April 2014 - aerogear-dev - Jboss List Archives

cordova hello world

by Erik Jan de Wit

How about a list that looks like this: https://www.dropbox.com/s/d8cn0xm7lfm5mts/cordova%20list%20screenshot.png

11 years, 12 months

4
6
0 / 0

Usage of gh submodule for cookbook central repo for all demos/quickstart

by Corinne Krych

Hello Guys We have started cookbook repositories for JaveScript [1], iOS [2] and Android[3]. As we go and add more features, we add demo app/recipe to them. But sometimes the demo app will not fit with the cookbook format. I think it’s still nice to have linked to it. For example, the upcoming Push-Helloworld and Push-Quickstart could be linked back to our cookbook repos. For iOS, we have links in the README file, for JavaScript it’s gh linked repos. I actually like the idea fo gh sub-repo, and I’d like to use the same or iOS cookbook. wdyt? ++ Corinne [1] https://github.com/aerogear/aerogear-js-cookbook [2] https://github.com/aerogear/aerogear-ios-cookbook [3] https://github.com/aerogear/aerogear-android-cookbook

11 years, 12 months

4
5
0 / 0

[UnifiedPush Server] Using JBoss Logging ?

by Matthias Wessendorf

Hello, right now we are using JUL for logging. That works fine, so far :-) However related projects (e.g. Keycloak / LiveOak) are using JBoss Logging. I somewhat feel that it's perhaps not a bad idea if we would use JBoss logging as well... I know there are a gazillion different Java logging frameworks out there (yikes), but my question is really: keep JUL or go with JBoss-Logging :) Thanks! Matthias -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf

11 years, 12 months

5
8
0 / 0

Passphrase encryption - round III

by Bruno Oliveira

Good morning slackland, yesterday I had a hangout with Matthias and we agreed that the whole key agreement thing would bring more complexity from the developer’s pespective. That’s the reason why the client with airline was dropped. Here comes the new proposal: https://gist.github.com/abstractj/ef1e3d53619796f4e87e # Passphrase encryption for UPS **Note**: This is NOT a replacement for SSL ## Scenario - Developers wants to upload passphrase and certificate for iOS variants. The passphrase must be stored encrypted and restored in clear while sending messages. ## Jira references - https://issues.jboss.org/browse/AGPUSH-565 (*Dropped*). After a hangout with Matthias, we agreed that would complicate the developer's workflow. - https://issues.jboss.org/browse/AGPUSH-358 ## Proposal Today we can't guarantee that our developers will have an [HSM](http://en.wikipedia.org/wiki/Hardware_security_module) to manage encryption keys. Neither we can store the private keys in a separated database, for the push server. If somehow the database is compromised, private keys could be exposed and most of the sensitive data decrypted. The suggestion is to make use of a *KDF function* per application to encrypt passphrases, not perfect, but helps (like we did in the past for password reset). Where encryption key means: ``` PK = PBKDF2(Secret Key, Salt) ``` *Secret Key*: In the ideal world, users would be required to provide a password for encryption. In this scenario we don't want them to be prompted to input the password, or add extra parameters to the UPS endpoints. So the suggestion is to provide secret key configured on the server and protected by the ACL's from the operating system *Salt*: 16 bytes non-deterministic used to encrypt/decrypt the data on the server per application and stored into the database. ![](http://photon.abstractj.org/cdraw_460528_pixels_20140404_103644_20140404_103648.jpg) ### Secret key configuration The file can be generated and checked if something exists during the application start up. - config.properties ``` secret_key = "d9eb5171c59a4c817f68b0de27b8c1e340c2341b52cdbc60d3083d4e8958532" \ "18dcc5f589cafde048faec956b61f864b9b5513ff9ce29bf9e5d58b0f234f8e3b" ``` or - config.json ``` {"secret_key":"d9eb5171c59a4c817f68b0de27b8c1e340c2341b52cdbc60d3083d4e8958532" \ "18dcc5f589cafde048faec956b61f864b9b5513ff9ce29bf9e5d58b0f234f8e3b"} ``` ### Sending push messages Passphrases must be reversible for Apple, that's why we make use of symmetric encryption here. ![](http://photon.abstractj.org/cdraw_537346_pixels_20140404_104245_20140404_104247.jpg) # REST API ## Register push app ```POST | rest/applications``` ### HTTP request Remain unchanged ### HTTP response Remain unchanged ## iOS Variant ### HTTP request Remain unchanged ### HTTP response Remain unchanged ## Sender ### HTTP request Remain unchanged ### HTTP response Remain unchanged # Clients No changes at the client side. Thoughts? -- abstractj

