Integrating consumers IoT devices into Business WorkflowYakov Fain
From the software development perspective IoT is about programming "things", connecting them with each other and integrating them with existing applications. This presentation will demonstrate how IoT-enabled devices from multiple manufacturers can be integrated into a workflow of a business application. You'll see a live demo of using commercial consumer devices as a part of an application that utilizes such technologies such as REST API, OAuth, Websockets, and Java. This presentation will give you an idea of how to go about integration of new devices as they become available on the market.
Integrating consumers IoT devices into Business WorkflowYakov Fain
From the software development perspective IoT is about programming "things", connecting them with each other and integrating them with existing applications. This presentation will demonstrate how IoT-enabled devices from multiple manufacturers can be integrated into a workflow of a business application. You'll see a live demo of using commercial consumer devices as a part of an application that utilizes such technologies such as REST API, OAuth, Websockets, and Java. This presentation will give you an idea of how to go about integration of new devices as they become available on the market.
Introduction to angular with a simple but complete projectJadson Santos
A simple front end project with angular. Its show how to create your first components, include bootstrap templates, create routes and build the project to production.
This presentation is an effort to combine all the cool features present in Angular and provide a basic idea about how it would help a developer overcome some of the common issues faced in client side development.
What is AngularJS
AngularJS main components
View / Controller / Module / Scope
Scope Inheritance.
Two way data binding
$watch / $digest / $apply
Dirty Checking
DI - Dependence Injection
$provider vs $factory vs $service
Learn all the essentials of building Angular 2 applications right here.
https://www.udemy.com/angular-2-training/?couponCode=UANGULAR2
This is a beginner level course aimed at those new to Angular 2 and Typescript. No previous knowledge of either is required before starting this course.
This course combines slides, projects and quizzes in a clear, concise and engaging way to guide you through the core concepts of Angular 2 and Typescript.
You will gain a solid foundation for building real-world applications following best practices and the Angular 2 style guide. This includes how to build components, create shared services, navigate between views, manage data, and managing user and system events.
These are the presentation slides demonstratingseven versions of the UI of same HTML5 application using various libraries and frameworks. This application is described in detail in the O'Reilly book "Enterprise Web Development"
Tech Webinar: Angular 2, Introduction to a new frameworkCodemotion
Fabio Biondi e Matteo Ronchi ci presentano AngularJS 2, analizzando la nuova sintassi per la creazione di componenti che ora assumono un ruolo fondamentale all’interno del framework.
Iscriviti qui per partecipare ad altri Tech Webinar: http://goo.gl/iW81VD
Scrivici a training@codemotion.it
Tw: @codemotionTR
"Angular 2: core concepts" by Fabio Biondi, Matteo Ronchi.
Angular 2 risolve problematiche e lacune della precedente versione, prestando particolare attenzione alle performance, al supporto mobile e alla qualità e leggibilità del codice prodotto. In questo talk verranno illustrate le funzionalità più significative tra cui: - nuova architettura totalmente orientata ai componenti - rimozione di $scope e del dirty checking ($digest) - adozione di un flow unidirezionale - utilizzo di Typescript, ES6 o ES5 - completa rivisitazione del motore di Dependency Injection - nuove procedure per il bootstrap dell’applicazione.
Angular elements - embed your angular components EVERYWHERENadav Mary
My lecture about angular elements, a new feature released in angular version 6 which allows us to transform angular components into custom elements and use them outside angular's scope.
ForwardJS 2017 - Fullstack end-to-end Test Automation with node.jsMek Srunyu Stittri
Slide deck for ForwardJS 2017 in San Francisco - March 1st 2017
https://forwardjs.com/schedule#lecture-224
Airware builds hardware, software and cloud for commercial drones. We have transitioned to Node.js for cloud functional test automation in 2015. The purpose of this is to unite Fullstack developers and Automation engineers to speak in the same language which is JavaScript. With a year worth of lessons learnt, we will share the challenges involved with building a full-stack test automation framework with Node.js while using the latest and greatest in JavaScript tools.
Top 7 Angular Best Practices to Organize Your Angular AppKaty Slemon
Learn about Angular best practices to improve the performance of your existing Angular application. Tried and tested clean code checklist for your Angular app.
