The way we think about developing applications for the Web or Mobile is changing rapidly. Traditional IT Development is being put to the test, all thanks to the raging cloud wars between Google, Amazon & Microsoft’s Azure.

And No, this is not a new Sci-Fi Trilogy coming to a cinema near you, but the ongoing Cloud War is a war on Price, Infrastructure, Branding, Storage and who has the biggest “Server” of the 3.

For anyone not up to speed, the easiest explanation, in my opinion, for Cloud Computing, is to define it as outsourcing your technology hardware to a 3rd party and accessing it via a network connection.

There has been a major swing from On-Premise Infrastructure (Servers in the office) to Cloud Computing over recent years, and this is for good reason. Those who have adopted cloud platforms have seen a 70% reduction in capital and operational costs, as well the rise in security threats means that your applications and data need to have the best security measures in place to prevent attacks, and, as a result, 2/3 CEO’s are now focusing on digital transformation within their business.

The biggest player in this field right now is Amazon Web Services (AWS). Developers and organisations alike have been using AWS to develop Enterprise Applications, Mobile Apps, Storage Solutions & Backup solutions since it began back in 2006. They provide you with Servers, Databases and all the computing infrastructure you need for hourly rates. Which has been fantastic for people looking to reduce capital expenditure on new servers and upgrading out of date equipment. However, there is a minimum sign in period and this can be costly for start-ups and new applications.

I know Microsoft have pumped a lot of money into their Azure platform, however as of lately their competitors, in Google, have rapidly closed the gap on this domination of the Mobile app world. They launched in February 2010, and are looking to take over the mobile app development market. They are also spending a lot of money on their Xamarin Development Environment, as they try to become the industry leader for a fully rounded solution. However, one of the downsides is making you buy into Microsoft Products, and these are very difficult to move away from, so once you start on their platform, you will be there for most (If not all) of your applications life.

The youngest in the Cloud Platform Solutions is Google Cloud platform. Released to general availability of the public in December 2013, some would say Google have been playing catch up with the other 2 industry leaders. But not a lot of people know that while these other platforms were emerging, Google was busy running 40% of the worlds internet.

Due to this market share of the entire internet, over the years, Google have developed some amazing technologies and solutions to enable them to cope with the volume of people & data. From Google Analytics, their Machine Learning, to the incredible amount of storage space they need to keep everything they really have almost perfected their own Infrastructure. So, between the years of 2013 when they launched the Cloud Platform, and 2015, Google Invested $30Billion to upgrade their entire infrastructure. Their aim was to create a fully open source cloud, with per minute billing and no minimum signup contracts. An Industry First. You pay for what you need and if you have to pull the plug – Do so with no penalties or risks. And if you want to move to your own Infrastructure someday like Facebook, it’s a lift and shift manoeuvre, not tied into any licence fees.

What Google Cloud Platform have also done, is make available the exact same technology that they use to run their organisation, to every developer and organisation out there. And this has attracted some of the big players such as Snapchat, Coca-Cola, Spotify, Home Depot and many more.

With over 101 points of presence around the world, adding almost 1 new region a month and offering over 20 services that they have used to run the internet for years, I don’t think Google has been playing catch-up:

They have been waiting, watching, saw their enemy’s weaknesses and went straight for the kill from the start.

And, as you can tell, I am in no way biased……… but IMAC IT Solutions have been accredited as a Google Cloud Platform Technology partner, meaning the solutions we have developed have been looked at by Google, and essentially been given the thumbs up as being at an excellent standard to run on their platform. So, any questions you have on cloud computing, mobile app development or bespoke application development please do not hesitate to get in contact.

ryan@imacit.com

02879659499

Firebase is a scalable library, allowing a vast array of features to be implemented on a Mobile app. It does a lot of the heavy lifting for you with the available libraries, and as they say, allows you to focus on the users which is the most important part of any Mobile or Web application.

Our Mobile app projects are based on the Google Cloud platform allowing easy scaling and on demand flexibility across the platform. What sparked the interest to use Firebase alongside Google Cloud was the ability to manage user authentication and Firebase Cloud messaging for Notifications across our apps. This article is going to delve into Firebase Authentication for Login and how it seamlessly integrates with our already existing Google Cloud back-end.

But don’t worry if you are waiting on articles about the Firebase Cloud Messaging or Google Cloud, We could talk about them all day so watch out for new material!

Depending on the app developed there may be some features that do not require login/User info and therefore will not require Authentication on the Backend, these can be accessed directly from the Google Cloud with the correct Request sent up. However the majority of apps these days like to cater for personal features as well as securing information about a user.

We want the user to feel safe about entering details into our application and we want Clients to feel their information being stored will be safe in our hands. Enter Firebase.

First step is to setup Firebase Authentication on the Server side, This link talks through the main points and what is required for Firebase to be added in

https://cloud.google.com/endpoints/docs/openapi/authenticating-users

The joys of having a great team here is this was not a big task, but don’t panic if your new to the Google Cloud and want to implement this yourself, the Documentation and Google Forums provide great support and will have you well on your way!

Next step Firebase requires us to import our Google Cloud project in, meaning they share common Client Ids, and it also requires us to set up our apps that will be using Firebase, this is where the authentication process begins, if the app/program requesting data from our Firebase App does not have the correct Bundle ID, com.example.Firebase etc, it will not be allowed access so the process will stop here. Also every app created on the firebase console that interacts with firebase will produce a new Google-Services.Json for Android Apps and Google Services.plist for iOS apps. These will need imported into your specific project and it is from here the information/keys contained to interact with the Firebase Console reside. A Client Id and API key will be the two most important aspects to include in your Firebase initialization within an application. So, with the API Key and the correct bundle ID we already have narrowed down access to Firebase from outside sources which starts to secure the applications. When setting up an Android app on Firebase we also need to include the SHA-1 Certificate FingerPrint for certain Features as well.

The apps we are producing are based in Xamarin Forms, with Libraries available such as Xamarin.Auth and Xamarin.Social, meaning the integration there for OAuth 2.0 would seem like the only way to go directly. Firebase however provides JWT(JSON Web Tokens) on sign in to firebase which we can pass up with each of our API calls so we know exactly where the request has come from and have traceability for each and every API call that could contain Sensitive information.

The diagram above gives us our basic Flow of events on the implementation of A Firebase Authenticated user accessing Data from the Google Cloud Platform.

Another great feature (Sidetrack slightly, this is just so amazing!)  is the JWT token we send up must have the correct audience (a field in the JWT Token for those unfamiliar with the Token) to be accepted by the cloud as an authenticated user, so other Firebase App tokens will not be successful.

Following the arrows from the Xamarin.Forms application we begin by logging a user in, one of the most important steps in any application, where sensitive data being passed in any direction needs to be secure. We also need to know there are no fake users out there. It also means we haven’t the tedious task of storing passwords in the Google Cloud Datastore as Firebase will do that for us. Firebase itself contains many different methods to sign in; Phone number Authentication and Email being the main two they control themselves. The email function gives us ability to reset passwords, verify email address and disable/delete accounts. Its process is slightly different, in that the app itself will need to pass the email address and password directly to the Firebase Console to receive a JWT Token, then the process from there remains the same.


App Login Request → Social Media Login → OAuthToken Returned to App → Send Token to Firebase Console → Sign in Authenticated and Details Returned to App with JWT Token → Send Token as Authorization : Bearer in Google Cloud Calls → Google Cloud accepts Token and carries out API → Return To App with Data


So taking Facebook as an example of a Social Media site where we want to incorporate Login for, We begin with our Xamarin.Forms application and for anybody reading this who isn’t quite sure what or how Xamarin.Forms works, it allows us to write apps on a PCL basis i.e one code share will run on Android and iOS this makes implementation faster as the majority of the code can be wrote once.

Unfortunately when we want some native features this isn’t the case and we need to dip in Xamarin.Android and Xamarin.iOS. This does require more work but the benefits of being able to switch to native code and share the rest are amazing and I myself would be very much bought into Xamarin.Forms now!

The main point here is we can access the Facebook accounts on devices via these native features using the Facebook SDK library, we can then implement the Facebook-Login button through a CustomButtonRenderer that inherits from the ButtonRenderer class, more information on this can be found here https://developer.xamarin.com/guides/xamarin-forms/application-fundamentals/custom-renderer/

We can then implement one touch Facebook login for iOS and Android, or open up a view to sign in if the Facebook app isn’t present on the device.

So when we click on this new Facebook Button we go to Facebook in the background(or to a sign in to complete) and Get user details and an OAuth token which is returned to the app.

Once this token is returned to our Forms app from the native code, we use a Firebase Library from Xamarin Forms credit here goes to Step Up Labs for providing the Nuget package

https://github.com/step-up-labs/firebase-authentication-dotnet


FirebaseAuthProvider p = new FirebaseAuthProvider(new FirebaseConfig(“”)


then calling 


p.SignInWithOAuthAsync(FirebaseAuthType.Facebook, OAuthtoken )


to sign in to Firebase and receive what the library denotes as a FirebaseAuthLink , from here we get email Address the User and the Token required for our Google Cloud Authentication.

This Token itself will only last for 3600 seconds or 1 hour, so we need to store the FirebaseAuthLink Locally on the device,

I used App.Current.Properties with the Newtonsoft.JSON library to serialize and de serialize as it will store a key pair <string,object> but on the app closing and reopening we will lose our object unless we Serialize it before exiting,  but any settings Plugin will do just nicely.

The easiest way to ensure our token is always refreshed is to Check the FirebaseAuthLink object and use its Expiry Bool before every api call, and if its not expired carry on, if it is we will need to go Through the Refresh method

we create a new FirebaseAuthLink based on the old one/stored one,


var auth = new FirebaseAuthLink(p,FirebaseAuthLinkStorage);


then using this we call


auth.GetFreshAuthAsync()


This returns a fresh FirebaseAuthLink from the result and we just replace this one in our storage and we are ready to carry on with calls to the Google Cloud!

