeviceId: "DEV1",
++			AppId:    "app1",
++		}
++	}
++	reg := registration()
++	apiErr := checkRegister(reg)
++	c.Assert(apiErr, IsNil)
++
++	reg = registration()
++	reg.AppId = ""
++	apiErr = checkRegister(reg)
++	c.Check(apiErr, Equals, ErrMissingIdField)
++
++	reg = registration()
++	reg.DeviceId = ""
++	apiErr = checkRegister(reg)
++	c.Check(apiErr, Equals, ErrMissingIdField)
++}
++
++func (s *handlersSuite) TestDoRegisterMissingIdField(c *C) {
++	sto := store.NewInMemoryPendingStore()
++	rh := &RegisterHandler{}
++	token, apiErr := rh.doRegister(sto, &Registration{})
++	c.Check(apiErr, Equals, ErrMissingIdField)
++	c.Check(token, Equals, "")
++}
++
++func (s *handlersSuite) TestDoRegisterCouldNotMakeToken(c *C) {
++	sto := &interceptInMemoryPendingStore{
++		store.NewInMemoryPendingStore(),
++		func(meth string, err error) error {
++			if meth == "Register" {
++				return errors.New("fail")
++			}
++			return err
++		},
++	}
++	ctx := &context{logger: s.testlog}
++	rh := &RegisterHandler{ctx}
++	_, apiErr := rh.doRegister(sto, &Registration{
++		DeviceId: "DEV1",
++		AppId:    "app1",
++	})
++	c.Check(apiErr, Equals, ErrCouldNotMakeToken)
++	c.Check(s.testlog.Captured(), Equals, "ERROR could not make a token: fail\n")
++}
++
++func (s *handlersSuite) TestRespondsToRegisterAndUnicast(c *C) {
++	sto := store.NewInMemoryPendingStore()
++	stoForReq := func(http.ResponseWriter, *http.Request) (store.PendingStore, error) {
++		return sto, nil
++	}
++	bsend := testBrokerSending{make(chan store.InternalChannelId, 1)}
++	testServer := httptest.NewServer(MakeHandlersMux(stoForReq, bsend, nil))
++	defer testServer.Close()
++
++	request := newPostRequest("/register", &Registration{
++		DeviceId: "dev3",
++		AppId:    "app2",
++	}, testServer)
++
++	response, err := s.client.Do(request)
++	c.Assert(err, IsNil)
++
++	c.Check(response.StatusCode, Equals, http.StatusOK)
++	c.Check(response.Header.Get("Content-Type"), Equals, "application/json")
++	body, err := getResponseBody(response)
++	c.Assert(err, IsNil)
++	c.Assert(string(body), Matches, ".*ok.*")
++	var reg map[string]interface{}
++	err = json.Unmarshal(body, &reg)
++	c.Assert(err, IsNil)
++
++	token, ok := reg["token"].(string)
++	c.Assert(ok, Equals, true)
++	c.Check(token, Not(Equals), nil)
++
++	payload := json.RawMessage(`{"foo":"bar"}`)
++
++	request = newPostRequest("/notify", &Unicast{
++		Token:    token,
++		AppId:    "app2",
++		ExpireOn: future,
++		Data:     payload,
++	}, testServer)
++
++	response, err = s.client.Do(request)
++	c.Assert(err, IsNil)
++
++	c.Check(response.StatusCode, Equals, http.StatusOK)
++	c.Check(response.Header.Get("Content-Type"), Equals, "application/json")
++	body, err = getResponseBody(response)
++	c.Assert(err, IsNil)
++	c.Assert(string(body), Matches, ".*ok.*")
++
++	chanId := store.UnicastInternalChannelId("dev3", "dev3")
++	c.Check(<-bsend.chanId, Equals, chanId)
++	top, notifications, err := sto.GetChannelSnapshot(chanId)
++	c.Assert(err, IsNil)
++	c.Check(top, Equals, int64(0))
++	c.Check(notifications, HasLen, 1)
++}
++
++func (s *handlersSuite) TestCannotRegisterWithMissingFields(c *C) {
++	stoForReq := func(http.ResponseWriter, *http.Request) (store.PendingStore, error) {
++		return store.NewInMemoryPendingStore(), nil
++	}
++	ctx := &context{stoForReq, nil, nil}
++	testServer := httptest.NewServer(&RegisterHandler{ctx})
