February 2015 - aerogear-dev - Jboss List Archives

Easy access to security related documentation

by Bruno Oliveira

Good morning, I would like to suggest a new structure to all the documents related with security. We have a great content on aerogear.org, at the same time, hard to find. Because some items are located at guides sections, others can be found at specs section. That said I would like to suggest the following section under "guides" section. - Security - Cryptography (Include a documentation revamped and revisited), usage instructions and etc - Authentication and Authorization - Client - Using OAuth2 with Android - Using OAuth2 with iOS - Using OAuth2 with JavaScript - Server - How to setup the server and references to Keycloak I don't want to drop any documentation already done, only to revisit, organize and improve. Thoughts? -- abstractj PGP: 0x84DC9914

11 years, 1 month

4
3
0 / 0

Post for jboss blog

by Andres Galante

I wrote this for joboss blog: https://gist.github.com/andresgalante/32485438e2c64f2127ba I wanted to share before I send it in case someone has a few minutes to read it and send feedback. Thanks! Andrés

11 years, 1 month

5
7
0 / 0

Archive & forum for aerogears-users mailing list on Nabble

by Lukáš Fryč

Hey guys, I've setup a new Nabble forum as an archive and forum for aerogears-users, as it may be sometimes more convenient for searching & posting. You will find it here: http://aerogear-users.1116366.n5.nabble.com/ Happy posting! ~ Lukas

11 years, 1 month

1
0
0 / 0

iOS SDK for OAuth2

by Bruno Oliveira

Good morning, I was reviewing our SDK for iOS and I have few questions: 1. For example at Shoot app. Why our users have to configure to insert the app ID at Shoot-Info.plist and also insert the same app ID at ViewController? I was just wondering that once the app ID is informed, you don't need to inform it again. 2. We have a note: "Because this demo securely stores OAuth2 tokens in your iOS keychain, we chosen to use WhenPasscodeSet policy as a result to run this app you need to have your passcode set" I think that's amazing, but at the same time we instruct our devs, to insert the client secret hard coded into the app. Something like: let facebookConfig = FacebookConfig( clientId: "XXXXXX", clientSecret: "42", scopes:["photo_upload, publish_actions"]) Doing the reverse engineering of the app, would permit me to get the secret and mimic your FB app. So I would like to remove the need to input the same information twice and encrypt the client secret using password based encryption. Let me know what do you think and I will start to file Jiras to myself. Note: This is not an issue specific to iOS. All the projects will get the same love and feedback. -- abstractj PGP: 0x84DC9914

11 years, 1 month

2
2
0 / 0

Chrome Push Messages

by Lucas Holmquist

Hello, now that the 1.0.0-final is pretty much out for the UnifiedPush Server, i’m starting to look at the new API that Chrome apps use for sending push notifications. the TL;DR of it is, it’s basically the same as Android now.( no more refresh tokens and access tokens and such ) So the question is, do we need to have a deprecation period on what is currently there? The v1 of the chrome pushMessaging api has become legacy and it is recommended to use the new stuff. https://developer.chrome.com/apps/cloudMessagingV1 While i have looked to deeply, it’s possible we can use the same “Variant” structure for Chrome Apps, Since they will be using the same Network wdyt? -Luke

11 years, 1 month

5
14
0 / 0

Team meeting

by Daniel Bevenius

Agenda: http://oksoclap.com/p/aerogear-team-mgt-20150202

11 years, 1 month

2
1
0 / 0

Announcing iOS "Swift" SDK v2.1

by Christos Vasilakis

Hi AeroGear community, we are happy to announce the next versions of our iOS Swift libraries. Here are few of new features introduced in each respective lib: • aerogear-ios-jsonsz <https://github.com/aerogear/aerogear-ios-jsonsz> (new) A newly introduced library which will take care the cumbersome plumbing required when performing JSON serialization back and forth from your Swift object model. Check out the documentation <https://aerogear.org/docs/guides/aerogear-ios-2.X/JsonSZ/> for an overview as well as our Buddies <https://github.com/aerogear/aerogear-ios-cookbook/tree/0.2.0/Buddies/> cookbook for example usage. • aerogear-ios-http <https://github.com/aerogear/aerogear-ios-http> We added the ability to perform basic/digest authentication when performing REST requests. Check out the HTTP Basic/Digest authentication support section <https://aerogear.org/docs/guides/aerogear-ios-2.X/HttpLib/#_http_basic_di...> in our library documentation <https://aerogear.org/docs/guides/aerogear-ios-2.X/HttpLib/> as well as our Authentication cookbook <https://github.com/aerogear/aerogear-ios-cookbook/tree/0.2.0/Authentication> for an example usage. Remember to prefer HTTPS over plain HTTP when performing authentication of this type! • aerogear-ios-oauth2 <https://github.com/aerogear/aerogear-ios-oauth2> Continuing the development of our OAuth2 library, OpenID Connect support was added to the library in the form of a login request. Check out the Login using OpenID Connect section <https://aerogear.org/docs/guides/aerogear-ios-2.X/Authorization/#_login_u...> in our library documentation <https://aerogear.org/docs/guides/aerogear-ios-2.X/Authorization/> as well as our SharedShoot <https://github.com/aerogear/aerogear-ios-cookbook/tree/0.2.0/SharedShoot> cookbook example that logins to KeyCloak server using OpenID connect for an example usage. Further, Corinne blog posts here <http://corinnekrych.blogspot.com/2014/11/oauth2-for-android-and-ios-with-...> and here <http://corinnekrych.blogspot.com/2014/10/aerogear-with-keycloak-oauth2-fr...> give more information regarding our OAuth2 implementation and is highly recommended if you are interested in the subject. • aerogear-ios-httpstub <https://github.com/aerogear/aerogear-ios-httpstub> Stubbed responses from the local file system can be used instead of coding them in your code. This will make easier to stub responses, especially big ones and be much ‘closer’ to the reality. Checkout out Stubbed response loaded from a file <https://aerogear.org/docs/guides/aerogear-ios-2.X/HttpStub/#_stubbed_resp...> section in our library documentation <https://aerogear.org/docs/guides/aerogear-ios-2.X/HttpStub> for example usage as well as our tests <https://github.com/aerogear/aerogear-ios-httpstub/blob/master/AeroGearHtt...>. Last, this release introduces Cocoapod support for our libraries. Although Cocoapod hasn’t yet officially support ‘Swift’, that is planned for the next 0.36 release, a branch on the project is working on it and already looks solid enough with many Swift libraries starting to adopt. Just make sure to install the 'pre' release version of cocoapods (Check the Cocoapods blog <http://blog.cocoapods.org/Pod-Authors-Guide-to-CocoaPods-Frameworks/> for more information). What's next? We are currently focusing most of our efforts on providing sync support. Already work has been started <https://github.com/aerogear/aerogear-ios-sync> so expect more in-this front in the coming months. If you are interested in mobile-sync that is the perfect time to join us, we will be happy to know your thoughts and suggestions. Interesting things ahead of us..! So, give the libraries and demos a spin and let us know what you think! Have fun! AeroGear iOS team

11 years, 1 month

2
1
0 / 0

iOS push error

by Matthias Wessendorf

Hi Harini, I opened a new thread for this to make it easier to follow up on this subject. I just tested my Push Server and iOS just worked fine. Here are a few questions: * Did you upload the correct .p12 file for the iOS variant? * Or did you replace a development cert with a production cert ? * Did it work a few days ago? * Did you try to reboot the instance via the openshift UI ? Thanks, Matthias On Tue, Jan 27, 2015 at 1:08 PM, Sekar, Harini <harini.sekar(a)rntbci.com> wrote: > Hi guys, > > Have deployed the aerogear in openshit and push notification for IOS is > not working > Error : > reason: Error sending payload to APNs server: > sun.security.validator.ValidatorException: No trusted certificate found > > please help me sort this out > > Thanks & Regards > Harini S > > -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf

11 years, 1 month

3
24
0 / 0

Amazon Device Messaging (ADM) support on UPS

by Sebastien Blanc

Hi Folks, I've just submitted a PR to support ADM (Amazon Device Messaging) on UPS[1] , yay ! A few notes : - The Java ADM connector is also managed by AeroGear [2], it's not yet on Maven Central, so you will need to clone it and build it - The Client SDK (and updated Cordova Plugin) is not yet available but to make this PR testable, we have adapted a Cordova App that Amazon use as sample to show ADM, this fork will register with UPS [3], this app contains also all the instructions to get started - About the client SDK, FireOS (Amazon's OS) is almost "just" Android, so we should be able to reuse most of our Android Lib [4], we jsut need to remove the GCM part and use the ADM library instead. I will start work on that today and ping our Android gods to see which is the best way to do that. So anyone who has a Amazon Tablet, please give it a shot and report on the PR ! Have fun ! Sebi [1] https://github.com/aerogear/aerogear-unifiedpush-server/pull/480 [2] https://github.com/aerogear/java-adm [3] https://github.com/sebastienblanc/adm-cordova-sample

11 years, 1 month

2
1
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

aerogear-dev February 2015