<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">looks great!<div><br></div><div><div><div>On Jun 17, 2013, at 3:52 PM, Matthias Wessendorf &lt;<a href="mailto:matzew@apache.org">matzew@apache.org</a>&gt; wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><p style="margin-right: 0px; margin-bottom: 15px; margin-left: 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; margin-top: 0px !important; ">
Hi,</p><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">I worked a bit on the initial security, after Bruno release the 1.0.1 versions of AG-Security.</p>
<h2 style="margin: 1em 0px 15px; padding: 0px; font-size: 2em; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: rgb(238, 238, 238); font-family: Helvetica, arial, freesans, clean, sans-serif; "><a name="management-of-pushapplications-and-mobilevariants" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#management-of-pushapplications-and-mobilevariants" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Management of PushApplications and MobileVariants</h2><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">Adding a (simple)&nbsp;<em>DEVELOPER</em>&nbsp;class (just that, no&nbsp;<em>fancy</em>&nbsp;roles yet).<br>
This is powered by AG-Security and the very wellknown "login"/"logout" will be used (and soon "enroll" for new users).</p><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">
A&nbsp;<em>DEVELOPER</em>&nbsp;is allowed to create/manage PushApplications and MobileVariants (including the standard CRUD flow).</p><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">
Here is a little cURL based flow:</p><h4 style="margin: 1em 0px 15px; padding: 0px; font-size: 1.2em; font-family: Helvetica, arial, freesans, clean, sans-serif; "><a name="login" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#login" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Login:</h4>
<pre style="font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; margin-bottom: 15px; background-color: rgb(248, 248, 248); border: 1px solid rgb(221, 221, 221); overflow: auto; padding: 6px 10px; border-top-left-radius: 3px; border-top-right-radius: 3px; border-bottom-right-radius: 3px; border-bottom-left-radius: 3px; "><code style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:normal;margin:0px;padding:0px;border:none;background-color:transparent;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">curl -v -b cookies.txt -c cookies.txt
  -H "Accept: application/json" -H "Content-type: application/json"
  -X POST 
  -d '{"loginName": "admin", "password":"123"}'
<a href="http://localhost:8080/ag-push/rest/auth/login">http://localhost:8080/ag-push/rest/auth/login</a>
</code></pre><h4 style="margin: 1em 0px 15px; padding: 0px; font-size: 1.2em; font-family: Helvetica, arial, freesans, clean, sans-serif; "><a name="create-new-pushapp" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#create-new-pushapp" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Create new PushApp:</h4>
<pre style="font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; margin-bottom: 15px; background-color: rgb(248, 248, 248); border: 1px solid rgb(221, 221, 221); overflow: auto; padding: 6px 10px; border-top-left-radius: 3px; border-top-right-radius: 3px; border-bottom-right-radius: 3px; border-bottom-left-radius: 3px; "><code style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:normal;margin:0px;padding:0px;border:none;background-color:transparent;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">curl -v -b cookies.txt -c cookies.txt -v 
  -H "Accept: application/json" -H "Content-type: application/json" 
  -X POST 
  -d '{"name" : "MyApp", "description" :  "awesome app" }'
<a href="http://localhost:8080/ag-push/rest/applications">http://localhost:8080/ag-push/rest/applications</a>
</code></pre><h4 style="margin: 1em 0px 15px; padding: 0px; font-size: 1.2em; font-family: Helvetica, arial, freesans, clean, sans-serif; "><a name="create-variant-here-simplepush-for-it" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#create-variant-here-simplepush-for-it" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Create Variant (here SimplePush) for it:</h4>
<pre style="font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; margin-bottom: 15px; background-color: rgb(248, 248, 248); border: 1px solid rgb(221, 221, 221); overflow: auto; padding: 6px 10px; border-top-left-radius: 3px; border-top-right-radius: 3px; border-bottom-right-radius: 3px; border-bottom-left-radius: 3px; "><code style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:normal;margin:0px;padding:0px;border:none;background-color:transparent;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">curl -v -b cookies.txt -c cookies.txt -v 
  -H "Accept: application/json" -H "Content-type: application/json" 
  -X POST 
  -d '{"pushNetworkURL" : "<a href="http://localhost:7777/endpoint/">http://localhost:7777/endpoint/</a>"}'
<a href="http://localhost:8080/ag-push/rest/applications/{PUSH_APP_ID}/simplePush">http://localhost:8080/ag-push/rest/applications/{PUSH_APP_ID}/simplePush</a>
