Release blog posts
by Jay Balunas
Hi All,
There are lots of blog posts that are TBD for the release, and it might be good to have a thread specifically for us share our blog posts for feedback, reviews, consistency, etc...
As you guys get drafts of your blogs ready lets use this thread to share the links to the gists, PRs, etc...
Sound good?
-Jay
10 years, 11 months
PHP SDK Updates
by Tommy McCarthy
Hello everyone!
I know you're all excited about the PHP SDK (I saw the slide on the webinar!), and I wanted to share with you all some updates and solicit feedback.
The code is available here: https://github.com/tmccarthy9/aerogear-unified-push-php-client
With my latest commits since the first push, I have added a few things. There is now a /webapp/ directory which has a nifty HTML form that allows for broadcast or selected send (showing only the necessary options depending upon user selection.) To interface with that is processForm.php, which parses the HTML post data and sends it into the SenderClient object. It then displays the HTTP response and body. This combination was suggested by Sebastien to show off how it can be used in "the real world".
I've also cleaned up the code a bit in all my files to conform a bit more.
There's another specific question I'd like to address the mailing list. Sebastien mentioned utilizing a Builder design pattern for the SenderClient, ala the Java client we currently have. I wanted to see whether you could give me some advice on how to go about doing this, if it's necessary or helpful.
Tommy
10 years, 11 months
Small changes on AeroGear Security build
by Bruno Oliveira
Hi peeps, just to let you know I automated snapshot deployments on
Travis, so if you want the very very fresh copy of:
- AeroGear Security, AeroGear Security PicketLink or OTP
Just grab the snapshots. Don't you know how to do it? I added a section
into the README file for each project.
--
abstractj
10 years, 11 months
aerogear site restyle
by Corinne Krych
Hello All,
We've been talking about redesigning our aerogear.org web site. Hylke has done a great design job. Now, we 'just' want to make it responsive.
Out of several proposals:
1. use bootstrap (current version of our site) and apply our custom design
2. use topcoat css and apply our custom design
3. use HTML5 boilerplate and apply our custom design and make it responsive
I initially started with option 1, which might be overkill for a static site.
Tried option 2, but here too, it seems overkill so ended with option 3.
Using a blank page, I worked on Home page reapplying Hylke css but:
- removing maximun-scale=1.0 because we want to let people zoom if they wish,
- replacing 'px' unit to use 'em',
- centred logo images,
- making sure width is right otherwise you get screw up with iPhone rotate
- adding media queries (only 2 breakpoints for now, but need to be adjusted with devices tests and your feedbacks)
The main points to sort out for UX design is the menu bar and the footer.
To me, footer is too huge, even on desktop, could we remove news?
For the menu, it looks fine on tablets format but on phone, it's not really accessible. So I implemented topcoat swipe menu using CSS3 transform. Is it UX friendly? wdyt?
Feedback welcome,
Work in progress in https://github.com/corinnekrych/aerogear.org/tree/AEROGEAR-1285
++
Corinne
10 years, 11 months
Testing scenarios for Authorization/Authentication
by Bruno Oliveira
Good morning all, on the last week I promised to Karel some scenarios to
improve our integration tests on Unified Push server. There we go with cUrl:
# Login with the default credential on push server and verify if the
server will return HTTP 403
curl -v -b cookies.txt -c cookies.txt \
-H "Accept: application/json" -H "Content-type: application/json" \
-X POST -d '{"loginName": "admin", "password":"123"}' \
http://localhost:8080/ag-push/rest/auth/login
# Try to change the password providing a wrong old password and the
server MUST return HTTP 401 (This is the fix provided on PicketLink
beta7 and a good reason to update all projects on AeroGear).
curl -v -b cookies.txt -c cookies.txt \
-H "Accept: application/json" -H "Content-type: application/json" \
-X PUT -d '{"loginName": "admin", "password":"meh",
"newPassword":"ahoy"}' \
http://localhost:8080/ag-push/rest/auth/update
# Try to change the password providing a correct old password and the
server will return HTTP 200
curl -v -b cookies.txt -c cookies.txt \
-H "Accept: application/json" -H "Content-type: application/json" \
-X PUT -d '{"loginName": "admin", "password":"123",
"newPassword":"ahoy"}' \
http://localhost:8080/ag-push/rest/auth/update
# Try to login with incorrect credentials and the server must return
HTTP 401
curl -v -b cookies.txt -c cookies.txt \
-H "Accept: application/json" -H "Content-type: application/json" \
-X POST -d '{"loginName": "admin", "password":"123"}' \
http://localhost:8080/ag-push/rest/auth/login
# Try to login with correct credentials and the server must return HTTP 200
curl -v -b cookies.txt -c cookies.txt \
-H "Accept: application/json" -H "Content-type: application/json" \
-X POST -d '{"loginName": "admin", "password":"ahoy"}'
http://localhost:8080/ag-push/rest/auth/login
Let me know if I missed something.
