Improve Web push compatibility

[p1gp1g]

RFC8030 requires:

• TTL header
• push messages to be encrypted (done with RFC8291)

UnifiedPush specifications have been updated to clarify that the push server is a web push server. Therefore, some push servers can reject requests without TTL header, or that doesn't encrypt their body.

It is possible to hack around this 2nd requirement by including the header content-encoding: aes128gcm (with a cleartext body): it can be a temporary workaround to not be rejected until this is properly implemented

[rfc2822]

RFC8030 requires: …push messages to be encrypted (done with RFC8291)

Oh no :( That's new to me. Guess you mean section 8.1?

Applications using this protocol MUST use mechanisms that provide end-to-end confidentiality, integrity, and data origin authentication.

That's bad news because I guess it would mean that we have to support Message Encryption (very cumbersome) from the beginning, even if you use it with UnifiedPush and your own trusted push server …

[p1gp1g]

The migration to encrypted notifications can be done pretty smoothly for users and developers:

• In a first time, add TTL: 86400 (a day for example) and Content-Encoding: aes128gcm headers to the nextcloud application: if a push server requires TTL and encryption, it will pass the check (content-encoding tells the body is encrypted)
• In a second time, you can implement message encryption on clients and the server. The last version (3.0.0+) of the connector library for the android applications (3.0.0 will be release this week) handles decryption transparently and fallback to the plaintext body. So all the work done after a message is received will be transparent*

* It is possible to see if the message was encrypted if you want: onMessage of the MessagingReceiver now uses the PushMessage class. You can use decrypted value to see it has fallen back to the plaintext body, if it couldn't decrypt the content. **

** The doc linked here will probably be properly release this week too.