Envoyé de mon iPhone
Le Feb 26, 2014 à 11:39, Matthias Wessendorf <matzew(a)apache.org> a écrit :
On Wed, Feb 26, 2014 at 11:38 AM, Erik Jan de Wit <edewit(a)redhat.com> wrote:
> Now the Javascript can verify that the callback is a function because it’s no longer
a string and the need for a separate successHandler is overrated as you will either get
messages or your errorHandler gets invoked.
>
>
> I like the idea of passing in a function (instead of a string), for the notification
handling.
>
> However, the successHandler was meant to give feedback if registration w/ UPS was
successful or not. Should we really remove that hook ?
Well you still will get that feedback, errorHandler will be invoked when it wan’t
successful
:-) figured that out after I sent my first mail :)))
Ok , having just the error
callback make sense, let's try that !
>
> Till now all these changes can be made on the plugin, but we could take it even
further. Two things that are still platform dependent the senderId and the
variantID/secret. Now senderId is ‘known’ by UPS so why do we need to specify it here? We
could make senderId part of the response when registering a device on UPS then the client
doesn’t need to specify it and all configuration is in one place.
>
> It's optional on UPS, as only really Android clients need it. And I think
originally Luke just added the 'senderID' to UPS for having something handy
(copy/paste usage).
>
> So, I am not sure on that one, as that means we now have to enforce Android Variants
always get the senderID attribute. Could be done, yes, but I am not sure.
>
Hmm, right it’s optional then this maybe not the greatest idea
>
> That leaves variantID/secret and that is the boldest proposal. How about we make it
possible to register for an application instead for a specific variant? Then based on the
meta information (deviceType, operatingSystem and osVersion) we choose the right variant.
>
> -1
>
> we should never 'deploy' the masterSecret and the applicationID on clients.
If that information is stolen (easy on devices), you can start sending dirty assaults to
ALL the devices for that application. Same w/ all the different providers like Parse,
Stackmob etc: they all use a MasterKey/Password for the actual send. And they _highly_
recommend NOT applying that to the clients (it's easy to leak that information)
>
Right didn’t think about that, this together with the objections that Sebastien has makes
this a definite no go.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev