Introduction
I'm working on a backend which is used by iOS and Android mobile apps and have decided to use Azure Notification Hubs for push notifications. It is written in .NET and uses device registration from a backend (Registration).
User is able to use same application on multiple devices at the same time and requirements are that users should be able to receive notifications on all devices. There is also possibility that multiple users will use app on the same device - authentication is done using username and password.
Registrations are saved in DB table which stores:
registrationId
platform
reference to user
This makes it possible for the same user to receive notifications on multiple devices.
Registration
Registration is done in the following way on the iOS device:
App is started
PNS handle is received from APNS (token)
Username and password are entered
App asks for RegistrationId from backend
RegistrationId is saved to local storage
Registration is performed using RegistrationId, Handle and Platform parameters which are sent to Web API endpoint
Tag "username:test1" is added so notification can be sent to specific user
Problem(s)
I've noticed that PNS Identifier is same for two (or more) registrations (please see screenshot). Developer which is working on the iOS app pointed to the following question: Obtain NEW Apple device token?
Is it valid to have same PNS Identifier for multiple installations provided that I have unique tags?
If there are multiple duplicates of PNS Identifier application would display multiple notifications (notifications are filtered by tag "username")?
Should the PNS Identifier be unique for app, device or user?
Related
I'm doing a POC of a an application for use on a touch screen device running windows 10.
The currently UWP (although open to nearly any app that can run full screen for a kiosk) app already has a webview control and I can control the url where I want to navigate to. In some situations, I'd like to navigate to a 3rd party webapp that is using Azure AD authentication.
Interactively, we can login but I'd like to have the login happen automatically using a known azure ad username and password or ideally a certificate we can install on the device. We don't own the web app (so we can't change any properties on it) but its connected to our Azure AD tenant so we own the azure ad app configuration. The web application does not have API's yet to consume the information. The device uses local accounts, per the guidance on https://learn.microsoft.com/en-us/windows/configuration/kiosk-prepare.
I've used the (Public/Confidential)ClientApplicationBuilder which works for getting tokens to talk to web apis but I'd like to do a form post to something (https://login.microsoftonline.com/{tenantid}) ? and then redirect to the web app when done. I've looked into OAuth 2.0 Resource Owner Password Credentials (https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc) and it seems the closest but I'm not sure how to take the access token I receive and somehow save it (in a cookie?) so the web app will log the user in when navigated to. I'm sure I could watch the various URLS and fill in the credentials programatically but that seems wrong. I've reviewed the various Azure AD samples but I've not seen one that fits my scenario (which might indicate a flaw in the plan...).
I have a UWP app which has Cortana integration using Commands (VCD definitions). The app requires a user to be logged in to it (using Facebook or Google).
Now I am writing a Cortana Skill - it will offer the same functionality as the UWP app, but would work on other devices. For it to work, the user would need to log in, just like the UWP app.
I understand how the login is done in Cortana Skill (using the BotBuilder) - after login, the access & refresh tokens are somehow stored with the user's profile, so he doesn't have to login again on his other devices. I actually already built this, so the user can login with facebook/google in Cortana.
But I would like to do this from the UWP app - that is after the users logs into the UWP app, I want to take the access/refresh token and give it to some Microsoft endpoint, so that user doesn't have to login twice (once in UWP, second time in Cortana).
Is this possible? Is there some API I can use for this?
The channel (Cortana) handles OAuth flow and token caching using "Connected Services". At this time, Cortana does not support single sign on or cross-client identity. (You're UWP app and your Cortana skill are effectively two apps.) This doesn't mean you need to use "Connected Services", but you'd be implementing around built in functionality for things like handling of refresh tokens.
I want a very simple thing - let user buy a subscription in my UWP app and then periodically check that this subscription is still active server side (the app is for multiple platforms, user can buy subscription on any one and use it on all his devices).
On Android, the app receives a purchase receipt which can be used against Google service which returns current state of the subscription.
For Windows Store, it seems (Manage product entitlements from a service) I need to:
Ask my service for Azure access token, pass it to my app
Generate Store ID in my app
Pass this ID back to my service
Use this ID to get a list of all user's subscriptions to verify their status
Refresh the Store ID every 3 months (its validity)
I'm counting 5 REST calls just to check a state of my subscription.
Is that really the only way?
There used to be an API to get the receipt from Store, but that seems deprecated now:
Windows.ApplicationModel.Store
for 1 year subscription, after the year goes by, I want to ask if the subscription was extended or not.
Please check this document: Get subscriptions for a user.
If your subscription is part of a cross-platform service, you can call this API to determine whether the specified user has an entitlement for your subscription and the status of their subscription in the context of your UWP app. You can then use this information to update the status of the subscription on other platforms that your service supports.
I am currently attempting to create a phone app that has some admin-only functions (like doing database metrics and logistics). Unfortunately, for the life of me I can't get it to recognize me as having user.level == 'admin'. I've used the service master secret as the entry for the Mobile Service client, I've logged in using my administrator Microsoft Live account, I've tried different settings in the script permissions itself, all to no avail. Each time, it logs me as being authenticated instead of admin.
Currently my C# code is:
var user = await App.MobileService.LoginAsync(MobileServiceAuthenticationProvider.MicrosoftAccount);
var result = await App.MobileService.GetTable<MyDataRowObject>().ToListAsync();
I then access the result as an IEnumerable.
Thanks!
You can't do this from the mobile service client because accessing the server as admin requires a special header. This is by design, as they don't recommend embedding your master key into a client application.
Instead, you would do this from another trusted service and send the master key as the X-ZUMO-MASTER header.
However, if you want to do this from a particular app you would have a user table that identifies a list of power users and just support login from a standard supported mechanism.
Make sense?
I am developing a chat application for windows phone using c# and I would like to first maintain the registered users when they register in my application. I am planning to get them registered with their live account authentication.
Any suggestions on how to store(database table format) the registered users information and maintain that information in windows azure mobile?
And how do I uniquely identify each user (apart from live id ) so that I can push the notifications ? One solution I think is by using subscription uri from MPNS .
If you're using MobileService.LoginAsync you'll get the user id per whatever auth provider you used, and then that (potentially opaque) value is automatically pushed into your Mobile Services scripts via user parameter (presuming you set the script to require authenticated users). The Get started with authentication in Mobile Services tutorial covers most of this, and you'd simply store the user id with whatever 'friendly' profile name, info you're also collecting.
The Live Id (Microsoft account) would already uniquely identify each user, though it's certainly possible that a given user has multiple devices have multiple devices he or she is using to access your app. Typically your app would register/renew its notification channel URI on startup (because the URI can expire) and associate it with the user id (Live, Twitter, etc.), store it in a table in WAMS, and then when you want to notify user X, you send a push notification to each URI associated with that user in the database table - that's a fairly simple select off the table storing the URIs and user info.