Merge pull request #102 from konkit/optional-vapid-subject

Make VAPID subject claim optional

Author: martijndwars

src/main/java/nl/martijndwars/webpush/PushService.java

@@ -34,7 +34,8 @@ public class PushService {
     private String gcmApiKey;
 
     /**
-     * Subject used in the JWT payload (for VAPID)
+     * Subject used in the JWT payload (for VAPID). When left as null, then no subject will be used
+     * (RFC-8292 2.1 says that it is optional)
      */
     private String subject;
 
@@ -55,15 +56,23 @@ public PushService(String gcmApiKey) {
         this.gcmApiKey = gcmApiKey;
     }
 
-    public PushService(KeyPair keyPair, String subject) {
+    public PushService(KeyPair keyPair) {
         this.publicKey = keyPair.getPublic();
         this.privateKey = keyPair.getPrivate();
+    }
+
+    public PushService(KeyPair keyPair, String subject) {
+        this(keyPair);
         this.subject = subject;
     }
 
-    public PushService(String publicKey, String privateKey, String subject) throws GeneralSecurityException {
+    public PushService(String publicKey, String privateKey) throws GeneralSecurityException {
         this.publicKey = Utils.loadPublicKey(publicKey);
         this.privateKey = Utils.loadPrivateKey(privateKey);
+    }
+
+    public PushService(String publicKey, String privateKey, String subject) throws GeneralSecurityException {
+        this(publicKey, privateKey);
         this.subject = subject;
     }
 
@@ -226,7 +235,9 @@ public HttpPost preparePost(Notification notification, Encoding encoding) throws
             JwtClaims claims = new JwtClaims();
             claims.setAudience(notification.getOrigin());
             claims.setExpirationTimeMinutesInTheFuture(12 * 60);
-            claims.setSubject(subject);
+            if (subject != null) {
+                claims.setSubject(subject);
+            }
 
             JsonWebSignature jws = new JsonWebSignature();
             jws.setHeader("typ", "JWT");