++	defer testServer.Close()
++
++	request := newPostRequest("/", &Registration{
++		DeviceId: "DEV1",
++	}, testServer)
++
++	response, err := s.client.Do(request)
++	c.Assert(err, IsNil)
++	checkError(c, response, ErrMissingIdField)
++}
++
++func (s *handlersSuite) TestCannotRegisterWithNonPOST(c *C) {
++	stoForReq := func(http.ResponseWriter, *http.Request) (store.PendingStore, error) {
++		return store.NewInMemoryPendingStore(), nil
++	}
++	ctx := &context{stoForReq, nil, nil}
++	testServer := httptest.NewServer(&RegisterHandler{ctx})
++	defer testServer.Close()
++
++	request, err := http.NewRequest("GET", testServer.URL, nil)
++	c.Assert(err, IsNil)
++
++	response, err := s.client.Do(request)
++	c.Assert(err, IsNil)
++	checkError(c, response, ErrWrongRequestMethod)
++}
 === modified file 'server/store/inmemory.go'
 --- server/store/inmemory.go	2014-05-02 15:10:18 +0000
 +++ server/store/inmemory.go	2014-06-06 12:14:20 +0000
@@ -17,7 +17,10 @@
  package store
  import (
++	"encoding/base64"
  	"encoding/json"
++	"fmt"
++	"strings"
  	"sync"
  	"time"
@@ -44,6 +47,29 @@
+ 	}
+ }
++func (sto *InMemoryPendingStore) Register(deviceId, appId string) (string, error) {
++	return base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s::%s", appId, deviceId))), nil
++}
++
++func (sto *InMemoryPendingStore) GetInternalChannelIdFromToken(token, appId, userId, deviceId string) (InternalChannelId, error) {
++	if token != "" && appId != "" {
++		decoded, err := base64.StdEncoding.DecodeString(token)
++		if err != nil {
++			return "", ErrUnknownToken
++		}
++		token = string(decoded)
++		if !strings.HasPrefix(token, appId+"::") {
++			return "", ErrUnauthorized
++		}
++		deviceId := token[len(appId)+2:]
++		return UnicastInternalChannelId(deviceId, deviceId), nil
++	}
++	if userId != "" && deviceId != "" {
++		return UnicastInternalChannelId(userId, deviceId), nil
++	}
++	return "", ErrUnknownToken
++}
++
  func (sto *InMemoryPendingStore) GetInternalChannelId(name string) (InternalChannelId, error) {
  	if name == "system" {
  		return SystemInternalChannelId, nil
 === modified file 'server/store/inmemory_test.go'
 --- server/store/inmemory_test.go	2014-04-30 17:44:56 +0000
 +++ server/store/inmemory_test.go	2014-06-06 12:14:20 +0000
@@ -30,6 +30,50 @@
  var _ = Suite(&inMemorySuite{})
++func (s *inMemorySuite) TestRegister(c *C) {
++	sto := NewInMemoryPendingStore()
++
++	tok1, err := sto.Register("DEV1", "app1")
++	c.Assert(err, IsNil)
++	tok2, err := sto.Register("DEV1", "app1")
++	c.Assert(err, IsNil)
++	c.Check(len(tok1), Not(Equals), 0)
++	c.Check(tok1, Equals, tok2)
++}
++
++func (s *inMemorySuite) TestGetInternalChannelIdFromToken(c *C) {
++	sto := NewInMemoryPendingStore()
++
++	tok1, err := sto.Register("DEV1", "app1")
++	c.Assert(err, IsNil)
++	chanId, err := sto.GetInternalChannelIdFromToken(tok1, "app1", "", "")
++	c.Assert(err, IsNil)
++	c.Check(chanId, Equals, UnicastInternalChannelId("DEV1", "DEV1"))
++}
++
++func (s *inMemorySuite) TestGetInternalChannelIdFromTokenFallback(c *C) {
++	sto := NewInMemoryPendingStore()
++
++	chanId, err := sto.GetInternalChannelIdFromToken("", "app1", "u1", "d1")
++	c.Assert(err, IsNil)
++	c.Check(chanId, Equals, UnicastInternalChannelId("u1", "d1"))
++}
++
++func (s *inMemorySuite) TestGetInternalChannelIdFromTokenErrors(c *C) {
++	sto := NewInMemoryPendingStore()