How to Implement Basic Angular Routing and Nested Routing With Params in Angu...Katy Slemon
Here’s a step-by-step guide to developing an Angular application from scratch with Basic Angular Routing and Nested Routing with params in Angular v11.
Introduction to angular with a simple but complete projectJadson Santos
A simple front end project with angular. Its show how to create your first components, include bootstrap templates, create routes and build the project to production.
This presentation is an effort to combine all the cool features present in Angular and provide a basic idea about how it would help a developer overcome some of the common issues faced in client side development.
What is AngularJS
AngularJS main components
View / Controller / Module / Scope
Scope Inheritance.
Two way data binding
$watch / $digest / $apply
Dirty Checking
DI - Dependence Injection
$provider vs $factory vs $service
Learn all the essentials of building Angular 2 applications right here.
https://www.udemy.com/angular-2-training/?couponCode=UANGULAR2
This is a beginner level course aimed at those new to Angular 2 and Typescript. No previous knowledge of either is required before starting this course.
This course combines slides, projects and quizzes in a clear, concise and engaging way to guide you through the core concepts of Angular 2 and Typescript.
You will gain a solid foundation for building real-world applications following best practices and the Angular 2 style guide. This includes how to build components, create shared services, navigate between views, manage data, and managing user and system events.
These are the presentation slides demonstratingseven versions of the UI of same HTML5 application using various libraries and frameworks. This application is described in detail in the O'Reilly book "Enterprise Web Development"
Tech Webinar: Angular 2, Introduction to a new frameworkCodemotion
Fabio Biondi e Matteo Ronchi ci presentano AngularJS 2, analizzando la nuova sintassi per la creazione di componenti che ora assumono un ruolo fondamentale all’interno del framework.
Iscriviti qui per partecipare ad altri Tech Webinar: http://goo.gl/iW81VD
Scrivici a training@codemotion.it
Tw: @codemotionTR
"Angular 2: core concepts" by Fabio Biondi, Matteo Ronchi.
Angular 2 risolve problematiche e lacune della precedente versione, prestando particolare attenzione alle performance, al supporto mobile e alla qualità e leggibilità del codice prodotto. In questo talk verranno illustrate le funzionalità più significative tra cui: - nuova architettura totalmente orientata ai componenti - rimozione di $scope e del dirty checking ($digest) - adozione di un flow unidirezionale - utilizzo di Typescript, ES6 o ES5 - completa rivisitazione del motore di Dependency Injection - nuove procedure per il bootstrap dell’applicazione.
Angular elements - embed your angular components EVERYWHERENadav Mary
My lecture about angular elements, a new feature released in angular version 6 which allows us to transform angular components into custom elements and use them outside angular's scope.
ForwardJS 2017 - Fullstack end-to-end Test Automation with node.jsMek Srunyu Stittri
Slide deck for ForwardJS 2017 in San Francisco - March 1st 2017
https://forwardjs.com/schedule#lecture-224
Airware builds hardware, software and cloud for commercial drones. We have transitioned to Node.js for cloud functional test automation in 2015. The purpose of this is to unite Fullstack developers and Automation engineers to speak in the same language which is JavaScript. With a year worth of lessons learnt, we will share the challenges involved with building a full-stack test automation framework with Node.js while using the latest and greatest in JavaScript tools.
Top 7 Angular Best Practices to Organize Your Angular AppKaty Slemon
Learn about Angular best practices to improve the performance of your existing Angular application. Tried and tested clean code checklist for your Angular app.
How to Implement Basic Angular Routing and Nested Routing With Params in Angu...Katy Slemon
Here’s a step-by-step guide to developing an Angular application from scratch with Basic Angular Routing and Nested Routing with params in Angular v11.
Scale changes everything. What once was quite adequate for enterprise messaging can't scale to support "Internet of Things". We need new protocols, patterns and architectures to support this new world. This session will start with basic introduction to the concept of Internet of Things. Next it will discuss general technical challenges involved with the concept and explain why it is becoming mainstream now. Now we’re ready to start talking about solutions. We will introduce some messaging patterns (like telemetry and command/control) and protocols (such as MQTT and AMQP) used in these scenarios. Finally we will see how Apache ActiveMQ is gearing up for this race. We will show tips for horizontal and vertical scaling of the broker, related projects that can help with deployments and what the future development road map looks like.
