Added vapid-key generator utility to generate keys with

Author: dimitribouniol

.gitignore

@@ -7,3 +7,6 @@ DerivedData/
 .swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata
 .netrc
 Package.resolved
+
+/vapid-key-generator/.build
+/vapid-key-generator/.swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata

README.md

@@ -51,6 +51,68 @@ targets: [
 
 ## Usage
 
+### Generating Keys
+
+Before integrating WebPush into your server, you must generate one time VAPID keys to identify your server to push services with. To help we this, we provide `vapid-key-generator`, which you can install and use as needed:
+```zsh
+% git clone https://github.com/mochidev/swift-webpush.git
+% cd swift-webpush/vapid-key-generator
+% swift package experimental-install
+```
+
+To uninstall the generator:
+```zsh
+% package experimental-uninstall vapid-key-generator
+```
+
+Once installed, a new configuration can be generated as needed:
+```
+% ~/.swiftpm/bin/vapid-key-generator https://example.com
+VAPID.Configuration: {"contactInformation":"https://example.com","expirationDuration":79200,"keys":["g7PXKzeMR/B+ndQWa92Dl9u22CibXJnm6vN9L6Gri1E="],"primaryKey":"g7PXKzeMR/B+ndQWa92Dl9u22CibXJnm6vN9L6Gri1E=","validityDuration":72000}
+
+
+Example Usage:
+    // TODO: Load this data from .env or from file system
+    let configurationData = Data(#" {"contactInformation":"https://example.com","expirationDuration":79200,"keys":["g7PXKzeMR/B+ndQWa92Dl9u22CibXJnm6vN9L6Gri1E="],"primaryKey":"g7PXKzeMR/B+ndQWa92Dl9u22CibXJnm6vN9L6Gri1E=","validityDuration":72000} "#.utf8)
+    let vapidConfiguration = try JSONDecoder().decode(VAPID.Configuration.self, from: configurationData)
+```
+
+Once generated, the configuration JSON should be added to your deployment's `.env` and kept secure so it can be accessed at runtime by your application server, and _only_ by your application server. Make sure this key does not leak and is not stored alongside subscriber information.
+
+> [!NOTE]
+> You can specify either a support URL or an email for administrators of push services to contact you with if problems are encountered, or you can generate keys only if you prefer to configure contact information at runtime:
+
+```zsh
+% ~/.swiftpm/bin/vapid-key-generator -h
+OVERVIEW: Generate VAPID Keys.
+
+Generates VAPID keys and configurations suitable for use on your server. Keys should generally only be generated once
+and kept secure.
+
+USAGE: vapid-key-generator <support-url>
+       vapid-key-generator --email <email>
+       vapid-key-generator --key-only
+
+ARGUMENTS:
+  <support-url>           The fully-qualified HTTPS support URL administrators of push services may contact you at:
+                          https://example.com/support
+
+OPTIONS:
+  -k, --key-only          Only generate a VAPID key.
+  -s, --silent            Output raw JSON only so this tool can be piped with others in scripts.
+  -p, --pretty            Output JSON with spacing. Has no effect when generating keys only.
+  --email <email>         Parse the input as an email address.
+  -h, --help              Show help information.
+```
+
+> [!IMPORTANT]
+> If you only need to change the contact information, you can do so in the JSON directly — a key should _not_ be regenerated when doing this as it will invalidate all existing subscriptions.
+
+> [!TIP]
+> If you prefer, you can also generate keys in your own code by calling `VAPID.Key()`, but remember, the key should be persisted and re-used from that point forward!
+
+### Setup
+
 TBD
 
 ## Contributing

vapid-key-generator/Package.swift

@@ -0,0 +1,30 @@
+// swift-tools-version: 6.0
+// The swift-tools-version declares the minimum version of Swift required to build this package.
+
+import PackageDescription
+
+let tool = Package(
+    name: "vapid-key-generator",
+    platforms: [
+        .macOS(.v13),
+        .iOS(.v15),
+        .tvOS(.v15),
+        .watchOS(.v8),
+    ],
+    products: [
+        .executable(name: "vapid-key-generator", targets: ["VAPIDKeyGenerator"]),
+    ],
+    dependencies: [
+        .package(url: "https://github.com/apple/swift-argument-parser.git", from: "1.5.0"),
+        .package(path: "../"),
+    ],
+    targets: [
+        .executableTarget(
+            name: "VAPIDKeyGenerator",
+            dependencies: [
+                .product(name: "ArgumentParser", package: "swift-argument-parser"),
+                .product(name: "WebPush", package: "swift-webpush"),
+            ]
+        ),
+    ]
+)

