[PM-16787] Web push enablement for server (#5395)

* Allow for binning of comb IDs by date and value

* Introduce notification hub pool

* Replace device type sharding with comb + range sharding

* Fix proxy interface

* Use enumerable services for multiServiceNotificationHub

* Fix push interface usage

* Fix push notification service dependencies

* Fix push notification keys

* Fixup documentation

* Remove deprecated settings

* Fix tests

* PascalCase method names

* Remove unused request model properties

* Remove unused setting

* Improve DateFromComb precision

* Prefer readonly service enumerable

* Pascal case template holes

* Name TryParse methods TryParse

* Apply suggestions from code review

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Include preferred push technology in config response

SignalR will be the fallback, but clients should attempt web push first if offered and available to the client.

* Register web push devices

* Working signing and content encrypting

* update to RFC-8291 and RFC-8188

* Notification hub is now working, no need to create our own

* Fix body

* Flip Success Check

* use nifty json attribute

* Remove vapid private key

This is only needed to encrypt data for transmission along webpush -- it's handled by NotificationHub for us

* Add web push feature flag to control config response

* Update src/Core/NotificationHub/NotificationHubConnection.cs

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* Update src/Core/NotificationHub/NotificationHubConnection.cs

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* fixup! Update src/Core/NotificationHub/NotificationHubConnection.cs

* Move to platform ownership

* Remove debugging extension

* Remove unused dependencies

* Set json content directly

* Name web push registration data

* Fix FCM type typo

* Determine specific feature flag from set of flags

* Fixup merged tests

* Fixup tests

* Code quality suggestions

* Fix merged tests

* Fix test

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

src/Core/NotificationHub/NotificationHubConnection.cs

@@ -1,11 +1,20 @@
-using Bit.Core.Settings;
+using System.Security.Cryptography;
+using System.Text;
+using System.Web;
+using Bit.Core.Settings;
 using Bit.Core.Utilities;
 using Microsoft.Azure.NotificationHubs;
 
-class NotificationHubConnection
+namespace Bit.Core.NotificationHub;
+
+public class NotificationHubConnection
 {
     public string HubName { get; init; }
     public string ConnectionString { get; init; }
+    private Lazy<NotificationHubConnectionStringBuilder> _parsedConnectionString;
+    public Uri Endpoint => _parsedConnectionString.Value.Endpoint;
+    private string SasKey => _parsedConnectionString.Value.SharedAccessKey;
+    private string SasKeyName => _parsedConnectionString.Value.SharedAccessKeyName;
     public bool EnableSendTracing { get; init; }
     private NotificationHubClient _hubClient;
     /// <summary>
@@ -95,7 +104,38 @@ class NotificationHubConnection
         return RegistrationStartDate < queryTime;
     }
 
-    private NotificationHubConnection() { }
+    public HttpRequestMessage CreateRequest(HttpMethod method, string pathUri, params string[] queryParameters)
+    {
+        var uriBuilder = new UriBuilder(Endpoint)
+        {
+            Scheme = "https",
+            Path = $"{HubName}/{pathUri.TrimStart('/')}",
+            Query = string.Join('&', [.. queryParameters, "api-version=2015-01"]),
+        };
+
+        var result = new HttpRequestMessage(method, uriBuilder.Uri);
+        result.Headers.Add("Authorization", GenerateSasToken(uriBuilder.Uri));
+        result.Headers.Add("TrackingId", Guid.NewGuid().ToString());
+        return result;
+    }
+
+    private string GenerateSasToken(Uri uri)
+    {
+        string targetUri = Uri.EscapeDataString(uri.ToString().ToLower()).ToLower();
+        long expires = DateTime.UtcNow.AddMinutes(1).Ticks / TimeSpan.TicksPerSecond;
+        string stringToSign = targetUri + "\n" + expires;
+
+        using (var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(SasKey)))
+        {
+            var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
+            return $"SharedAccessSignature sr={targetUri}&sig={HttpUtility.UrlEncode(signature)}&se={expires}&skn={SasKeyName}";
+        }
+    }
+
+    private NotificationHubConnection()
+    {
+        _parsedConnectionString = new(() => new NotificationHubConnectionStringBuilder(ConnectionString));
+    }
 
     /// <summary>
     /// Creates a new NotificationHubConnection from the given settings.