core: html5 push notification; vapid 403 forbidden
Home Assistant release with the issue:
hass 0.92.1
Last working Home Assistant release (if known): hass 0.91.2
Operating environment (Hass.io/Docker/Windows/etc.):
hassbian/ python35
Component/platform: https://www.home-assistant.io/components/html5/
Description of problem: Forum thread here; https://community.home-assistant.io/t/html5-vapid-403-forbidden
Basically the new vapID fails after a period of time, if you restart HASS, expire your current keys and renew them or remove the html5_push_registrations.conf file and re-add your browsers after a period of time, push notifications will stop and you will receive an error.
Problem-relevant configuration.yaml entries and (fill out even if it seems unimportant):
notify:
- name: html5_push
platform: html5
vapid_pub_key: !secret vapid_pub_key
vapid_prv_key: !secret vapid_prv_key
vapid_email: asdf@gmail.com
Traceback (if applicable):
2019-05-02 09:48:54 ERROR (MainThread) [homeassistant.core] Error executing service <ServiceCall notify.html5_push (c:ccc45d4ce2d7478a80de542b9d1a4a99): message=<homeassistant.helpers.template.Template object at 0x5d3e91b0>, target=['phone_browser', 'laptop_browser'], title=<homeassistant.helpers.template.Template object at 0x5d3e9310>>
Traceback (most recent call last):
File "/srv/homeassistant/lib/python3.5/site-packages/homeassistant/core.py", line 1147, in _safe_execute
await self._execute_service(handler, service_call)
File "/srv/homeassistant/lib/python3.5/site-packages/homeassistant/core.py", line 1160, in _execute_service
await handler.func(service_call)
File "/srv/homeassistant/lib/python3.5/site-packages/homeassistant/components/notify/__init__.py", line 112, in async_notify_message
await notify_service.async_send_message(**kwargs)
File "/usr/lib/python3.5/asyncio/futures.py", line 380, in __iter__
yield self # This tells Task to wait for completion.
File "/usr/lib/python3.5/asyncio/tasks.py", line 304, in _wakeup
future.result()
File "/usr/lib/python3.5/asyncio/futures.py", line 293, in result
raise self._exception
File "/usr/lib/python3.5/concurrent/futures/thread.py", line 55, in run
result = self.fn(*self.args, **self.kwargs)
File "/srv/homeassistant/lib/python3.5/site-packages/homeassistant/components/html5/notify.py", line 458, in send_message
self._push_message(payload, **kwargs)
File "/srv/homeassistant/lib/python3.5/site-packages/homeassistant/components/html5/notify.py", line 495, in _push_message
vapid_claims=self._vapid_claims
File "/srv/homeassistant/lib/python3.5/site-packages/pywebpush/__init__.py", line 428, in webpush
response=response)
pywebpush.WebPushException: WebPushException: Push failed: 403 Forbidden
Additional information: https://community.home-assistant.io/t/html5-vapid-403-forbidden
Please visit the forum thread for many people reporting the issue and some debugging I attempted to complete.
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 40
- Comments: 44 (14 by maintainers)
Hey all,
I’m the maintainer of pywebpush (and I also work at mozilla dealing with the push service).
TTLis Seconds to retain a notification until the recipient is available. There can be a lot of reasons the recipient isn’t available, particularly with mobile devices. (Bad connection, CPU powered down the radio, on a train going through a tunnel, etc.).TTL=0 means “If the recipient isn’t immediately available, toss the notification”. Generally, it’s probably not what you want. In most cases, TTL=28800 is probably good enough. It’s 8 hours. That should be more than enough for the recipient to get the message, and it still be reasonably relevant. Servers get to set the max amount of time they’ll hang onto a message, and will usually tell you if you exceed it.
I’ll note that this is NOT the same thing as the
expin the VAPID header. That header identifies you as the sender and theexpsays “This info is valid until this time”. The max value for EXP is 86400, but due to the fact that clock skew is a thing, you probably want to use a value like 43200. The idea is that if you’re sending lots and lots of updates (we get millions from some sources) calculating the same VAPID header over and over is really expensive, so you can cache the header and just reuse it for a few hours.Finally, if you do have a bug with pywebpush (or have a question about push notifications) don’t be afraid to reach out to me. I try to respond reasonably quickly.
@r-oleary I wrote a quick explanation how to do this if you are interested. https://community.home-assistant.io/t/html5-vapid-403-forbidden/110953/26
@perosb Can you please submit a new PR to roll back #22737 as it appears to have broken HTML5 notifications for… everyone.
Okay, just merged #22988. Lets hope that fixes things.
I talked to @balloob the other night, he wasn’t even aware that html5 push notifications were not working… He was at the time making a 93 beta and said there would be no 92.3.
I got the same problem las month… https://community.home-assistant.io/t/push-notifications-with-vapid-unauthorizedregistration/108498/5
HA 0.92.2 OS Docker
I report the same problem. notifications work for a few hours after a while it stops. error:
html5 push notification; Html5 vapid 403 forbidden html5 push notification; vapid 403 forbiddenI tried this too (I am using a Hassio image if that matters), and that didn’t fix it for me. It gave a similar error that I didn’t take note of, before I removed that fix.
I am using pushbullet for now, and that works every time without issue.
Would it be possible for someone to quickly describe how to revert? Either here or in the related forum post? Thanks!
I was able to fix the problem for a day or two by removing push notifications and re-adding. Now the same problem appears again, leading to the conclusion that something must be corrupted.