[aerogear-dev] Suggestion for some OTP improvements
Erik Jan de Wit
edewit at redhat.com
Tue Sep 22 09:45:30 EDT 2015
+1 on this this is something one will need to do use the lib better to have
the lib do it or at least support doing that.
On Tue, Sep 22, 2015 at 2:48 PM, Corinne Krych <corinnekrych at gmail.com>
wrote:
> Hello Guys,
>
> Revisiting OTP demo for iOS client, I've seen some improvements that could
> be done in the OTP lib itself.
>
> 1. storage of secret is done at cordova- layer [1] and [2]. It would be
> better to store them in a safe storage (ie: Keychain for iOS, KeyStore for
> Android etc...) or at least leave the option for end user.
>
> 2. extracting secret from URL (read from QRCode) is done on each native
> client demos or in Corodva layer. See [3] for iOS and [4] for Android and
> [5] for Cordova. What about moving this code snippet in the library itself.
> For ex, add a new initialiser of OTP which takes an URL.
>
> Thoughts?
>
> ++
> Corinne
> [1]
> https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L66
> [2]
> https://github.com/aerogear/aerogear-cordova-otp/blob/master/src/ios/CDVAeroGearPlugin.m#L48
> [3]
> https://github.com/corinnekrych/aerogear-ios-cookbook-1/blob/AGIOS-390.otp.demo/Two-Factor/TwoFactorOTP/QRcodeCaptureViewController.swift#L76-L103
> [4]
> https://github.com/aerogear/aerogear-android-cookbook/blob/master/Two-Factor%2Fapp%2Fsrc%2Fmain%2Fjava%2Forg%2Fjboss%2Faerogear%2Fandroid%2Fcookbook%2Ftwofactor%2FOTPDisplay.java#L69-L77
> [5]
> https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L106-L110
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
--
Cheers,
Erik Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20150922/5d3b0668/attachment.html
More information about the aerogear-dev
mailing list