android - RESTfull web service using oAuth for mobile application -

-

i building application consists of 2 main parts:

  1. web application rest api.
  2. mobile application(android, iphone).

web application has database stores data users (like posts, events , similar).
mobile application uses web application's rest api access data, need kind of authentication (user must authenticate in order access/modify data).

i know done in such way mobile application provides username , password in each request towards web api, , web application authenticates username , password against database before serving request.
however, use oauth (so user can login using google, facebook, ...) , things complicated, , not sure best way this.

my first idea: mobile app sends oauth provider (for example facebook) credentials (username , password) web app, authenticates them against oauth provider. realized not ok because means user has trust site not abuse given credentials, not way done. not good

my second idea: mobile app uses web application api tell web app wants authenticate against oauth provider p. web application redirects provider p user inputs credentials. after provider p redirects web application user logged in , json successful login sent mobile app. great if not part user has input credentials manually. implemented solution , problem that, after mobile app accesses web app api json not returned first redirects done , messes up. thinking using webview inside mobile app, don't know how return webview when json sent. not sure if should pursue idea further or wrong way of doing it? maybe if problems solved

my third idea: mobile app authenticates directly against oauth provider p. if successful mobile app sends requests web app containing user information (for example userid, or user password) web app knows user is. means web app has trust mobile app given user authenticated. means web app needs sure api accessed mobile app. hardcoding special password(secret) in mobile app sent each request prove request sent mobile app.
bad side of approach have implement mobile app authentication against oauth provider each combination of (mobile os, oauth provider). not sure how secure it. think way go, improve/change? have feeling missing something. maybe good, has many work do

please tell me idea best , if there way improve them, thanks

after further research , talking of colleagues decided best option go second idea. decided handle redirects using webview (which exists both on iphone , android). webview configure in such way automatically exits when user redirected specific url on web app returns json.
decided best idea because way have implement/configure webview on mobile app while oauth logic done on web app means there less code repetition among mobile apps (android, iphone) , more extendible (i have modify 1 web app, not 2 or 3 mobile apps).


Comments

Post a Comment

Popular posts from this blog

sql - VB.NET Operand type clash: date is incompatible with int error -

-
i trying display records table named staffpresentee database using clause... i using visual studio 2010... the table design follows- .......fieldname..................datatype........allownull 1......staff_id (fk).............numeric(18,0)......yes 2.......date........................date.............no 3......present.....................char(1)..........yes note type of 2nd field date , not datetime... i want display records table have today's date int 'date' field... current query is- cmd = new sqlclient.sqlcommand("select * staffpresentee date=" & date.now.date, cn) dr = cmd.executereader for dr = cmd.executereader error "operand type clash: date incompatible int" i tried select * staffpresentee query without clause runs correctly. try putting date value in sigle quotes maybe. cmd = new sqlclient.sqlcommand("select * staffpresentee date='" & _
Read more

SVG stroke-linecap doesn't work for circles in Firefox? -

-
i've got problem svg stroke-linecap attribute. i've got circular progress bar in angularjs , set outer circle (blue one) have rounded "ends". @ fiddle . <svg ... height="130" width="130"> <!-- ngif: background --> <circle ... ng-if="background" fill="#fff" class="ng-scope" stroke-width="13" stroke="#cc3399" r="57.5" cy="65" cx="65" stroke-linecap="round" /> <!-- end ngif: background --> <circle ... fill="none" stroke-dashoffset="36.12831551628261" stroke-dasharray="361.28315516282623" stroke-width="13" stroke="#432db3" stroke-linecap="round" r="57.5" cy="65" cx="65" transform="rotate(-89.9, 65, 65)" /> </svg> how can that?
Read more

python - TypeError: Scalar value for argument 'color' is not numeric in openCV -

-
here code im = cv2.imread('luffy.jpg') gray = cv2.cvtcolor(im,cv2.color_bgr2gray) ret,thresh = cv2.threshold(gray,127,255,0) contours,h = cv2.findcontours(thresh,cv2.retr_tree,cv2.chain_approx_simple) cnt in contours: moment = cv2.moments(cnt) c_y = moment['m10']/(moment['m00']+0.01) c_x = moment['m01']/(moment['m00']+0.01) centroid_color = im[c_x,c_y] centroid_color = np.array((centroid_color[0],centroid_color[1],centroid_color[2])) print type(centroid_color) cv2.fillpoly(im,cnt,centroid_color) i getting error on last line try , pass centroid_color color argument. <type 'numpy.ndarray'> , have been able pass data type cv2.fillpoly color in other instances, not sure why having problem here. fillpoly() expects iterable, i.e. put cnt in brackets. believe duplicate of https://stackoverflow.com/a/17582850/5818240 . moreover, centroid color variable contains strings. need convert them i
Read more