vapid-key-generator/Sources/VAPIDKeyGenerator.swift

@@ -0,0 +1,119 @@
+//
+//  VAPIDKeyGenerator.swift
+//  swift-webpush
+//
+//  Created by Dimitri Bouniol on 2024-12-14.
+//  Copyright © 2024 Mochi Development, Inc. All rights reserved.
+//
+
+import ArgumentParser
+import Foundation
+import WebPush
+
+@main
+struct MyCoolerTool: ParsableCommand {
+    static let configuration = CommandConfiguration(
+        abstract: "Generate VAPID Keys.",
+        usage: """
+            vapid-key-generator <support-url>
+            vapid-key-generator --email <email>
+            vapid-key-generator --key-only
+            """,
+        discussion: """
+            Generates VAPID keys and configurations suitable for use on your server. Keys should generally only be generated once and kept secure.
+            """
+    )
+    
+    @Flag(name: [.long, .customShort("k")], help: "Only generate a VAPID key.")
+    var keyOnly = false
+    
+    @Flag(name: [.long, .customShort("s")], help: "Output raw JSON only so this tool can be piped with others in scripts.")
+    var silent = false
+    
+    @Flag(name: [.long, .customShort("p")], help: "Output JSON with spacing. Has no effect when generating keys only.")
+    var pretty = false
+    
+    @Option(name: [.long], help: "Parse the input as an email address.")
+    var email: String?
+    
+    @Argument(help: "The fully-qualified HTTPS support URL administrators of push services may contact you at: https://example.com/support") var supportURL: URL?
+    
+    mutating func run() throws {
+        let key = VAPID.Key()
+        let encoder = JSONEncoder()
+        if pretty {
+            encoder.outputFormatting = [.withoutEscapingSlashes, .sortedKeys, .prettyPrinted]
+        } else {
+            encoder.outputFormatting = [.withoutEscapingSlashes, .sortedKeys]
+        }
+        
+        if keyOnly, supportURL == nil, email == nil {
+            let json = String(decoding: try encoder.encode(key), as: UTF8.self)
+            
+            if silent {
+                print("\(json)")
+            } else {
+                print("VAPID.Key (with quotes): \(json)\n\n")
+                print("Example Usage:")
+                print("    // TODO: Load this data from .env or from file system")
+                print("    let keyData = Data(#\" \(json) \"#.utf8)")
+                print("    let vapidKey = try JSONDecoder().decode(VAPID.Key.self, from: keyData)")
+            }
+        } else if !keyOnly {
+            let contactInformation = if let supportURL, email == nil {
+                VAPID.Configuration.ContactInformation.url(supportURL)
+            } else if supportURL == nil, let email {
+                VAPID.Configuration.ContactInformation.email(email)
+            } else if supportURL != nil, email != nil {
+                throw UnknownError(reason: "Only one of an email or a support-url may be specified.")
+            } else {
+                throw UnknownError(reason: "A valid support-url must be specified.")
+            }
+            if let supportURL {
+                guard let scheme = supportURL.scheme?.lowercased(), scheme == "http" || scheme == "https"
+                else { throw UnknownError(reason: "support-url must be an HTTP or HTTPS.") }
+            }
+            
+            let configuration = VAPID.Configuration(key: key, contactInformation: contactInformation)
+            
+            let json = String(decoding: try encoder.encode(configuration), as: UTF8.self)
+            
+            if silent {
+                print("\(json)")
+            } else {
+                var exampleJSON = ""
+                if pretty {
+                    print("VAPID.Configuration:\n\(json)\n\n")
+                    exampleJSON = json
+                    exampleJSON.replace("\n", with: "\n        ")
+                    exampleJSON = "#\"\"\"\n        \(exampleJSON)\n        \"\"\"#"
+                } else {
+                    print("VAPID.Configuration: \(json)\n\n")
+                    exampleJSON = "#\" \(json) \"#"
+                }
+                print("Example Usage:")
+                print("    // TODO: Load this data from .env or from file system")
+                print("    let configurationData = Data(\(exampleJSON).utf8)")
+                print("    let vapidConfiguration = try JSONDecoder().decode(VAPID.Configuration.self, from: configurationData)")
+            }
+        } else {
+            if email != nil {
+                throw UnknownError(reason: "An email cannot be specified if only keys are being generated.")
+            } else {
+                throw UnknownError(reason: "A support-url cannot be specified if only keys are being generated.")
+            }
+        }
+    }
+}
+
+struct UnknownError: LocalizedError {
+    var reason: String
+    
+    var errorDescription: String? { reason }
+}
+
+extension URL: @retroactive ExpressibleByArgument {
+    public init?(argument: String) {
+        self.init(string: argument)
+    }
+}