Setting up a server based on GIT repository

GIT ( https://github.com/ ) now supports SSH and it is a fabulous way for administrators to keep their server machines updated with latest code from code repositories.

Present Scenario : Whenever you do a git pull using http mechanism, you have to share your credentials. When there are multiple developers/administrators (which is generally the case now), it is nightmarish doing this.

SSH Scenario : This mechanism allows you to have a machine level access instead of user level, which is an excellent way to keep and maintain code on a typical server infrastructure.

1. Navigate to directory where you would like to clone git repository
2. To generate a ssh certificate on your machine use the following command
   ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
3. Add key information generated earlier to ssh-agent using below commands
           eval "$(ssh-agent -s)"
           ssh-add ~/.ssh/id_rsa
4. Adding this new SSH key to your GitHub account
   Copy rsa by using command clip < ~/.ssh/id_rsa.pub
   Now navigate in browser to github account and click on Settings -> SSH and GPG keys.
   Paste the copied key in the new key section.
5. From gitbash prompt add below command to fetch sources to local
   git clone "git@github****/.git"
   Be sure you use SSH url here and not the https.
6.  and just do a git pull whenever you wish to pull the latest sources.

Note : I find Gitbash extremely convenient when using git on windows.

                                                    
You can download it from here GIT Download Windows

Firefox trick : Opening tabs in same window

                                                    
As a developer I love Tabbed browsing experience on browsers like Firefox and Chrome. So when a customer asked me on how he can prevent opening tabs for all the hyperlinks he clicked on, I was left puzzled.

As with life, every individual has his own preferences while browsing any web based application. Some of us like have links open in new tab, while others may consider it a major distraction and annoyance to maintain these tabs. Check below snapshot on crazy number of tabs


                                 

Luckily all browsers allow end users to control how hyperlinks should behave, if they should open the new page in same window or launch a new tab for it. If you are using Firefox, default behavior is opening new tab, but if you want to change it use below instructions.

1. Open about:config
2. Type in browser.link.open_newwindow
3. Change the value to 1 (instead of default being 3).
4. All external links would open in same tab from now onwards.

                            

Xiaomi Mi Band 2 is finally here !

Xiaomi Mi Band2 is releasing in India finally after a long delay. It would be available on Mi.Com from 27th September and on Amazon from 30th September.

Band promises some serious value for money and can give a headache to competitors like FitBit, who have tasted initial success in Indian market.

Some major features include

1. Insane Battery Life
2. Display (Welcome addition to older model)
3. Great app
4. Sleep monitor
5. Water Resistant


Xiaomi Twiiter Account

MIUI 8, 23rd August is the magical date

So Xiaomi has finally confirmed the roll out date for MIUI 8.

Some of the phones would start getting the OTA from 23rd August, if you do not check out this link to figure out if your devices is getting one

http://en.miui.com/download.html


Now if you are thinking should you go for it, my recommendation would for sure Yes. Below are some of the reasons

1. Completely build from grounds up, lot of performance enhancements

2. Feature I was in particular excited about was Second life. You can have different profiles and data and apps would be saved specifically in that space. A feature which is mostly available in phones targeting high end business executives.

3. Camera app has been updated and lot more options have been thrown in, specially video compressing and editing.

4. Redesigned notification panel.

5. Special focus on blending real time weather in various apps of phone. Weather app in itself looks cool now.

5. Visually appealing, Themes and color combinations look great.

6 Quick ball feature, basically a launcher app to get to your applications more quickly.

A major miss might be on the Operating system, one would have expected Xiaomi to finally upgrade to latest Android versions, but no luck on that.

Overall You should upgrade if your device is supported.

Getting Started with OAuth2.0 and IBM SmartCloud.

 There are several advantages of using Open Authorization 2.0 (OAuth2.0) framework for accessing resources from a server, over the more traditional ones like Basic or Form authentication, prime being the peace of mind of end user. With OAuth2.0 end users do not have to worry about sharing their credentials with a third party application allowing it to access data from main server on their behalf.                    

There are obviously other advantages like easy mingling of OAuth2.0 with other security protocols like SAML, providing granular access to resources etc., but scope of this article would be making end users secure by allowing them not to share their credentials with any third party applications.

So what's the best way for training a developer on OAuth2.0, who has experience of authentication using Basic and Form standards, show him a sample and show it's not complicated as is the normal perception.

I love the analogy which is used on IBM Smartcloud documentation page to explain OAuth2.0, here is the scenario

1. Mike asks Paul to go to the bank on his behalf.
2. Paul gives Mike his previously registered ID to submit to the Bank.
3. Mike goes to the Bank, proves his own identity, and then submits Paul's ID to register Paul as his courier.
4. Bank confirms with Mike: "Do you want to allow Paul to access your assets?"
5. As Mike trusts Paul, he agrees.
6. Bank grants a temporary code to Mike.
7. Mike passes the temporary code to Paul.
8. Paul immediately goes to the bank to submit the code because the code is short-lived
    (if Paul waits too long the code expires and the process must begin all over again).
9. Bank validates the temporary code submitted by Paul.
10. Bank issues Paul a token that lets him bypass the registration check for the next two hours.
11. Paul accesses Mike's assets. (Note: The Connections Cloud implementation of OAuth 2.0 provides unlimited access to user resources).
12. Within 2 hours, Paul must renew the token so he can continue to access Mike's assets.

As you can see, Mike never shares his banking credentials directly with Paul, instead all Paul has is a temporary token to do transactions on behalf (or impersonating) Mike. This is critical since cases of user credentials being stolen from such third party app stores is becoming all common these days, consider what would happen if the ecommerce site where you stored your card details gets hacked ?

Getting the code part of things

Application Registration
For a third party application wishing to leverage OAuth2.0 on IBM Connections Cloud, it has to register itself with I BM Connections cloud platform. It also has to provide a Callback URL while registering, this is the url where Smartcloud will redirect user to on successful authorization, so it is important to finalize this before application starts registration process.

Upon successful registration platform returns with a ClientId and Client Secret..

OAuth2.0 Dance : Process of an application leveraging OAuth2.0 is often referred to as OAuth2.0 dance.

Step One : When user tries to access Third party application, and it recognizes user is not logged in, it redirects user to the IBM Connections Cloud authorization page using a url like below

https://apps.na.collabserv.com/manage/oauth2/authorize?response_type=code&client_id=<client_id>&callback_uri=<callback_uri>

Once user enters right credentials, an explicit question is asked if user wants to allow 'third party application' to access his data on server

Step Two : IBM Connections Cloud returns with a 302, with the target value header having the value of applications callback url. It also includes a special token called Authorization token.
Here is the format used
https:///<callback-uri>?code=1236879.


Step Three : Third party application then exchanges this authorization code with access token from host server. Here is the api call it would be making

https://apps.na.collabserv.com/manage/oauth2/token?callback_uri=<callback_uri>&lient_secret=<client_secret>&client_id=<client_id>&grant_type=authorization_code&code=<authorization_code>

IBM Connections cloud then returns with access token, which application can use to make api calls on behalf of end users.

Below are some diagrams which explains the above process

 

Incase you are looking for a sample implementation look at 

1. https://github.com/OpenNTF/SocialSDK

2. https://www.youtube.com/watch?v=BW6t-WeEGs0