Uploaded image for project: 'Moodle app'
  1. Moodle app
  2. MOBILE-4214

Add encrypted mobile notifications

    XMLWordPrintable

Details

    • Hide

      This issue needs to be tested in at least 1 Android device running Android >= 9, 1 device running Android 8 and 1 iOS device.

      Please test each case 3 times: once with the app in foreground, once with the app in background (but alive) when receiving the push, and once with the app dead when receiving the push. Important: please notice that in iOS if the app is "dead" the encrypted notifications might not arrive, or they can arrive late (e.g. 15 minutes later); this is an iOS limitation.

      Non-encrypted notifications

      • Non-encrypted push notifications containing a lot of text (a very large forum post, for example) in this case the push will arrive without content (just with a Tap to view message). Current limit is around 4k words for the total payload. E.g. you can generate a 4KB text using this website and send a private message in Moodle with that long text.
        • Check that clicking the notifications works fine (e.g. clicking a private message notifications opens the conversation in the app).
      • Non-encrypted Push notifications for Premium sites (Premium Moodle sites support multimedia and grouped notifications, for example, the user avatar for private Push messages is displayed in Android devices and conversations for the same chat are grouped in the same Push notifications instead of generating separed ones)
        • Other notifications containing images are badge awarded notifications and course completed notifications

      Encrypted notifications

      • Encrypted push notifications for premium sites that should include multimedia or grouped notifications won't work the same:
        • multimedia elements such as images won't work
        • grouped notifications should work
        • clicking the notifications should work as usual (e.g. clicking a private message notifications opens the conversation in the app).
      • Encrypted push notifications containing a lot of text (a very large forum post, for example will arrive without content (just with a Tap to view message), the size of an encrypted push payload is larger (maybe 3x) so a shorter text will make the push to display the "Tap to view message".
        • Clicking the notifications should work as usual (e.g. clicking a private message notifications opens the conversation in the app).

      To also test:

      • The Push test under Mobile notification settings in Moodle LMS should continue working
      • The Apps Portal functionality for BMAs to send non-encrypted custom Push notifications should still work
      • Sending Push notifications directly via Airnotifier should work (using a curl command calling Airnotifier's API)

      Test Android 7.1 or older

      In an Android 7.1 or older, check that:

      • Non encrypted notifications arrive ok.
      • Notifications do NOT arrive when encryption is enabled and the LMS setting "For devices not supporting encryption" is set to "Do not send notifications at all".
      • Notifications arrive ok when encryption is enabled and the LMS setting "For devices not supporting encryption" is set to "Send notifications without encryption".
      Show
      This issue needs to be tested in at least 1 Android device running Android >= 9, 1 device running Android 8 and 1 iOS device. Please test each case 3 times: once with the app in foreground, once with the app in background (but alive) when receiving the push, and once with the app dead when receiving the push. Important : please notice that in iOS if the app is "dead" the encrypted notifications might not arrive, or they can arrive late (e.g. 15 minutes later); this is an iOS limitation. Non-encrypted notifications Non-encrypted push notifications containing a lot of text (a very large forum post, for example) in this case the push will arrive without content (just with a Tap to view message). Current limit is around 4k words for the total payload. E.g. you can generate a 4KB text using this website and send a private message in Moodle with that long text. Check that clicking the notifications works fine (e.g. clicking a private message notifications opens the conversation in the app). Non-encrypted Push notifications for Premium sites (Premium Moodle sites support multimedia and grouped notifications, for example, the user avatar for private Push messages is displayed in Android devices and conversations for the same chat are grouped in the same Push notifications instead of generating separed ones) Other notifications containing images are badge awarded notifications and course completed notifications Encrypted notifications Encrypted push notifications for premium sites that should include multimedia or grouped notifications won't work the same: multimedia elements such as images won't work grouped notifications should work clicking the notifications should work as usual (e.g. clicking a private message notifications opens the conversation in the app). Encrypted push notifications containing a lot of text (a very large forum post, for example will arrive without content (just with a Tap to view message), the size of an encrypted push payload is larger (maybe 3x) so a shorter text will make the push to display the "Tap to view message". Clicking the notifications should work as usual (e.g. clicking a private message notifications opens the conversation in the app). To also test: The Push test under Mobile notification settings in Moodle LMS should continue working The Apps Portal functionality for BMAs to send non-encrypted custom Push notifications should still work Sending Push notifications directly via Airnotifier should work (using a curl command calling Airnotifier's API) Test Android 7.1 or older In an Android 7.1 or older, check that: Non encrypted notifications arrive ok. Notifications do NOT arrive when encryption is enabled and the LMS setting "For devices not supporting encryption" is set to "Do not send notifications at all". Notifications arrive ok when encryption is enabled and the LMS setting "For devices not supporting encryption" is set to "Send notifications without encryption".
    • MOODLE_400_STABLE
    • MOODLE_402_STABLE
    • MDL-76722-x25519
    • Moodle App 4.2.0

    Description

      Encrypt mobile notifications should be encrypted so the AirNotifier server and platform notification service (Firebase/APN) cannot read user data.

      Fields to encrypt:

      • userfromfullname
      • smallmessage,
      • fullmessage
      • fullmessagehtml
      • subject
      • customdata

       

      A key pair should be generated on the device to be stored in the device keychain (Hardware module if possible).
      The public key will be registered against the device in Moodle (user_devices table).
      If the setting `tool_mobile/encryptnotifications` is on the relevant notification fields will be encrypted.
      When the device receives an encrypted notification it will be decrypted using the private key.

       

      Push wrapper: https://github.com/alexmorrisnz/push-wrapper

      phonegap-plugin-push: https://github.com/alexmorrisnz/phonegap-plugin-push/tree/MDL-76722-encrypted_notifications-x25519

      Attachments

        Issue Links

          Activity

            People

              alexmorris Alexander Morris
              alexmorris Alexander Morris
              Dani Palou Dani Palou
              Isabel Renedo Rouco Isabel Renedo Rouco
              Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.