I am looking for reading resources or sample applications that can help me hammer out the following application workflow:
The client application establishes a connection to our server
The client application scans for updates on a regular interval
If an administrator has posted a new message, the new message is displayed in a widget.
I currently have 2 concerns:
I want to ensure that the monitoring service is not a major battery drain.
What is the most secure and simple method to establish the connection to retrieve data?
....There are a lot of suggestions out there... I need to know what method I should be researching over all others. Currently, all options are on the table because I have yet configure our server.
There are a lot of questions here, I'll try to give a succinct answer.
For the infrastructure I would go with HTTP REST calls to retrieve JSON data reprsenting your messages. Here is a decent link about writing an HTTP REST client for android, there are many others online.
For security, I would definitely start with SSL, but if you need to authenticate the requests I would also look at OAuth to secure you remote API.
As far as A, Have you considered using C2DM (aka "push") to trigger the updates? Then there's no client bandwidth beyond what is being used anyways for the Market/GMail/Talk connection. If you need to support Android versions below 2.2 it's not really an option at the moment, though.
Otherwise there's a few good examples of being a good citizen when polling from a widget; Jeff Sharkey's android-sky is probably the oldest, best, and most authoritative.
For B, unless I'm misunderstanding your need it's pretty hard to beat HTTPS; rolling your own "secure" transport over vanilla HTTP or anything lower-level is just asking for a disaster.
Related
I'm currently working on a library that enables QA or Developers debug network traffic in their app, we currently use OKHttp and I know how to create an interceptor and dispatch all request data to the lib. such that Developers or QA can view such data (Payload/URL/Size/Response Codes/Duration...etc), however I want to create a more generic solution that listens to HTTP traffic or even TCP traffic then take it from there, however I couldn't find a starting point, I know that this is possible since Firebase Performance is doing it, but still I couldn't find an API or anyway to listen to such traffic.
I hope that someone from Google's Firebase Performance Team shares some info about how they do it if it's not a trade-secret :)
I came across this solution: https://github.com/cyruliu/Sensitive_API_Monitor/blob/master/app/src/main/java/com/android/reverse/apimonitor/NetWorkHook.java
However it looks kinda bad with reflection, I hope to find a better way.
The short answer: It's not possible without proxying the whole device.
For OkHttp3 specifically I wrote a lib here: https://github.com/shehabic/sherlock that implements an interceptor that creates a new session every time your open your app and captures network requests, you can also have multiple session, it adds a floating icon that helps you access sessions and requests' history as well as some export capabilities, additionally it adds a secondary launcher icon that you can use to access the captures requests without interrupting the app's process.
Regarding Firebase Performance, all the magic is actually in the Firebase-Perf Gradle plugin; to simplify it, it scans through the project's code and replaces direct calls to OkHttpClient to be be proxied through their own FirebaseOkHttpClient and from there they get all the details even for https request as they become the http client.
I hope that this saves someone some time in the future.
I'm trying to create a chat application and I need a little bit of guidance. I have a login system in place which is working. The user logs in/registers and everything is stored in a mysql database on the server.I know how to handle post requests and send stuff back.I have a recyclerView that can display the messages, but my problem is as follows:
Let's say I have 2 android devices: Android1 and Android2. Android1 sends a message to Android2. The message gets stored to the server. How do I tell the server to direct that message to Android2, and how do I make Android2 receive the message.
What if Android2 was offline at that time.Do I create some sort of response from the phone to tell the server that the message wasn t delivered so it can be sent again? And now how do I program the server to send the message again?
The messages table should be something like- senderId, receiverId, message; or what's the best way of designing it?
I found out about that I can do it either by using GCM, PHP and MYSQL from here http://www.androidhive.info/2016/02/android-push-notifications-using-gcm-php-mysql-realtime-chat-app-part-1/ and also that I can use XMPP. Which approach is best? I prefer the first one because I understand it and it's easy to implement. I have no idea what's happening with XMPP. I created a windows server using firebase, but can I still use my php one somehow ? And also the connection confuses me. I have facebook login implemented. Are there any good tutorials on the xmpp+android out there. I found some, but they are unclear.
Edit: Why is this question getting down votes? What's so wrong with it?
I had to face exactly the same situation as this sometime ago. What I have found in my researches was:
Use Telegram API: telegram is a well consolidate open source app for chat messages, it handles all aspects of it, including security and all the UI stuff. Its license, although, oblies you to make your code open as well;
Use Google Cloud Message Service: GCM allows you to send push to many devices using either REST or XMPP. Even if you're using GCM you'll have to implement a lot by yourself. In my humble opinion this is the best solution;
Implement a socket to connect the clients with the app server: this will required a whole lot of work, from sync to managing the power that your app consume, I wouldn't recommend you to follow this;
Understand the basics...
Extensible Messaging and Presence Protocol (XMPP):
Is a communications protocol for message-oriented middleware based on
XML (Extensible Markup Language).1 It enables the near-real-time
exchange of structured yet extensible data between any two or more
network entities
REST:
Is an architectural style consisting of a coordinated set of
architectural constraints applied to components, connectors, and data
elements, within a distributed hypermedia system. REST ignores the
details of component implementation and protocol syntax in order to
focus on the roles of components, the constraints upon their
interaction with other components, and their interpretation of
significant data elements.4 Through the application of REST
architectural constraints certain architectural properties are
induced: Performance, Scalability, Simplicity, Modifiability,
Visibility, Portability, and Reliability.4
From above we can understand that REST and XMPP are nothing more than protocols that you might end up using in order to pass your data through the components of your architecture. XMPP is the most optimized protocol for instant message communication, however, it is a bit more complex to implement. Fortunatelly, GCM support both protocols.
