corinnekrych corinnekrych

##Auth/Authz for iOS mobile app

You're using an external OAuth2 provider and now you're ready to implement a mobile client. Most providers choose to implement OAuth2 because it gives users a secure way to talk to their services, but more importantly, allows users to safely authorize access to their data from third-party services without giving them their credentials.

If you think security topic is hard to tackle, join me in this live coding session. We'll delve deep into OAuth2 protocol and see the challenges to overcome from a native app perspective: embedded web view vs external browser, URL schema for callback, local storage for tokens, refresh access tokens transparently...

From building a social client app for Google, Facebook or Twitter to create your own Keycloak server using different grant types, this session will cover auth and authz challenges. OAuth2 will have no secret to you!

##Bio

List of OSS sdk for iOS on OAuth/OAuth2

OAuth2Client close to what we have done (also implement confidential client) provide external and embedded web view
oauth-ios: support 100+ providers, with a phonegap plugin. Come with demo app https://github.com/oauth-io/sdk-ios-tutorial. Commercial server side
AFOAuth2Client
https://github.com/malcommac/DMTwitterOAuth 2years old, might be OAuth1 only
https://github.com/bengottlieb/Twitter-OAuth-iPhone
https://github.com/jdg/oauthconsumer
https://github.com/jaanus/PlainOAuth

Get ready: Switch to Swift!

June 2nd 2014 at WWDC, Apple gave birth to Swift: a brand new language for developing iOS and Mac apps! Much ink has been spilled since then, comparing Swift to other languages. And yes, there is some family resemblance. Statically typed, its cool type inference looks similar to ..., I love its sugar syntax like in ... And Woah Closure!

Fully compatible with Apple's native CocoaTouch APIs, no need to learn new vocabulary. Switching to Swift or discovering iOS platform is made easier than ever thanks to iOS8 REPL and Playground. Get ready to get your hands into Swift and follow me with code snippets to delve deep into the language. After this session, Swift will have no secret to you.

###OAuth2 made easy

Push once, send anywhere

One of the many challenges developers face when building mobile applications for a business backend, is notification messaging and handling. Each mobile platform offers its own proprietary notification mechanism, such as Apple's Push Notification Service (APNS), Mozilla SimplePush and Google's Cloud Messaging platform (GCM). We can realize that there is a need for a 'Unified' Push mechanism that will integrate all these mechanisms under a single entry point, offer valuable services on top such as selective sends and broadcasts and be flexible enough so it can be easily integrated in any business backend.

Come and join us, we will show you in action how AeroGear's Unified Push Project can help to 'Push' enabled your backend across discrete mobile platforms (and have fun in between!)

Notifications all over the place

Push notifications are a key feature for mobile app, allowing you to quickly reach your mobile users sending targeted information. Whether your app is running in

Let's practise OAuth2 dance !

You want to build a cool iOS app to share your photos on Twitter, Googgle+, Facebook... Tackle all the 'cool' social networks. First thing you need to do is: authenticate and authorize your app for each providers.

Good news is: there is a common protocol for that. Its little name is 'OAuth2'. Each provider comes with an iOS sdk to ease the OAuth2 dance, but of course, each has its own API.

Ouch! And what you really want is use the same API for all them. Let's see how you can implement OAuth2 protocol and provide a common API across providers. Much easier than his elder brother OAuth, we will dive into OAuth2 protocol and see the challenges of implementing it from a native app perspective.

Enterprise SSO / OAuth2 without stress

If you think security topic is hard to tackle, join me in this interactive session. This is a journey in the wolrd of SSO and OAuth2, we will see in a step by step approach how to build a complete app from server side to mobile client.

iOS 1.5 Release Tasks

Review/merge all PRs
Email AG dev with one week notice
Update podfile and test all dependant repos, runnin g unit tests on both 32 and 64 bits simulator:
AeroGear-Crypto-Demo

	<key>CFBundleURLTypes</key>
	<array>
	<dict>

	<key>CFBundleURLSchemes</key>
	<array>
	<string>org.aerogear.Shoot</string>
	<string>fb765891443445434</string>
	</array>
	</di

	GET /ProductInventory/rest/portal/products HTTP/1.1
	Host: 192.168.0.37:8080
	Accept: /
	Cookie: OAuth_Token_Request_State=15/68819f27-f4ad-40a3-838b-49145c3db71d
	User-Agent: KeycloakDemo/1 CFNetwork/711.0.6 Darwin/14.0.0
	Accept-Language: en-us
	Accept-Encoding: gzip, deflate
	Connection: keep-alive

	REQUEST:
	-------
	OST /auth/realms/product-inventory/tokens/access/codes HTTP/1.1
	Host: 192.168.0.37:8080
	Content-Type: application/x-www-form-urlencoded; charset=utf-8
	Connection: keep-alive
	Accept: /
	User-Agent: ProductInventory/1 CFNetwork/711.0.6 Darwin/14.0.0
	Content-Length: 726
	Accept-Language: en-us

	Aujourd’hui, c'est un fait: les ventes de smartphones et de tablets sont prédominantes face aux traditionnels desktops. Les applications d'entreprise se mettent au mobile.

	AeroGear est un ensemble de librairies pour le Mobile et l'Entreprise, développé par JBoss. Le focus porte sur trois domaines essentiels : Persistance, Sécurité et Connectivité. Lors de cette présentation, nous vous monterons comment les librairies AeroGear tentent de résoudre ces problèmes. Comment elles permettent aux développeurs d'accéder facilement aux composants côté serveur (endpoints REST) tout en utilisant côté client, une API commune à de multiples plates-formes mobiles telles que JavaScript/ HTML5, Android et iOS.
	Nous présenterons également le composant "Unified Push Server" qui permet de facilement mettre en place une solution de notification push cross plate-forme.