--
abstractj
10 years, 11 months
AeroGear Security releases and updates
by Bruno Oliveira
Good morning peeps, I would like to give to you a heads up to avoid any
kind of confusion (sorry for the long e-mail). If you are too lazy to
read the whole e-mail here is the TL;DR:
Don't make use of AeroGear Security PicketLink 1.1.2/1.2.0 because they
have critical bugs. Use the snapshot release 1.2.1-SNAPSHOT.
Some weeks ago AeroGear Security 1.2.0 was released with PicketLink Beta
6, Before the released I tested it against AeroGear Controller demo and
couldn't find any issue.
Changelog
- AeroGear Security 1.2.0
* [7743790] - Formatting
* [85805a4] - POJO is an acronym, should be uppercase
* [ee0f8fb] - mention Apache Shiro and Hawk
* [b65e403] - bump up to 1.2.0
* [a177956] - Adding unit tests for empty passwords and certificates
* [7d7e6ed] - [maven-release-plugin] prepare for next development iteration
* [c1f8aee] - [maven-release-plugin] prepare release 1.2.0
- AeroGear Security PicketLink 1.2.0 (PL beta6)
* [3d1407a] - [maven-release-plugin] prepare for next development iteration
* [10b05d7] - [maven-release-plugin] prepare release 1.2.0
* [7c1001f] - Merge branch 'AGSEC-93'
* [1d84d7d] - Fixing unit tests and ignoring some methods
* [93ce3f2] - Display the correct OTP login name
* [98b444f] - Bump up to PicketLink beta6
After the released we found some compatibility issues with the push
server and also security issues, so we had to keep the Unified push
server stable and for this reason was created a branch '1.1.x' on
AeroGear Security and released 1.1.2 with PicketLink Beta 5.
Changelog
- AeroGear Security 1.1.2
* [86f1a3c] - [maven-release-plugin] prepare for next development iteration
* [271d52e] - [maven-release-plugin] prepare release 1.1.2
* [4851dc7] - Equate API release with ag-sec PL to prevent Broken APIs
* [df99702] - Merge branch 'password_reset' into 1.1.x
* [60b5d1f] - Grab the HTTP status provided by AG Exception
* [138ac22] - Message and HTTP status to credential already expired
* [29e6ca2] - Exception handling for AeroGear messages
* [475ecea] - Some Javadoc would be nice
* [6ee19ae] - Inclusion of contracts to revoke roles
* [d8afc7d] - Formatting
- AeroGear Security PicketLink 1.1.2
* [091ef0f] - [maven-release-plugin] prepare for next development
iteration
* [c4c0199] - [maven-release-plugin] prepare release 1.1.2
* [79abc3c] - Switch to the correct version of AGSec API
* [d0e80b0] - Merge branch 'password_reset' into 1.1.x
* [8c69551] - Validate if credential has expired
* [6eda9ae] - Credential matcher
* [9df4cc6] - Validate provided credentials and reset password if
credentials are valid or already expired
* [24ddf34] - Extracting password validation to the credential matcher
* [ffc70fd] - Make travis happy with snapshot repository
* [bd44bb3] - Update the snapshot release from AGSec
* [387e2c2] - Optimizing imports
* [a7719f9] - Inclusion of a method to revoke roles to the specified
user and avoiding a bunch of conditional statements at developers side
* [b38185a] - Formatting
* [757238c] - Parent POM
* [ac321a6] - Bump up to the snapshot release
* [4d9e397] - Validate the password expiration
* [22e1b7e] - Preparing to release 1.1.1
* [d0e339a] - Merge branch 'AGSEC-75'
* [4d98c9b] - Fixes NPE from PicketLink when some role can't be found
Today PicketLink Beta7 was released
(http://lists.jboss.org/pipermail/security-dev/2013-August/001415.html)
with the security fixes based on team's feedback and I already deployed
AeroGear Security 1.2.1 on snapshots.
Changelog
- AeroGear Security
* [f1900fe] - Removing any dependencies on Resteasy
- AeroGear Security PicketLink
* [393a810] - Update to PicketLink 2.5.0 Beta7
* [829ff1a] - Bump up to snapshot release from PicketLink
* [99cd2e5] - Fixes the API compatibility broken by PL
The PicketLink API has changed a lot since Beta5 and some projects
already received my PR:
- https://github.com/aerogear/aerogear-unified-push-server/pull/72
- https://github.com/aerogear/aerogear-controller-demo
Thanks for your patience and time reading it, 1.2.1 will be released on
the next week after some feedback.
--
abstractj
10 years, 11 months