Martyn Taylor is a senior software engineer at Red Hat, with over 7 years’ experience working on cloud, middleware and messaging software. Martyn currently works on the Apache ActiveMQ suite of projects.
Bonnes pratiques des applications java prêtes pour la productionCyrille Le Clerc
Les bonnes pratiques des applications Java prêtes pour la production.
Les enjeux :
* Améliorer la disponibilité des applications
* Réduire le cycle de vie des projets
* Améliorer les plateformes
* Diminuer le coût d’exploitation
Les axes clefs :
* Le déploiement
* La supervision et le monitoring
* La gestion des logs
* La robustesse
* L’organisation
Scale changes everything. Number of connections and destinations went from dozen to thousands, number of messages increased by order of magnitude. What once was quite adequate for enterprise messaging can't scale to support "Internet of Things". We need new protocols, patterns and architectures to support this new world. This session will start with basic introduction to the concept of Internet of things. Next it will discuss general technical challenges involved with the concept and explain why it is becoming mainstream now. Now we're ready to start talking about solutions. We will introduce some messaging patterns (like telemetry and command/control) and protocols (such as MQTT and AMQP) used in these scenarios. Finally we will see how Apache ActiveMQ is gearing up for this race. We will show tips for horizontal and vertical scaling of the broker, related projects that can help with deployments and what the future development road map looks like.
An introduction to the AngularJS JavaScript MVC framework from Google. Tailored for Java developers. Presented at the Orange County Java Users Group on 10/09/2014
JavaCro2016 talk about MQTT protocol and its usage in IoT. ESP8266 demo was part of presentation. Source core for this is at GitHub https://github.com/mresetar/alertbox
Connect to the IoT with a lightweight protocol MQTTKenneth Peeples
Everything is connected in the Internet of Things. People, devices, machines, and more are all part of a network - sending and receiving data to and from other "things." What new opportunities can the IoT create for your business? The lightweight protocol MQTT can help connect to the Internet of Things.
MQTT 101 - Getting started with the lightweight IoT ProtocolChristian Götz
MQTT is now officially a standard. This slide deck shows why the Internet of Things is special and why MQTT is one solution to communication between devices. There are a lot of Java code sample for getting started quickly.
This is a technical presentation describing two protocols namely MQTT and CoAP for IoT communications. This explains the protocols in conjunction with OSI layers.
MQTT with Java - a protocol for IoT and M2M communicationChristian Götz
Our digital world is growing rapidly and we have more devices connected to the internet than ever. On top of that each second 80 new devices are added, which introduces new challenges to communication between these devices. MQTT is a lightweight and scalable protocol that shifts the request/response paradigm of the web as it is today to an event-driven publish and subscribe architecture, which is a perfect fit for Internet of Things and M2M use cases. This talk answers the following three questions: Why do we need a paradigm shift, HTTP has been proven to be a good fit for the web? What is MQTT and how does it help to overcome the challenges we have today? How can everybody build their own MQTT application with the implementation that are available for Java developers ? In the last part we will dive into Eclipse Paho and the FuseSource client library and round up the talk with an live demonstration.
An introduction to OAuth2 and OpenID Connect intended for a technical audience. This covers terminology, core concepts, and all the core grants/flows for OAuth2 and OpenID Connect
The industry is shifting to mobile and wearable devices, and desktop apps are now only a part of the overall application landscape. In this new mobile-first context, security is one of the key concerns for Enterprise Architects. Salesforce has implemented the OAuth 2.0 specification to handle user authentication using industry standards. After reviewing OAuth basics, this session will take you through the different approaches to implement OAuth authentication on the Force.com platform.
Deep dive into Salesforce Connected AppDhanik Sahni
A connected app is a framework that enables an external application to integrate with Salesforce using APIs. Connected app uses standard protocols, such as SAML, OAuth, and OpenID Connect to authorize, authenticate, and provide single sign-on (SSO) for external apps.
As part of MobiliYa Spread Knowledge Initiative Presentation Series.
Agenda
1.Intro -Auth-Authentication & Authorization & SSO
2.OAuth2 in Depth
3.Where does JWT fit in ?
4.How to do stateless Authorization using OAUTH2 & JWT ?
5.Some Sample Code ? How easy is it to implement ?
