now that the 1.0.0-final is pretty much out for the UnifiedPush Server, i’m starting to look at the new API that Chrome apps use for sending push notifications.
the TL;DR of it is, it’s basically the same as Android now.( no more refresh tokens and access tokens and such )
So the question is, do we need to have a deprecation period on what is currently there?
The v1 of the chrome pushMessaging api has become legacy and it is recommended to use the new stuff. https://developer.chrome.com/apps/cloudMessagingV1
While i have looked to deeply, it’s possible we can use the same “Variant” structure for Chrome Apps, Since they will be using the same Network
<tldr>DEVELOPERS WILL NEVER HAVE TO WRITE ANOTHER LINE OF AUTH LOGIC
Over the weekend I tried my hand at writing a Android Account
Authenticator for KeyCloak. This lets Android manage the KeyCloak
account, fetch tokens, provide tokens to other apps etc. KeyCloak
Authenticator let's you drop your keycloak.json file into an apk and
access your KeyCloak Account with one line of code from any application
on your Android device.
Right now this is very much in the "I have an itch needing scratching"
phase. It doesn't do any robust error handling, hasn't been testing off
the golden scenario, has no integration with any of the AeroGear stuff,
etc. Take a moment to watch the Demo and look at the demo project.
Video Demo :
The Demo video uses Android's native account menu to request from the
authenticator a KeyCloak account. This launches the authenticator's
activity which will retrieve the credentials for Android and store
them. When I am back in the settings page and showing off the stored
account, this is all native Android UI and not part of the KeyCloak
When I launch the Demo application this is a separate application from
the authenticator apk. The Demo project fetches the KeyCloak account
from Android and gets its auth token. Then it makes a request to
KeyCloak's account service to fetch the user's account data.
In the demo app there are three lines of code related to auth.
final Account account = am.getAccountsByType("org.keycloak.Account");
String token = am.getAuthToken(account, "org.keycloak.Account.token",
null, null, null, null).getResult().getString(AccountManager.KEY_AUTHTOKEN);
provider.setDefaultHeader("Authorization", "bearer " + token);
The first two lines fetch the account and token from Android. The
second line attaches the account's auth token to the web request to the
So now what? I'll probably use this for my projects/demos because it
makes my work easier. Right now it doesn't have any connection to any
of the "official" projects (Again, I wrote this over the weekend to see
if I could) however it may be quite useful to someone. In the project's
README I've included a (incomplete) list of things that don't work.
Project : https://github.com/secondsun/keycloak-android-authenticator
Video Demo :
Demo Source :
>>Phone:404 941 4698
>>Java is my crack.
So i’ve decided to take today and try and add Safari Push notifications into the UPS. When i tried about a year ago, i was successful, but i had lots of duplicated code since it is very close to the iOS variant.
basically, the only real difference is that Safari notifications use the Production cert only. The other slight difference is how you send the message to the APNs service
I wondering if now is the time to start changing the variant names, so iOSVariant would become APNsVariant(or something like that).
This would also change the endpoint at which we connect from ‘ios' to ‘apns’ . Since this is sort of a breaking change, from a curl perspective, does this need to wait until a Major release?
plus this might make the current db migration stuff that is in progress more complex too
I have no problems keeping it separate, and then in a later release merging things together
Hi guys, i'm having a little trouble with an app i'm developing. Doing a
post request against an API, I receive from the server that my request is
that the API expects.
As I never had this problem before, i research the docs but did not found
the reference yet, so how can i define my request to go as application/json
Desenvolvedor IOS, Rails, RIA
TOTP was implemented on AeroGear for iOS and Android two years
ago. On conferences most of the developers get amazed with our API.
Although we don't have any app published on Google Play or App Store. I
think it's time to release our demos and get some feedback from our
Into this way we can exercise things like:
- Properly store the shared secret
- Password protection with offline authentication
- If we are very confident, sync the TOTPs across authorized devices
At the moment, we don't need to do so much once most of our demos are
already on GH. I think it's just the matter of release it.
 - https://github.com/aerogear/aerogear-otp-ios-demo
 - https://github.com/aerogear/aerogear-otp-android-demo
I need some help. I am trying to setup aerogear behind a nginx proxy
server that has ssl enabled and I am running into issues. Anytime i try to
go to /ag-push I see this in the logs
(http--10.128.93.235-8080-5) An exception or error occurred in the container
during the request processing: java.lang.RuntimeException: Unable to resolve
realm public key remotely, status = 403
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]
Does anyone have any advice or experience on how to go about setting up
aerogear behind an nginx proxy?
View this message in context: http://aerogear-dev.1069024.n5.nabble.com/setting-up-aerogear-behind-ngin...
Sent from the aerogear-dev mailing list archive at Nabble.com.
I realized that atm we don't link to our users list, a quick/urgent fix for
that is here:
That perhaps not enough! On the 'community' link we basically include the
archive of the dev list.
What should we do with that community section? How about the following
Instead of including the archive (as part of the website), we can tweak the
'community' page a bit.
E.g. we list the different options we have for users to reach out:
** links to users/dev ML subscribe page
** links to users/dev ML archives
** info on IRC
** link to our github landing page
** info on our twitter account
I think the benefit of including this on a dedicated page, makes the info
also a bit more visible, instead of just having links to ML at the footer
of our website
What are your thoughts?