</code></pre><h2 style="margin: 1em 0px 15px; padding: 0px; font-size: 2em; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: rgb(238, 238, 238); font-family: Helvetica, arial, freesans, clean, sans-serif; ">
<a name="sending-push-notifications" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#sending-push-notifications" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Sending Push Notifications</h2><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">When a PushApplication is created, it will get a GENERATED&nbsp;<em>PUSH-APP-ID</em>&nbsp;(like before) and it will also have a generated&nbsp;<em>master secret</em>. For sending (NOW) you need HTTP BASIC auth against the SENDER HTTP interface:</p>
<pre style="font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; margin-bottom: 15px; background-color: rgb(248, 248, 248); border: 1px solid rgb(221, 221, 221); overflow: auto; padding: 6px 10px; border-top-left-radius: 3px; border-top-right-radius: 3px; border-bottom-right-radius: 3px; border-bottom-left-radius: 3px; "><code style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:normal;margin:0px;padding:0px;border:none;background-color:transparent;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">curl -u "{PushApplicationID}:{MasterSecret}"
   -v -H "Accept: application/json" -H "Content-type: application/json" 
   -X POST
   -d '{"key":"value", "alert":"HELLO!", "sound":"default", "badge":7,
       "simple-push":"version=123"}'

<a href="http://localhost:8080/ag-push/rest/sender/broadcast">http://localhost:8080/ag-push/rest/sender/broadcast</a>
</code></pre><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">The user is a combination of PushApplicationID:MasterSecret, hence no need to include the PushApplicationID on the URL.....</p>
<h2 style="margin: 1em 0px 15px; padding: 0px; font-size: 2em; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: rgb(238, 238, 238); font-family: Helvetica, arial, freesans, clean, sans-serif; "><a name="device-registration" class="" href="https://gist.github.com/anonymous/b82b7bb1b2d1ab36f92d#device-registration" style="color:rgb(65,131,196);text-decoration:none;display:block;padding-left:30px"><span class=""></span></a>Device Registration</h2><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">When a MobileVariant is created, it will get a GENERATED&nbsp;<em>VARIANT-ID</em>&nbsp;(like before) and it will have a generated "variant secret" (valid ONLY!!! for that variant). Now a device needs to perform HTTP basic against that server, in order to register itself:</p><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">An Android (cURL) example:</p><pre style="font-family: Consolas, 'Liberation Mono', Courier, monospace; font-size: 13px; line-height: 19px; margin-top: 15px; margin-bottom: 15px; background-color: rgb(248, 248, 248); border: 1px solid rgb(221, 221, 221); overflow: auto; padding: 6px 10px; border-top-left-radius: 3px; border-top-right-radius: 3px; border-bottom-right-radius: 3px; border-bottom-left-radius: 3px; "><code style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:normal;margin:0px;padding:0px;border:none;background-color:transparent;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">curl -u "{MobileVariantID}:{secret}"
   -v -H "Accept: application/json" -H "Content-type: application/json" 
   -X POST
   -d '{
      "deviceToken" : "someTokenString", 
      "deviceType" : "ANDROID", 
      "mobileOperatingSystem" : "android", 
      "osVersion" : "4.0.1"
    }'

<a href="http://localhost:8080/ag-push/rest/registry/device">http://localhost:8080/ag-push/rest/registry/device</a> 
</code></pre><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; ">The user is a combination of MobileVariantID:MasterSecret, hence no need to include the MobileVariantID (was a http header in the past).</p><p style="margin:15px 0px"><font face="Helvetica, arial, freesans, clean, sans-serif"><span style="font-size:15.454545021057129px;line-height:22.727272033691406px">The work lives on a branch for now:</span></font><br>
<font face="Helvetica, arial, freesans, clean, sans-serif"><span style="font-size:15px;line-height:22.71875px"><a href="https://github.com/aerogear/aerogear-unified-push-server/tree/endpoint-security">https://github.com/aerogear/aerogear-unified-push-server/tree/endpoint-security</a></span></font><br>
</p><p style="margin: 15px 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; "><br></p><p style="margin-top: 15px; margin-right: 0px; margin-left: 0px; font-family: Helvetica, arial, freesans, clean, sans-serif; font-size: 15.454545021057129px; line-height: 22.727272033691406px; margin-bottom: 0px !important; ">
FYI, the iOS SDK has been updated to reflect that:&nbsp;<a href="https://github.com/matzew/aerogear-push-ios-registration/commit/ef8001684c38144b5a8fb05abbb87d0ddf452b07" style="color:rgb(65,131,196);text-decoration:none">https://github.com/matzew/aerogear-push-ios-registration/commit/ef8001684c38144b5a8fb05abbb87d0ddf452b07</a></p>
<div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>https://lists.jboss.org/mailman/listinfo/aerogear-dev</blockquote></div><br></div></body></html>