1. Intro - Auth - Authentication & Authorization & SSO
2. OAuth2 in Depth
3. Where does JWT fit in ?
4. How to do stateless Authorization using OAUTH2 & JWT ?
5. Some Sample Code ? How easy is it to implement ?
Automatizacion de Procesos en Modelos TabularesGaston Cruz
Muestra de opciones para automatizar refrescos en Modelos Tabulares a traves de Azure Data Factory, Azure Logic Apps, Azure Functions y refresco de base de datos, tablas y particiones en Azure Analysis Services.
Using JHipster 4 for generating Angular/Spring Boot appsYakov Fain
JHipster 4 is an open-source code generator that allows you to automate generation and configuration of the Web project that uses the latest version of Angular on the front and Spring framework on the back. Over the next year, Angular/Spring combination will become a valuable addition to the skill set of any enterprise Java developer. In this presentation, you’ll see how to jump-start a Web project with JHipster.
Surviving as a Professional Software DeveloperYakov Fain
This presentation was made in Kiev, Ukraine at JEEConf, May 2013 as a sequel to this one: http://www.slideshare.net/yfain/yakov-fain-enterprisedeveloperkiev.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
3. The three parts of this presentation
• One approach to integrating consumer devices in the
business workflow
• Live demo: integrating a blood pressure monitor into a
business workflow
• A brief review of REST, OAUTH, Websockets and their
roles tin our application.
5. Today’s Sensors
SCIO: a molecular sensor that scans physical objects and
receives instant information to your smartphone.
http://www.consumerphysics.com/
9. Low-Level IoT Approach
Learn and implement IoT protocols: MQTT, XMPP, AMQP, CoAp,…
Write Java programs for Raspberry Pi or Arduino
Learn HomeKit and HealthKit from Apple
10. High-Level IoT Approach
Create applications using standard
technologies to integrate things into an
existing business workflow.
11. A Proof of Concept App
• Integrate consumer devices into one of the insurance
business workflows
• Leverage existing software technologies
• Create a standard-based application layer that connects
things
12. Your Server in the Middle
• Create a software layer as a proxy for all communications
with IoT devices.
• Find the use-cases for data-gathering devices in your
business applications.
• Collect the valuable data from devices for analisys.
Java dominates on the middleware market.
13. The Use Case: Integrating Scale and Blood Pressure Monitor
into insurance workflow
IHealthLabs Blood
Pressure Monitor
Fitbit Scale
Aria
16. A Typical IoT Workflow
XYZ protocol
XYZ protocol
We’re not dealing with XYZ
Our server communicates with the vendor’s server
using HTTPS
DeviceVendor.com
18. Integrating With Fitbit Scale: Take 2.
fitbit.com
HTTP/Rest API
Weight:
My Front-End App
My Server
Polling/Pub-SubData push
via
WebSocket
19. Integrating With Fitbit and iHealthLabs.
fitbit.com
Weight:
iHealthLabs.com
HTTP/
Rest API
Blood Pressure:
HTTP/Rest API
Data push
via
WebSocket
My Front-End App
My Server
23. What’s used in our app
• RESTful Web services
• OAuth authentication and authorization
• WebSocket protocol
• Front end: written in Dart, deployed as JavaScript
• Data exchange format: JSON
• Back-end: Java with Spring Boot and embedded Tomcat
• Build automation: Gradle
30. Authorization and Authentication
• Authentication: Is the user who he says he is?
• Authorization: Which resources the user can access?
The owner of the Blood Pressure Monitor can see only the
measurments taken from his device.
31. The OAuth Players
• The User
• The client app that accesses the user’s resources
• The server with the user’s resources (data)
• The authorization server
37. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect
URI for successful and failed logins and gets a client id and a secret.
38. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect
URI for successful and failed logins and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST ).
39. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor: providing a redirect
URI for successful and failed logins and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST ).
• The user opens my app and logs into thing’s vendor site via its authentication
server (not the OAuth provider).
40. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect
URI for successful and failed logins and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST )
• The user opens my app and logs into thing’s vendor site via its authentication
server (not the OAuth provider).
• My app (not the browser) generates the unguessable state value and sends
the request to the thing vendor’s OAuth provider:
https://<auth_server>/path?clientid=123&redirect_uri=https//
myCallbackURL&response_type=code&scope=“email
user_likes”&state=7F32G5
41. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect URI for successful
and failed logins and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST )
• The user opens my app and logs into thing’s vendor site via its authentication server (not the
OAuth provider).
