Firebase-ios-sdk: Push notification token gets invalidated after few days b/111760840

Can you share your project ID? This looks like a backend issue and may require looking at your Firebase project information.

@morganchen12 What is your email?

Instead of emailing me directly, you should file a support ticket so we can keep all your debugging-related nonpublic information in one place (the ticket can link to this GH issue).

Apologies for the misdirection, I realize this is really obtuse after asking you to file a separate issue.

@morganchen12 I filed a support ticket. let me know if you need any additional information. Thank you!

@morganchen12 I monitor the token I got from yesterday, and today it says it's NotRegistered. This is really bad.

@morganchen12 Did you get the info needed from the support ticket? I sent it out a week ago, but no update there. I also tried to update to the latest SDK and the token still gets invalidated after 3 days (without opening the app after the token was generated)

I haven't seen it. Can you email me your project directly? I'm morganchen@

Filed a bug with the backend team, I'll keep this ticket updated. b/111760840

@richardliveraise can you share one or more tokens that were unregistered early?

@morganchen12 I sent them to your email. thanks!

Looks like your tokens are being replaced, while still valid, by new tokens. Can you send a currently valid token? This way we can check what's causing it to be refreshed while still valid.

@morganchen12 I sent the valid token to your email. Thank you!

Do you know when this started happening?

Not sure yet. It looks like your app is sending up frequent requests to register a new token, though this may not be the root cause of the issue (since your app has always been doing this and this has only been an issue recently).

Can you pin down any repro steps for this issue or share your codebase?

@morganchen12 Which request do you mean? Is it [[UIApplication sharedApplication] registerForRemoteNotifications]; ? I tried calling this multiple times, but the delegate returns the same token.
If the app is open and new token is generated, It will send the new token to the backend, so it's not an issue.

The app is not active when the token gets invalidated, so there shouldn't be any request made. Can you share with me what are the triggers/flows that cause the token to be refreshed? Maybe I can try debug it on my end too.

Thanks!

Do you have any explicit calls to InstanceID in your code?

@morganchen12 No, I dont. Should I?

From the docs, "Either at startup, or at the desired point in your application flow, register your app for remote notifications"

From the sample code, this code is called every time app is launched.

What are the triggers that cause the token to be refreshed on your end?

You don't need any explicit calls to the InstanceID API. Let me check and I'll get back to you on the second question.

Looks like there's nothing wrong going on in your code. Are you able to reproduce this with the Messaging quickstart repo? Also, can you send the logs of your app lifecycle with -FIRDebugEnabled on?

@morganchen12 I'll look into that. Can you tell me what triggers the token to be refreshed? Is this coming from client side?

Messaging should request a token on every app start, but this is normal and should usually return an existing token instead of generating a new one. If you send the logs, we'll be able to discern more clearly.

@morganchen12 The last active token I sent you was just invalidated. As of 20 minutes ago, it was still working. I'm quite certain this has nothing to do with client side. Do you see anything on the backend ?

@morganchen12

1. What is the trigger that set the token to Not Registered state on your end?
2. My understanding is APN will issue deviceToken to client, which will be converted to FCM token from the client. The SDK then will send this to Firebase backend. So unless the client make a request and updating that token, the FCM token should still be valid, is this correct?

1. Registrations can be deleted if a new registration of the same type is generated or if the client causes the registration to be deleted (i.e. by deleting the InstanceID, by restoring the device from backup, or by reinstalling the app)
2. The APNs token is sent by the client to the IID backend as part of the register request; the backend then returns a valid FCM token.

• Can you provide some valid FCM tokens from other installations of this app?
• Are you using any other FCM APIs?

@morganchen12

1. What do you mean a new registration of same type is generated?
2. If the client is completely closed, still installed, and no update, what other triggers that could affect the registration?
3. Did we learn anything from the last active token I sent you? Is it getting replaced with new token?

Can you provide some valid FCM tokens from other installations of this app?
Yes, I sent it to your email
Are you using any other FCM APIs?
No.

Also, the fact that its consistently gets invalidated between 2-3 days is so weird. It's not 1 day, not 4 days.

1. This effectively means when a new token is generated for your instance (app install).
2. In this case it must be some internal process that's causing the app instance to be unregistered. We haven't quite pinned this down yet.
3. The last token sent was deleted without a new token being generated (as if the app was uninstalled), which indicates it's _probably_ a bug on the FCM side. Unfortunately this means there may be no quick fix for your app, but I'll keep this bug updated with details.

@morganchen12

1. Will it help if we switch over to APNs Authentication Key?
2. If we use APNs Authentication Key, will existing FCM tokens still works?
3. Do we need to delete existing APNs certificates from Cloud Messaging settings if we update to APNs Authentication Key?

Thank you!

1. It's possible, but uncertain at this point. We're investigating the possibility of token invalidations being forced as a result of APNs token changes on the client, so you may want to hold off until those investigations finish.
2. Unlikely, but I'm not entirely sure.
3. Yes.

@morganchen12
Can you please confirm if updating to APNs Authentication Key will invalidate existing FCM tokens or not? I'd like to try updating it, but I don't want it to invalidate the valid tokens.

Also, what could cause APNs token changes on the client? Shouldn't this be long lived?

Did you happen to use the offloading feature of the iOS? https://www.theverge.com/2017/6/7/15752132/ios-11-storage-deleting-apps-messages-photos

If that happens, it will invalidate your apns token which cause fcm token to be invalidated as well. You will need to delete existing one and refresh a new one from server.

If your tokens are still being invalidated every two days, I say it doesn't hurt just to switch to auth key on the console. Any reason you like to keep existing tokens?

@chliangGoogle

no, I don't have offloading features enabled.
We're still monitoring this issue on our end, I see some tokens that are still valid after 5 days.
So I don't want to update to APNs Auth key if it will invalidate those remaining valid tokens.

Also, I'm receiving push notifications from other apps even those I don't open it for more than a week.

we suspect your apns token is invalidated, you can double check by sending notification using apns token only.
Or in your delegate application:didRegisterForRemoteNotificationWithDeviceToken: see if your apns token has changed every time you failed sending push notification.

@chliangGoogle ok, I'll check that out. What could cause the apns token gets invalidated though? With no app update, no OS update, app is closed. it doesnt make any sense.

Apple's pretty vague about what can cause APNs tokens to be invalidated. In their official documentation, they present some cases in which APNs tokens are guaranteed to be invalidated, but then hints that the device token may change while your app is running, which isn't covered by any of the examples they list beforehand.

I don't think we can rely on APNs to reliably invalidate or not invalidate your token, but before we continue debugging down the APNs path we should confirm whether or not it's causing the invalidations.

@richardliveraise are you able to determine if the cause of the invalidations has been your APNs tokens changing?

@morganchen12 yes, that seems to be the case. I'm still troubleshooting if that's consistent for all the invalidations. I'll update you once I know more. Thanks.

@richardliveraise I'm closing this ticket for the time being, but if you have any new information or if this issue resurfaces please comment here and I'll reopen it.

@morganchen12 This is something I've also been experiencing. The error I get is usually "NotRegistered" and occasionally "InvalidRegistration"

@ThoseGuysInTown please file a support ticket.