11 years, 12 months

3
6
0 / 0

UnifiedPush roadmap

by Matthias Wessendorf

Good morning folks! I propose the following update to the UnifiedPush Server roadmap: https://github.com/aerogear/aerogear.org/pull/293 If you have any concern, let me know! -Matthias -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf

11 years, 12 months

1
0
0 / 0

[JavaScript] UnifiedPush client lib

by Matthias Wessendorf

Hello, atm the ups.js bits need the complete URL for the device registration endpoint: UPClient = AeroGear.UnifiedPushClient(variantId, variantSecret, unifiedPushUrl + "/rest/registry/device"); The interesting part is, that the "/rest/registry/device" part is always the same (unless someone builds the server from scratch and changes all the URLs, but why should one do that?) On Android and iOS, the registration APIs, just require the "root url" (e.g. http(s)//host:port/contex). BTW. the JS bits for Cordova are following that same convention, see: http://aerogear.org/docs/guides/aerogear-cordova/AerogearCordovaPush/#_sa... I was wondering if we should do the same on the CORE-JS library ? -Matthias -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf

12 years

2
2
0 / 0

Community release checklists

by Karel Piwko

Hi, I've drafted a few checklists for QE to go through for community releases (UPS, OS Cart, Cordova Push Plugin). I've put them there: https://gist.github.com/kpiwko/9956724 Any feedback on their content is very welcomed. As for the location, I think the best way would be to put them directly into GH repositories, for instance into RELEASE.ad / RELEASE.md file, together with release process instructions (not existing yet). General testing instructions, applicable for any project, can go to aerogear-parent or aerogear-testing-tools and be crosslinked. Thoughts? Thanks, Karel

12 years

4
4
0 / 0

JS Team meet up highlights

by Lucas Holmquist

Hello, here is a little summary of some of the things the JS team discussed -Luke JS Cool Team Stuff 1.5.0 - Early May MQTT WS adapter code cleanup More Cookbook examples https://issues.jboss.org/browse/AGJS-41 UnifiedPushClient jQuery Removal we need to polyfill it - pack that into client https://github.com/jakearchibald/es6-promise 1.6.0 - Mid July Data Sync(?) stalled, conversations started again is going liveoak to work on data sync? Keycloak(?) keycloak examples mention private key in a client code 1.7.0 - Late September Offline(?) service workers? application cache is still a douchebag 2.0.0 ES6 modules(?) - transpile maybe include in 1.6/1.7 we could leverage in custom builder, possibly challenge: compatibility w/ AMD / commonjs (UMD?) No jQuery Current Road Map http://aerogear.org/docs/planning/roadmaps/AeroGearJS/ 1.5.0 JIRA’s https://issues.jboss.org/issues/?jql=project%20%3D%20AGJS%20AND%20resolut... Random Stuff 2.0 collect ideas what people might struggle with? pipelines - frameworks use usually own stuff improving documentation and getting started experience getting started with AG + particular web frameworks examples -> cookbook (complete stack) move tests to jasmine or something other than qunit(?) - not sure what the benefit could be https://issues.jboss.org/browse/AGJS-147 move docs to something other than jsdoc, ex: yui doc - not sure what the benefit could be https://issues.jboss.org/browse/AGJS-143 polymer components dataManager dataSync <push onevent="..." /> authentication buttons

12 years

2
1
0 / 0

cordova plugin release

by Erik Jan de Wit

Hi, I would like to release another version of the cordova push plugin (next week thursday), the major feature will be the new simplified API that is already on the master branch and there have already been successful builds. Releasing it will update the version to 0.0.4 and make it available on the registry, it would also provide a test for the gradle release script. Cheers, Erik Jan

12 years

7
11
0 / 0

iOS AeroGear 1.5 is out!

by Corinne Krych

Hello iOS lovers, Today is the day: we shipped release 1.5, please check out all the details: http://corinnekrych.org/2014/04/new-ios7-love-for-aerogear-libs.html Carefully crafted and tested, I’m sure you will share the love of iOS7 with us. ++ Corinne

12 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

aerogear-dev April 2014