• My app (not the browser) generates the unguessable state value and sends the request to the
thing vendor’s OAuth provider:
https://<auth_server>/path?clientid=123&redirect_uri=https//
myCallbackURL&response_type=code&scope=“email user_likes”&state=7F32G5
• My app receives a temporary auth code from the thing’s OAuth server and compares the state
with the one received from the server:
https://myCallbackURL?code=54321&state=7F32G5
42. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect URI for successful and failed logins
and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST )
• The user opens my app and logs into thing’s vendor site via its authentication server (not the OAuth provider).
• My app (not the browser) generates the unguessable state value and sends the request to the thing vendor’s
OAuth provider:
https://<auth_server>/path?clientid=123&redirect_uri=https//
myCallbackURL&response_type=code&scope=“email user_likes”&state=7F32G5
• My app receives temporary auth code from the thing’s OAuth server and compares the state with the one
received from the server:
https://myCallbackURL?code=54321&state=7F32G5
• ,My app makes another request adding the secret and exchanging the code for the authorization token:
https://<auth_server>/path?clientid=123&client_secret=…&code=54321&redirect_uri=
https//myCallbackURL&grant_type=authorization_code
43. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor: providing a redirect URI for successful and failed logins
and gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST )
• The user opens my app and logs into thing’s vendor site via its authentication server (not the OAuth provider).
• My app (not the browser) generates the unguessable state value and sends the request to the thing vendor’s
OAuth provider:
https://<auth_server>/path?clientid=123&redirect_uri=https//
myCallbackURL&response_type=code&scope=“email user_likes”&state=7F32G5
• My app receives temporary auth code from the thing’s OAuth server and compares the state with the one
received from the server:
https://myCallbackURL?code=54321&state=7F32G5
• ,My app makes another request adding the secret and exchanging the code for the authorization token:
https://<auth_server>/path?clientid=123&client_secret=…&code=54321&redirect_uri=
https//myCallbackURL&grant_type=authorization_code
• The thing’s vendor redirects the user to my app and returns the authorization token.
44. A Sample OAuth 2 Workflow
• My company registers the app with the thing’s vendor providing a redirect URI for successful and failed logins and
gets a client id and a secret.
• My company builds an app that uses the thing’s API (e.g. with REST )
• The user opens my app and logs into thing’s vendor site via its authentication server (not the OAuth provider).
• My app (not the browser) generates the unguessable state value and sends the request to the thing vendor’s OAuth
provider:
https://<auth_server>/path?clientid=123&redirect_uri=https//myCallbackURL&response_type=code&scope=“email
user_likes”&state=7F32G5
• My app receives temporary auth code from the thing’s OAuth server and compares the state with the one received
from the server:
https://myCallbackURL?code=54321&state=7F32G5
• ,My app makes another request adding the secret and exchanging the code for the authorization token:
https://<auth_server>/path?clientid=123&client_secret=…&code=54321&redirect_uri=
https//myCallbackURL&grant_type=authorization_code
• The thing’s vendor redirects the user to my app and provides the authorization token.
• My app starts invoking the vendor’s API using the token.
45. Access and Refresh Tokens
• The OAuth 2 server returns the authorization token. It
expires after certain time interval. iHealtLabs sends the
token in JSON format that expires in 10 min.
• The OAuth 2 server also can provide a refresh token that
the client app uses to request a new token instead of the
expired one.
56. Deploying with Spring Boot
• Java EE REST services are deployed in a WAR under the external Java Server.
• Spring Boot allows creating a standalone app (a JAR) with an embedded servlet container.
• Starting our RESTful server: java -jar MyJar.
• We used Tomcat. To use another server, exclude Tomcat in build configuration and specify
another dependency.
• A sample section from Gradle build replacing Tomcat with Jetty:
dependencies {
compile("org.springframework.boot:spring-boot-starter-web") {
exclude module: "spring-boot-starter-tomcat"
}
compile("org.springframework.boot:spring-boot-starter-jetty")
}
57. Security
• Device vendors should take security very seriously.
• We don’t deal with security between the thing and its vendor.
• The OAuth state attribute helps ensuring that the received redirect_uri is the
same as provided during the app registration.
• IoT integration apps are as as secure as any other Web app (see owasp.org).