No way, Matthias. OTP must be always offline. To retrieve the shared
secret, we scan the QR Code.
Maybe the iOS demo is doing it (have to revisit and confirm)[1].
On Android, I'm pretty much sure that QR Code scanning was already
implemented.
We don't need to be perfect, get what is already done, improve if
possible or release what is already done.
[1] -
On Thu, Oct 9, 2014 at 5:26 PM, Bruno Oliveira
<bruno(a)abstractj.org> wrote:
> On 2014-10-09, Matthias Wessendorf wrote:
> > On Thu, Oct 9, 2014 at 4:57 AM, Bruno Oliveira <bruno(a)abstractj.org>
> wrote:
> >
> > > Good morning,
> > >
> > > TOTP was implemented on AeroGear for iOS[1] and Android[2] two years
> > > ago. On conferences most of the developers get amazed with our API.
> > >
> >
> > It's always great feedback when I show the OTP demo. Attendees at
> > conferences love it!
> >
> >
> > >
> > > Although we don't have any app published on Google Play or App Store.
I
> > > think it's time to release our demos and get some feedback from our
> > > community.
> > >
> >
> > with release, what do you mean? Submit to the stores?
> > On Apple one reason we never submitted anything to their App Store is
> their
> > rules clearly indicate no demos are allowed in there.
>
> I understand, it can be a real and non paid app. Once it does not depends
> on
> internet connection at this moment.
>
isn't the iOS OTP "demo" connecting to a JAX-RS backend for the tokens?
>
> >
> >
> > >
> > > Into this way we can exercise things like:
> > >
> > > - Properly store the shared secret
> > > - Password protection with offline authentication
> > > - If we are very confident, sync the TOTPs across authorized devices
> > >
> > > At the moment, we don't need to do so much once most of our demos are
> > > already on GH.
> >
> >
> > The only thing is perhaps making sure the backend part of our OTP demo is
> > (always) up :)
> >
> >
> >
> > > I think it's just the matter of release it.
> > >
> > > Thoughts?
> > >
> >
> > I like giving these nice demos, and their used AeroGear technology, some
> > more love and visibility.
> >
> >
> > >
> > > [1] -
https://github.com/aerogear/aerogear-otp-ios-demo
> > > [2] -
https://github.com/aerogear/aerogear-otp-android-demo
> > >
> > > --
> > >
> > > abstractj
> > > PGP: 0x84DC9914
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev(a)lists.jboss.org
> > >
https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >
> >
> >
> >
> > --
> > Matthias Wessendorf
> >
> > blog:
http://matthiaswessendorf.wordpress.com/
> > sessions:
http://www.slideshare.net/mwessendorf
> > twitter:
http://twitter.com/mwessendorf
>
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev(a)lists.jboss.org
> >
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
> --
>
> abstractj
> PGP: 0x84DC9914
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev