Hi guys,

Yep, In Android land we have secret request and qrcode scan. 

1) May be is a good idea remove the secret request?

2) In related news, today we not store the secret. I think store that before publish is a good thing to do

-- Passos


On Fri, Oct 10, 2014 at 4:47 AM, Matthias Wessendorf <matzew@apache.org> wrote:


On Fri, Oct 10, 2014 at 9:00 AM, Corinne Krych <corinnekrych@gmail.com> wrote:
Same here Bruno I would like to publish Shoot, in its Swift version to apple store.

+1 that is even useful :) 
so not a "demo" at all.

Great idea!
 
We have a ticket to enhance it with an iOS photo sharing dialog. Once this one is done, let's submit.
For the app store I might limit it to Facebook and Google+, to start with.

++
Corinne

On 10 October 2014 08:48, Christos Vasilakis <cvasilak@gmail.com> wrote:
Hi,

answers inline

On Oct 9, 2014, at 11:42 PM, Bruno Oliveira <bruno@abstractj.org> wrote:

> No way, Matthias. OTP must be always offline. To retrieve the shared
> secret, we scan the QR Code.
>
> Maybe the iOS demo is doing it (have to revisit and confirm)[1].
> On Android, I'm pretty much sure that QR Code scanning was already
> implemented.
>

revisiting this, I can see indeed on iOS the shared secret is retrieved from the server and that is only the option offered. Our Android example offers both options, either from server, or using QR code scanning, so implementing the latter on our iOS demo need to be also done.

created to track it :
 https://issues.jboss.org/browse/AGIOS-289

> We don't need to be perfect, get what is already done, improve if
> possible or release what is already done.

+1 for releasing on the app store. My fear is, as Matthias said earlier, the ‘demo’ aspect, but with a nice description/walkthrough submission details, maybe there is chance.. and tbh I have seen far far simplest apps accepted on their store.


-
Christos



>
> [1] -
> https://github.com/aerogear/aerogear-otp-ios-demo/blob/5b23acbaf5c3cd74377efdd483b43a65befb11ee/AeroGear-OTP-Demo/AeroGear-OTP-Demo/Utilities/AGOTPClient.m#L63
>
>
> On 2014-10-09, Matthias Wessendorf wrote:
>
>> On Thu, Oct 9, 2014 at 5:26 PM, Bruno Oliveira <bruno@abstractj.org> wrote:
>>
>>> On 2014-10-09, Matthias Wessendorf wrote:
>>>> On Thu, Oct 9, 2014 at 4:57 AM, Bruno Oliveira <bruno@abstractj.org>
>>> wrote:
>>>>
>>>>> Good morning,
>>>>>
>>>>> TOTP was implemented on AeroGear for iOS[1] and Android[2] two years
>>>>> ago. On conferences most of the developers get amazed with our API.
>>>>>
>>>>
>>>> It's always great feedback when I show the OTP demo. Attendees at
>>>> conferences love it!
>>>>
>>>>
>>>>>
>>>>> Although we don't have any app published on Google Play or App Store. I
>>>>> think it's time to release our demos and get some feedback from our
>>>>> community.
>>>>>
>>>>
>>>> with release, what do you mean? Submit to the stores?
>>>> On Apple one reason we never submitted anything to their App Store is
>>> their
>>>> rules clearly indicate no demos are allowed in there.
>>>
>>> I understand, it can be a real and non paid app. Once it does not depends
>>> on
>>> internet connection at this moment.
>>>
>>
>> isn't the iOS OTP "demo" connecting to a JAX-RS backend for the tokens?
>>
>>
>>>
>>>>
>>>>
>>>>>
>>>>> Into this way we can exercise things like:
>>>>>
>>>>> - Properly store the shared secret
>>>>> - Password protection with offline authentication
>>>>> - If we are very confident, sync the TOTPs across authorized devices
>>>>>
>>>>> At the moment, we don't need to do so much once most of our demos are
>>>>> already on GH.
>>>>
>>>>
>>>> The only thing is perhaps making sure the backend part of our OTP demo is
>>>> (always) up :)
>>>>
>>>>
>>>>
>>>>> I think it's just the matter of release it.
>>>>>
>>>>> Thoughts?
>>>>>
>>>>
>>>> I like giving these nice demos, and their used AeroGear technology, some
>>>> more love and visibility.
>>>>
>>>>
>>>>>
>>>>> [1] - https://github.com/aerogear/aerogear-otp-ios-demo
>>>>> [2] - https://github.com/aerogear/aerogear-otp-android-demo
>>>>>
>>>>> --
>>>>>
>>>>> abstractj
>>>>> PGP: 0x84DC9914
>>>>> _______________________________________________
>>>>> aerogear-dev mailing list
>>>>> aerogear-dev@lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Matthias Wessendorf
>>>>
>>>> blog: http://matthiaswessendorf.wordpress.com/
>>>> sessions: http://www.slideshare.net/mwessendorf
>>>> twitter: http://twitter.com/mwessendorf
>>>
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev@lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>>>
>>> --
>>>
>>> abstractj
>>> PGP: 0x84DC9914
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev@lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>>
>>
>>
>> --
>> Matthias Wessendorf
>>
>> blog: http://matthiaswessendorf.wordpress.com/
>> sessions: http://www.slideshare.net/mwessendorf
>> twitter: http://twitter.com/mwessendorf
>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev@lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev

_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev