On Tue, Mar 11, 2014 at 12:32 PM, Matthias Wessendorf <matzew@apache.org> wrote:



On Tue, Mar 11, 2014 at 12:17 PM, Bruno Oliveira <bruno@abstractj.org> wrote:
I will start to file Jiras, but answers inline.

great
 

--
abstractj

On March 11, 2014 at 3:17:01 AM, Matthias Wessendorf (matzew@apache.org) wrote:

> >
> > Yes if that makes sense to the others like Android variants. And no if we
> > just want to use it with iOSVariant, into this case that would apply only
> > for iOS applications.
> >
>
> Perfect!
>
> It does make sense on the 'root' PushApplication. That way other variant
> types can benefit from it as well. I think we can(should?) also encrypt the
> Google API-Key value. And future variants (other networks) will benefit in
> this case as well

+1
>
>
> >
> > Currently:
> >
> > curl -3 -v -b cookies.txt -c cookies.txt
> > -i -H "Accept: application/json" -H "Content-type: multipart/form-data"
> > -F "certificate=@/Users/matzew/Desktop/MyProdCert.p12"
> > -F "passphrase=TopSecret"
> > -F "production=true" // make sure you have Production certificate and
> > Provisioning Profile
> >
> > -X POST https://SERVER:PORT
> > /CONTEXT/rest/applications/{pushApplicationID}/iOS
> >
> >
> > Proposed:
> >
> >
> > curl -3 -v -b cookies.txt -c cookies.txt
> > -i -H "Accept: application/json" -H "Content-type: multipart/form-data"
> > -F "certificate=@/Users/matzew/Desktop/encrypted-cert.blah"
> > -F "passphrase=schwarzenegger"
> > -F "production=true" // make sure you have Production certificate and
> > Provisioning Profile
> >
> > -X POST https://SERVER:PORT
> > /CONTEXT/rest/applications/{pushApplicationID}/iOS
> >
> > Where encrypted-cert.blah and "Schwarzenegger" are encrypted data.
> >
>
> Ok, so the encrypted data is being uploaded by the user of the UPS, right ?
> and hence, no more a direct upload of the plain certificate and the plain
> passphrase.
> That means there is an extra step for the user, if I see it correct.
>
> having an extra step for the API to create the (iOS) variant is fine, let's
> make sure it's a somewhat simple step for our users, which hopefully than
> does not need too much extra steps in the documentation :-)

I will think about how to make it less painful to our devs


awesome! 

I think it can be completly transparent for the user no (at least in the admin console) ? Retrieving the PK and encrypting can be done "under the hood" while keeping the same UI Flow  , no ? 
 

>
>
>
> > Makes sense?
> >
>
> Yes, I think :-)
> Thanks!
>
> -Matthias
>
>
> >
> > >
> > >
> > > >
> > > > Does it make sense to you?
> > > >
> > >
> > > Somewhat - not sure I fully understood :)
> > >
> > >
> > > >
> > > > --
> > > > abstractj
> > > >
> > > > JBoss, a division of Red Hat
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > aerogear-dev mailing list
> > > > aerogear-dev@lists.jboss.org
> > > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> > >
> > >
> > >
> > >
> > > --
> > > Matthias Wessendorf
> > >
> > > blog: http://matthiaswessendorf.wordpress.com/
> > > sessions: http://www.slideshare.net/mwessendorf
> > > twitter: http://twitter.com/mwessendorf
> > > _______________________________________________
> > > aerogear-dev mailing list
> > > aerogear-dev@lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> >
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev