Goal

Moodle Mobile should receive Moodle messages as push notifications on iOS and Android.

Use case and web services

currently implemented use case

1. The user opens the app and accepts to receive push notifications. The app contacts Apple push notification server and gets a device token. The mobile app PushPlugin plugin does it.
2. The user enters its Moodle credentials. The app gets an AirNotifier access key from the site. (note that this access key is currently the same for each site => meaningless). The key is retrieved by calling the webservice message_airnotifier_get_access_key(permissions). create_token is the only possible permission at the moment.
3. The app sends its token to AirNotifier server - it's done by a HTTP POST request.
4. The app registers its device to the site - it's done by a ws call message_airnotifier_add_user_device(appname, devicetoken, devicename)
5. Someone/Something triggers a Moodle message. AirNotifier provider (Moodle site) sends a payload for a specific device token to airnotifier server - it's done by a HTTP POST
6. The user receive the notification.

brainstorming use case

1. During AirNotifier provider installation, the site contacts Airnotifer server to request an access key for itself + an access key for the devices (to send their device token to AirNotifier server).
2. The user opens the app and accepts to receive push notifications. The app contacts Apple push notification server and gets a device token.
3. The user enters its Moodle credentials. The app gets an AirNotifier access key from the site. It's done calling the webservice message_airnotifier_get_access_key(type). An admin could request the site access key, the others only get the device access key.
4. The app sends its device token to AirNotifier server + the site url (so airnotifier knows the device/site couple, and so AirNotifier can allow site broadcast) - it's done by a HTTP POST request.
5. The app registers its device to the site - it's done by a ws call message_airnotifier_add_user_device(appname, devicetoken, devicename)
6. During this web service, the site confirms the device token to AirNotifier. It's done by a HTTP POST request. AirNotifier server deletes unconfirmed device tokens older than one minute every hours.
7. Someone/Something triggers a Moodle message. AirNotifier provider (Moodle site) sends a payload for a specific device token to airnotifier server - it's done by a HTTP POST
8. Time to time, the AirNotifier server checks Apple feedback and delete the unactive device tokens.
9. When the AirNotifier provider tries to send a message to a deleted device, it receive an error from AirNotifier server and stores it. Then it sends a unique alert to the device user. The device is disabled on the user messaging settings. After a month, the cron processes delete the device.

another brainstorming use case

1. All the sites (public or privately) already registered in Moodle.net will have automatically keys for using AirNotifier
2. When registering a new site in Moodle.net there will be a new option for enabling PUSH Notificiations (true by default)
3. If your site is not registered and your Mobile Services were enabled you will see a message in the Moodle Notifications page indicating that "You must register your site in order to be able to send PUSH Notifications"
4. If your site is not registered and you enable Mobile Services you will see a message near to the "Enable Mobile Services" indicating that "You must register your site in order to be able to send PUSH Notifications"
5. If your installation has a very big number of users, during the registration process and in the Notifications page you will see a message indicating "The public PUSH Notification server is limited to Moodle sites with less than N (5k, 20k...) users"
6. The user opens the app and accepts to receive push notifications. The app contacts Apple push notification server and gets a device token. A user can disable at any time notifications for his device
7. Every time the user open the app, the app gets an AirNotifier access key from the site. It's done calling the webservice message_airnotifier_get_access_key(type). An admin could request the site access key, the others only get the device access key.
8. The app sends its device token to AirNotifier server + the site url (so airnotifier knows the device/site couple, and so AirNotifier can allow site broadcast) - it's done by a HTTP POST request. This is done only if your device token has changed.
9. The app registers its device to the site - it's done by a ws call message_airnotifier_add_user_device(appname, devicetoken, devicename, siteURL) This is done every time a user opens the app
10. Since the app is sending its device token every time a user opens the app, a cron job in the Moodle Site can delete old device tokens (so we can avoid the AirNotifier feedback service in the first stage)
11. Someone/Something triggers a Moodle message. AirNotifier provider (Moodle site) sends a payload for a specific device token + specific site to airnotifier server - it's done by a HTTP POST
12. If the user disable the PUSH Notification feature, a WS message_airnotifier_remove_user_device is called, also the AirNotifier is requested to delete the user device

Benefits are: -We can reuse the current registration process that is secure (as far as I know) -The AirNotifier API for register new sites will be exposed only to Moodle.net (not to all sites) -It will be easier notify registered sites that are abusing (Moodle.net can communicate with sites (sending an automatic email to the user admin)) -Moodle will have statistics of sites using PUSH directly in Moodle.net (no need to ask AirNotifier) -The registration process can be improved to retrieve the number of registered devices that are receiving notifications -I think that it will "enforce" users to register their sites (for receive security notifications, etc..) -Big companies with big Moodle installations usually doesn't register their Moodle sites, this will force these companies to use their own AirNotifier server instance -Since we have the number of users in a Moodle site, we can automatically disable AirNotifier for big installations (more thant Nk users) -I think that having all the information that the registration provides will help us to "monitor and prevent abuse" of the AirNotifier server

Payload content

The current payload content would need a bit of brainstorming. We need to identify what to send as it is extremely short. The app will behave following the content it receives.

Apple

The Apple payload is limited to 256bytes and it includes everything sent. Our current implementation is still quite of a wip: {type:'moodle_instantmessage',id:'8',urlparams:'{"user":"2","id":"8"}',userfrom:'Manager Moodle',date:'1367477362',alert:'This is a message text.',}

GCM

The Apple payload is about 4Kb. As it's more more permissive than Apple, it is not an issue. The content will be the same than Apple ones, just the format changes.

Deliverables

• push notification support on the mobile app - the app receives the push notification and behaves correctly.
• The AirNotifier server - it sends notification to APNS / GCM.
• The AirNotifier provider - it sends Moodle messages to AirNotifier - MDL-36445

AirNotifier messaging provider

In your messaging setting page you can select which of your devices can receive push notifications. MDL-36445 The provider has usual messaging provider settings.

AirNotifier server

To install the server follow: https://github.com/airnotifier/airnotifier/wiki/Installation

Need to be done:

• feedback - MOBILE-191
• load stress
• IP banning - need to be tested MOBILE-192
• Site broadcast (site keys) MOBILE-395
• DDOS attacks
• iOS support - it works
• Android support MOBILE-396

App push notification support in the mobile app

MOBILE-168

The app is closed or is running in the background

It's a normal OS notification. The user can open the app from it. We need to define what happens when we open the app. See payload content section.

The app is opened

The app displays a notification popup. Or better, it's a small temporary notification message at the top that retarct by itself - less intrusive.

Risks

These risks have been raised by Dan in MDL-36445:

• Have we load tested it with large numbers of users/notifications?
• What is stopping someone downloading Moodle getting the keys to DOS our push notification service (surely blacklisting us with apple)
• If someone gains access to device ids, could they then use our service to spam users?
• Are we checking the 'feedback service' and removing devices which no longer exist, apple ominously writes "Note: APNs monitors providers for their diligence in checking the feedback service and refraining from sending push notifications to nonexistent applications on devices."

Improvements

See Apu's comment in https://tracker.moodle.org/browse/MDL-36445?focusedCommentId=200343&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-200343. Specially the mention about language.