A possible architecture...
An instant message app is like any other client-server App. What is crucial to them is the need to notify the clients of updates that happen in the server. To do so, you need a proper way to communicate two clients. Usually this is made through a common app server. If you decide to go with GCM approach (my suggestion), you would have the following components:
GCM App Server: Responsible to manage the token generation and forward the received message to their targets;
Custom App Server: back end of the system implemented by you;
Client: web, android or iOS device that will receive push notifications;
It all starts when client opens the app, it will then make a call directly to GCM to request a token. Once it possess a token, the device should synchronize it with Custom App Server - so it knows everybody connected to the system and how to get to them. Custom app server maintain the token information in DB. When a device wants to send a message to another one, it will send a request to the custom app server which will, by its turn, retrieve the token of the target and forward the request to GCM App Server. It will then make a push to the target.
A Real Example...
As I said, I had to do a simmilar solution as I described above. The result of my work can be found in the following repositories:
Instachat Android: contains the source code for an App that uses GCM - it looks a lot like Whats App;
Instachat Core: a back end implemented using Spring Boot;
Both apps above were tested for a single one-to-one conversation using GCM and REST protocols, however, I'm still working on that and many bugs are present but the code can be used as a reference in order to understand the proposed architecture.
Hope I could help.
You can use GCM for sending and receiving messages.
You just need to send your messages to the receiving device through GCM, it will take care of it even if the receiving device is offline.
I used socket service for chat. so, I recommend you to use socket for
that. As compare to other, it will get quick response and all that you
want.
I'm developing an android app where I would like to fetch some data (mostly text) from the internet but not necesseraly from a website! I would like to have a server that allows clients to fetch some text data. What kind of server fits my goals the best? Http or maybe simply tcp? I don't know much about http so I don't know if it matches my goals and/or if it handles well a kind of text "database".
Edit:
A use case could be: people could write comments and send them to the server. Then clients could refresh their app by fetching new comments from the server. Therefore I'M asking what kind of server could best handle services and kind offre database if needed.
I like using NodeJS in combination with ExpressJS for such purposes. This combination allows you to easily work with HTTP/HTTTPS which is allowed by practically every firewall or proxy server. As of the latter reason I recommend you to use HTTP instead of an own protocol. Furhtermore, Java offers the HTTPURLConnection client which is very easy to use. Moreover, securing traffic with TLS (SSL) is very simple. In addition, NodeJS is resource efficient, runs on Windows, Linux and even on OS X.
For getting the text you can use HTTP GET request handled by the get() method of the Express instance.
This compact tutorial helped me to get familiar with Express on NodeJS.
Without knowing what your use-case is it's difficult to make a good recommendation.
With that said you may find something like https://parse.com/ suitable.
They provide an Android sdk and the 'getting started' tutorials will have you up and running in no time at all.
Below I explained what I need and in the answer I would like to get information what technology, what kind of protocols, services etc should I use.
Also I know that there is a massive amount of information on the internet, but because there are so many choices I'm unable to make a decision. Here's what I want to have:
Android application which will sent and receive information from the internet/server
Of course server, which will do some rudimentary computation with the obtained information, then store it and at the end send it back to the client application
I have to admit that the subjects of networking, socketing, protocols, ciphering etc are the ones I've always run away from. Therefore advices such as what domains, databases etc utilize are highly welcome
Update: After a bit of a research I've implemented mechanism based on information from this site [1]. I already have a working MySql database with several tables inside. Also I've added php scripts to my Apache webspace and implemented all that's necessary within my Android app.
Now, as I understand communication between php's scripts and MySql database is safe (I've hardcoded the usr/pass within scripts). Therefore the only thing that has left to be done to secure the connection between my Android application and php scripts (I want to prevent the situation when everybody has an access to my php scripts). So my question should be pretty straightforward now, how can it be achieved?
[1] http://blog.sptechnolab.com/2011/02/10/android/android-connecting-to-mysql-using-php/
I think a simple TCP/IP connection via Sockets will do just fine for your purposes.
The lesson (with more information and some examples) from the Java-Docs can be found here.
The basic workflow is as follows:
Your Android-App opens a Socket-connection to your server on a
given port where a server-application listens.
The Android-App sends it's data (whatever that might be) to the
Server.
The Server reads the send data,
processes it,
stores it...
...then it sends back some response (maybe the computed values) to your
Android-App.
Your app can then figure out if everything went okay and use the
given data.
Answering my second question, all the php scripts has been put into directory with the password on my Apache server. To be able to trigger them I need to give this password which is hardcoded in my application. All the connection is done through HTTPS. Now everything works as planned!
This is not really a problem, more like a general X vs. Y question.
So I'm experimenting with c2dm on android using a server written in google app engine. At the moment I'm using the "App Engine Connected Android Project" as a template with some added code myself. So the generated code use RequestFactory for a bunch of stuff, like registering/unregistering devices, sending messages, etc.
My previous experiences with backend communication has existed of setting up a connection to a servlet, writing to it (json) and reading the response (json).
So here's the question:
What are the benefits (if any) with using the RequestFactory for communication with the app engine instead of just writing/reading from an URLConnection's input/outputstreams?
Or is it really just a matter of taste?
One disadvantage of request factory is that it is very slow in retrieving objects.. A custom servlet and http request are MUCH faster(10x-20x faster!).
Check out this post for more details RequestFactory slow on Android
I haven't used it myself yet, but the main benefit, as I understand it, is that it makes it really easy to authenticate against the App Engine app with your Android credentials. Doing that by hand is a bit of a pain.