向 APNS 发出推送通知请求时出现以下错误: &{403 禁止 403 HTTP/2.0 2 0 map[Apns-Id:[7BF53274-A04B-7C1B-8312-DB01DA48A519]] {0xc0000c88c0} -1 [] false false map[] 0xc000132000 0xc0000ba370}
我怀疑我生成身份验证标头的代码不正确
以下是相关代码:
func generateAuthenticationHeader() string {
b, _ := json.Marshal(Header{ ALG: "ES256", KID: authKeyId })
header := b64.StdEncoding.EncodeToString(b)
b, _ = json.Marshal(Claims{ ISS: teamId, IAT: time.Now().String() })
claims := b64.StdEncoding.EncodeToString(b)
pkey := getPrivateKey()
indata := fmt.Sprintf("%s.%s", header, claims)
h := sha256.New()
h.Write([]byte(indata))
digest := h.Sum(nil)
r, s, err := ecdsa.Sign(rand.Reader, pkey, digest)
if err != nil {
log.Fatal(err)
}
signature := r.Bytes()
signature = append(signature, s.Bytes()...)
signed := b64.StdEncoding.EncodeToString(signature)
return fmt.Sprintf("%s.%s.%s", header, claims, signed)
}
func getPrivateKey() *ecdsa.PrivateKey {
r, _ := ioutil.ReadFile(authKeyPath)
block, _ := pem.Decode(r)
key, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
log.Fatal(err)
}
pkey := key.(*ecdsa.PrivateKey)
return pkey
}
问题是 IAT 声明类型不正确。它应该是 int64 而不是字符串,时间应该以秒为单位。按时调用 String((。Now(( 返回的格式与 Apple 根据其文档预期的 IAT 声明不同:https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/establishing_a_token-based_connection_to_apns。