[aerogear-dev] Eating our own dog food, or TOTP demos for AeroGear

Bruno Oliveira bruno at abstractj.org
Thu Oct 9 16:42:32 EDT 2014 

No way, Matthias. OTP must be always offline. To retrieve the shared
secret, we scan the QR Code.

Maybe the iOS demo is doing it (have to revisit and confirm)[1].
On Android, I'm pretty much sure that QR Code scanning was already
implemented.

We don't need to be perfect, get what is already done, improve if
possible or release what is already done.

[1] -
https://github.com/aerogear/aerogear-otp-ios-demo/blob/5b23acbaf5c3cd74377efdd483b43a65befb11ee/AeroGear-OTP-Demo/AeroGear-OTP-Demo/Utilities/AGOTPClient.m#L63


On 2014-10-09, Matthias Wessendorf wrote:

> On Thu, Oct 9, 2014 at 5:26 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
>
> > On 2014-10-09, Matthias Wessendorf wrote:
> > > On Thu, Oct 9, 2014 at 4:57 AM, Bruno Oliveira <bruno at abstractj.org>
> > wrote:
> > >
> > > > Good morning,
> > > >
> > > > TOTP was implemented on AeroGear for iOS[1] and Android[2] two years
> > > > ago. On conferences most of the developers get amazed with our API.
> > > >
> > >
> > > It's always great feedback when I show the OTP demo. Attendees at
> > > conferences love it!
> > >
> > >
> > > >
> > > > Although we don't have any app published on Google Play or App Store. I
> > > > think it's time to release our demos and get some feedback from our
> > > > community.
> > > >
> > >
> > > with release, what do you mean? Submit to the stores?
> > > On Apple one reason we never submitted anything to their App Store is
> > their
> > > rules clearly indicate no demos are allowed in there.
> >
> > I understand, it can be a real and non paid app. Once it does not depends
> > on
> > internet connection at this moment.
> >
>
> isn't the iOS OTP "demo" connecting to a JAX-RS backend for the tokens?
>
>
> >
> > >
> > >
> > > >
> > > > Into this way we can exercise things like:
> > > >
> > > > - Properly store the shared secret
> > > > - Password protection with offline authentication
> > > > - If we are very confident, sync the TOTPs across authorized devices
> > > >
> > > > At the moment, we don't need to do so much once most of our demos are
> > > > already on GH.
> > >
> > >
> > > The only thing is perhaps making sure the backend part of our OTP demo is
> > > (always) up :)
> > >
> > >
> > >
> > > > I think it's just the matter of release it.
> > > >
> > > > Thoughts?
> > > >
> > >
> > > I like giving these nice demos, and their used AeroGear technology, some
> > > more love and visibility.
> > >
> > >
> > > >
> > > > [1] - https://github.com/aerogear/aerogear-otp-ios-demo
> > > > [2] - https://github.com/aerogear/aerogear-otp-android-demo
> > > >
> > > > --
> > > >
> > > > abstractj
> > > > PGP: 0x84DC9914
> > > > _______________________________________________
> > > > aerogear-dev mailing list
> > > > aerogear-dev at lists.jboss.org
> > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > > >
> > >
> > >
> > >
> > > --
> > > Matthias Wessendorf
> > >
> > > blog: http://matthiaswessendorf.wordpress.com/
> > > sessions: http://www.slideshare.net/mwessendorf
> > > twitter: http://twitter.com/mwessendorf
> >
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf

> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev


--

abstractj
PGP: 0x84DC9914

More information about the aerogear-dev mailing list