Description
New Feature / Enhancement Checklist
- I am not disclosing a vulnerability.
- I am not just asking a question.
- I have searched through existing issues.
Current Limitation
The APNS p8 token has to be supplied in form of a .p8 file. That makes it more difficult to store as a secured string (e.g. using AWS Secrets Manager) but may make it more tempting for beginners to commit the private key as part of source code to their repository, which is bad practice.
Feature / Enhancement Description
Currently the token key is specified via a file path:
push: {
ios: {
token: {
key: './aps.p8',
...
}
}
}
To avoid a breaking change an additional param could be introduced that allows to supply the key as string:
push: {
ios: {
token: {
keyString: '-----BEGIN PRIVATE KEY-----....',
...
}
}
}
or, to avoid a new parameter, the adapter could interpret a key value that starts with -----BEGIN PRIVATE KEY---- and ends with -----END PRIVATE KEY----- not as a file path but as the key itself. So key can either be a file path or the key itself.
Example Use Case
n/a
Alternatives / Workarounds
Save the securely stored private key as a file on deployment, which may be unwanted in some scenarios.
3rd Party References
n/a