<div dir="ltr">+1 on this this is something one will need to do use the lib better to have the lib do it or at least support doing that.</div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Sep 22, 2015 at 2:48 PM, Corinne Krych <span dir="ltr"><<a href="mailto:corinnekrych@gmail.com" target="_blank">corinnekrych@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello Guys,<div><br></div><div>Revisiting OTP demo for iOS client, I've seen some improvements that could be done in the OTP lib itself. </div><div><br></div><div>1. storage of secret is done at cordova- layer [1] and [2]. It would be better to store them in a safe storage (ie: Keychain for iOS, KeyStore for Android etc...) or at least leave the option for end user. </div><div><br></div><div>2. extracting secret from URL (read from QRCode) is done on each native client demos or in Corodva layer. See [3] for iOS and [4] for Android and [5] for Cordova. What about moving this code snippet in the library itself. For ex, add a new initialiser of OTP which takes an URL.</div><div><br></div><div>Thoughts?</div><div><br></div><div>++</div><div>Corinne</div><div>[1] <a href="https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L66" target="_blank">https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L66</a></div><div>[2] <a href="https://github.com/aerogear/aerogear-cordova-otp/blob/master/src/ios/CDVAeroGearPlugin.m#L48" target="_blank">https://github.com/aerogear/aerogear-cordova-otp/blob/master/src/ios/CDVAeroGearPlugin.m#L48</a></div><div>[3] <a href="https://github.com/corinnekrych/aerogear-ios-cookbook-1/blob/AGIOS-390.otp.demo/Two-Factor/TwoFactorOTP/QRcodeCaptureViewController.swift#L76-L103" target="_blank">https://github.com/corinnekrych/aerogear-ios-cookbook-1/blob/AGIOS-390.otp.demo/Two-Factor/TwoFactorOTP/QRcodeCaptureViewController.swift#L76-L103</a></div><div>[4] <a href="https://github.com/aerogear/aerogear-android-cookbook/blob/master/Two-Factor%2Fapp%2Fsrc%2Fmain%2Fjava%2Forg%2Fjboss%2Faerogear%2Fandroid%2Fcookbook%2Ftwofactor%2FOTPDisplay.java#L69-L77" target="_blank">https://github.com/aerogear/aerogear-android-cookbook/blob/master/Two-Factor%2Fapp%2Fsrc%2Fmain%2Fjava%2Forg%2Fjboss%2Faerogear%2Fandroid%2Fcookbook%2Ftwofactor%2FOTPDisplay.java#L69-L77</a></div><div>[5] <a href="https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L106-L110" target="_blank">https://github.com/aerogear/aerogear-cordova-otp/blob/master/www/aerogear-opt.js#L106-L110</a><br></div></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr">Cheers,<div> Erik Jan</div></div></div>
</div>