[scootklein]

I believe the author just has a technical misunderstanding of the way APNS works. In no ways is APNS aware of accounts logged in or logged out of a service - all of this happens on the app developer's server backend. The author's case is properly laid out, but the fault is of the app developer rather than APNS. Developers should take note - this is indeed a valid race condition.

APNS is simply an exchange between a remote service (ex. Twitter) and an application that has registered for remote notifications (ex. Twitter app). APNS knows nothing more than the key that it provided to Twitter to identify this device in a remote push context.

[there]

And when an account is logged out, the app should be calling

   [[UIApplication sharedApplication] unregisterForRemoteNotifications];

which should unregister it from iOS, even if the network connection isn't available, right? If the call makes it back to Apple's servers, future push notifications shouldn't even get to the device, but even if they do, shouldn't iOS see that it's no longer valid for the application and not display it, bouncing it back to Apple's servers so the token will show up on their Feedback server? Unless I'm mistaken, unregistering for notifications will remove the application from the device's Notification Center settings.

[idunno246]

But the original owner still wants to receive push, so you shouldn't unregister. This isn't apple's problem, this is that the twitter app's server doesn't know they logged out and continues to send messages to the phone.

[there]

If you logged out of the application, it should unregister. It should only re-register when you log back in (which would require communication with Twitter's servers, which would update the APNS token to point to the correct account). This is how I handle APNS tokens in my Pushover app.

[seppo0010]

I think you are missing the point. It is a multi-user app. The first user didn't logout when the second login, both were logged in at the same time.

The _real_ solution is to wait for server acknowledge to delete the account from the phone.

[jobert]

You're right -- this is not only a problem on Apple's side, both Apple and app developers can take measurements to prevent this from happening. On Apple's side this requires fundamental changes in their (un)subscribe mechanism, but that's not likely to happen soon. Therefor, an app developer can implement best practices to ensure this doesn't happen. For example, blocking the UI with an activity indicator until the app receives OK from the APNS when firing the unregister request.