Dec.05

Building an Android App: Minutia

You’ve probably noticed that this week there hasn’t been a post each day. The reason is that as I’ve ramped up learning to build Android apps, I’ve less time for daily writing. So I’m going to adjust my writing schedule a bit. I plan to write at least three days per week – probably Tuesday, Thursday and Saturday.

Wow, so much has happened since last posted! I started learning how to build Android apps almost entirely from scratch. I knew that to write an Android app, you would be using Java and that’s about the extent of my knowledge. Since starting, I’ve investigated a number of tools and approaches. Here’s a recap of what I’ve found and completed so far. I’ve been in a spike mode, just trying to familiarize myself with the libraries and techniques.

Authentication

I knew I wanted to allow the user to log in with their Google account since, if you have an Android device, you’ll have a Google account. You’ll need to understand the oAuth protocol, at the very least on a high level, to accomplish that. You also must have a physical Android device handy for testing since Google Play is not on virtual devices (AVDs).

Twilio

I was able to configure a basic Twilio integration with a test Android application and back-end. As I outlined in this post, you’ll need to have a server than can generate a capability token (at least to do it the right way). I found that my test credentials for Twilio would allow me to call my Twilio app. I know you couldn’t call real phone numbers with your test credentials but I guess they consider your app a real phone number.

Security

One of the issues that I’ve run into is how to keep my communication with my back-end server secure. The oAuth call to Google happens over HTTPS. However, unless I have an SSL certificate for my back-end site, my communication between by app and back-end is not secure (i.e. encrypted), specifically when I pass the users access token to the back-end. One of my limitations for this project is that I’m very cash constrained so I’m trying to make the cash that I do have for the project go as far as I can. As I started to research my options, I wasn’t keen on any that I found. I didn’t want to go the route of a self-signed certificate and the hosting providers (that I have/looked at) that offer SSL certificates generally, aren’t cheap and require that you buy a certificate from them.

Eureka!

As I was researching, I found Azure Mobile Services. They have a free tier offering so I figured it wouldn’t hurt to check it out. What sold me on Mobile Services is that they have Twilio integration, Google account authentication (among a number of providers) and I don’t have to maintain a server or even a website in the traditional since. Also, they offer support to just about any mobile platform on the market today (Android, iOS, Windows 8, etc).

So basically, I don’t have to roll my own Google account authentication – I can’t introduce any bugs or weaknesses. As for Twilio, all I should have to do is translate my logic from my web application prototype to the Mobile Services scripts. The scripts are in JavaScript so that’s a win in two ways: first, I know the language but second, Twilio offers a JavaScript client library. As I build out a solution in Mobile Services, I’ll post more details with code examples.

Wow!

Have you ever worked on a project that made it feel as if your head was going to explode from all that you needed to take in? That’s were I’ve been for the past week but not that I’m complaining mind you. It actually feels good to stretch your grey matter from time to time.

Programming,Mobile,Mobile App Challenge
Share this Story:
  • facebook
  • twitter
  • gplus

About Jeremy Foltz

Leave a comment

Comment