++	tok1, err := sto.Register("DEV1", "app1")
++	c.Assert(err, IsNil)
++
++	_, err = sto.GetInternalChannelIdFromToken(tok1, "app2", "", "")
++	c.Assert(err, Equals, ErrUnauthorized)
++
++	_, err = sto.GetInternalChannelIdFromToken("", "app2", "", "")
++	c.Assert(err, Equals, ErrUnknownToken)
++
++	_, err = sto.GetInternalChannelIdFromToken("****", "app2", "", "")
++	c.Assert(err, Equals, ErrUnknownToken)
++}
++
  func (s *inMemorySuite) TestGetInternalChannelId(c *C) {
  	sto := NewInMemoryPendingStore()
 === modified file 'server/store/store.go'
 --- server/store/store.go	2014-05-02 15:10:18 +0000
 +++ server/store/store.go	2014-06-06 12:14:20 +0000
@@ -52,6 +52,8 @@
+ }
  var ErrUnknownChannel = errors.New("unknown channel name")
++var ErrUnknownToken = errors.New("unknown token")
++var ErrUnauthorized = errors.New("unauthorized")
  var ErrFull = errors.New("channel is full")
  var ErrExpected128BitsHexRepr = errors.New("expected 128 bits hex repr")
@@ -98,11 +100,17 @@
  // PendingStore let store notifications into channels.
  type PendingStore interface {
++	// Register returns a token for a device id, application id pair.
++	Register(deviceId, appId string) (token string, err error)
  	// GetInternalChannelId returns the internal store id for a channel
  	// given the name.
  	GetInternalChannelId(name string) (InternalChannelId, error)
  	// AppendToChannel appends a notification to the channel.
  	AppendToChannel(chanId InternalChannelId, notification json.RawMessage, expiration time.Time) error
++	// GetInternalChannelIdFromToken returns the matching internal store
++	// id for a channel given a registered token and application id or
++	// directly a device id, user id pair.
++	GetInternalChannelIdFromToken(token, appId, userId, deviceId string) (InternalChannelId, error)
  	// AppendToUnicastChannel appends a notification to the unicast channel.
  	// GetChannelSnapshot gets all the current notifications and
  	AppendToUnicastChannel(chanId InternalChannelId, appId string, notification json.RawMessage, msgId string, expiration time.Time) error
 === modified file 'signing-helper/signing-helper.cpp'
 --- signing-helper/signing-helper.cpp	2014-05-01 10:24:23 +0000
 +++ signing-helper/signing-helper.cpp	2014-06-06 12:14:20 +0000
@@ -33,6 +33,7 @@
  #include <QObject>
  #include <QString>
  #include <QTimer>
++#include <QUrlQuery>
  #include "ssoservice.h"
  #include "token.h"
@@ -63,12 +64,8 @@
      void SigningExample::handleCredentialsFound(Token token)
+     {
          qDebug() << "Credentials found, signing url.";
--
--        QString authHeader = token.signUrl(this->url, QStringLiteral("GET"), true);
--
--        std::cout << authHeader.toStdString() << "\n";
++        std::cout << token.signUrl(this->url, QStringLiteral("POST")).toStdString();
          QCoreApplication::instance()->exit(0);
--
+     }
      void SigningExample::handleCredentialsNotFound()
@@ -84,13 +81,12 @@
  int main(int argc, char *argv[])
+ {
      QCoreApplication a(argc, argv);
--
--    UbuntuOne::SigningExample *example = new UbuntuOne::SigningExample(&a);
--
++    if (argc<2) {
++        return 2;
++    }
++    UbuntuOne::SigningExample *example = new UbuntuOne::SigningExample(&a, argv[1]);
      QObject::connect(example, SIGNAL(finished()), &a, SLOT(quit()));
--
      QTimer::singleShot(0, example, SLOT(doExample()));
--
      return a.exec();
+ }