The library here will provide Google,Twitter,Github and Facebook and also allows the Sign in with a Custom Token which means it provides the ability to Use any service that produces a OAuth Token when a user signs in , Instagram Amazon , so depending on the app we can cater for Multiple different Sign ins.

Check out the Firebase Blog itself for regular updates on what those guys are doing regarding Authentication or any off their features and how there doing it, It is a very interesting read!

So there we have it a Standard Login in the Front and a Secure Authenticated Login in the back!

Fast and Secure, The programmers dream!

Luke McBride

Ransomware is back!

For those who are unaware of what ransomware is, it’s a type of malicious software that has been created to block access to the victim’s data, or threatens to publish or delete it, until a ransom is paid. This essentially means that your company or clients private details could be released to everyone and anyone. . . Quite the problem I know. Ransomware software has been known to lockdown many business’, and is crucial that everyone is made aware of what it does and how to prevent it. Previously ransomware crippled the NHS, hit international shipper FedEx and infected computers in 150 countries.

So, currently there is a ransomware attack circulating the globe negatively impacting companies called Petya or NotPetya. This strain has been circulating organisations with infections through a phishing email, which spread to all the computer systems within the network.

What to look out for in these Peyta Phishing emails:

    1. Email Subject of ‘Hi’
    1. A .zip or .scr file attachment called ‘gone’, containing the malicious software

What to do if you come across this file:

    1. Do NOT open it
    1. Do NOT click on any links it contains
    1. Delete it IMMEDIATELY
    1. You should IMMEDIATELY remove your network cable from your computer and call your usual service help provider if:
    • You may have accidently opened the email or clicked a link that appears suspicious
    • You are redirected to a page that was unexpected by clicking a link
    • You receive any unusual pop-up alerts informing you of a virus or equivalent
    • You find you are unable to open any of your documents which you have previously had access to

 Please do not ignore any unusual activity on your device, and remain vigilant until all security measures have been put into place.

If you have any concerns that you may be affected, please contact your normal service help provider.

If you are in any doubt with regards emails of this kind, do get in contact with a service helpline. You never know how vital your questions may be.

The team here in IMAC IT Solutions are always on the watch to prevent current issues such as ransomware within our products and services to ensure our clients product safety always.

Now to watch Love Island on iPlayer…


Other Articles

It’s surprising how viewpoints of software development, within a working environment, are drastically different between client and developer.

I began my development experience in 2016, after finishing a university degree where my on relation to computers was completing 3000 word essays on Microsoft word. Initially my only knowledge was a simple piece of coding, throw a few buttons here and there, link them together and a fully functioning programme was developed and millions of pounds would be made from this. How wrong was I! What I quickly learned was that sometimes the simplest of problems, can be that little button, which passes small pieces of information proving vital further down the development cycle.

What also can be difficult, particularly when trying to develop an idea of someone else, is visualising the finished product for the customer whilst trying to make it practical from both the users viewpoint and a developing viewpoint.

Had I never set foot in the software development industry, I too would have been that naïve demander of buttons here, and links there, whilst expecting it to be fully functional and on an app in my phone within 1 week, at the very latest.

However, there are a small list of things that developers need before the first button is created;

  • What does the client want?
  • What is the function of each aspect of their app/website?
  • Does it store information?
  • How much information will be saved? Will a cloud or physical server need set up?
  • When does the client want their idea to be launched?

These are 5 basic questions that need answered before questions like; does it need to take card payments? Will we need to make user ID’s for admins and common users? Will there be a customer and admin/user sites?

For developers this only leads to further questions: Do I need an API to make this function? What system will be used to develop this? What language will be best suited to this development? Will the application be android only or will iOS be included? What flow will the user take for the best User Experience? What can administrators access, that users cannot?

These are simple requirements based questions that need ironed out before development can begin. However, this isn’t where the real problems start. Requirements building in fact can be made simple. Diagrams and flow charts create visual aids for both parties, but, implementing visions require a lot of time and careful thought with regards to methods of connecting information without crossing over, hence testing needed throughout the development cycle.

Throughout the cycle, what also must be considered is security. How protected is the server? Is the login/registration information secured? Will any other information entered be secured from hackers? Like previously mentioned, before I began my developers journey, I presumed a line of code here and a simple true or false statement would solve all these issues, not much work in that. How wrong was I! This takes a lot of thought, right down to every capital letter, number, comma and full stop. Testing matching logins to wrong passwords for example can be a tedious testing process however without this nothing is safe within a project, any small detail that is overlooked could be detrimental to private information.

One year on from the beginning of my journey, these are some of the basic questions and misconceptions that are common within software development. These questions to a client may seem simple and basic, however they provide vital information for planning a development cycle. This has now become the basis for all programmes that I begin to tackle and maybe should be considered by any future clients who feel that coding is a 5 minute job to create and fix.

By Brendan Rogers

brendan@imacit.com | 02879659499

Please Contact Us for more information on our Software Development & Mobile App Development Services.

Oh,

And Don’t forget to share this post.

Thinking about how much the social interaction of people and businesses has changed since the millennium is a fascinating concept. It’s changed how we talk to each other, how we perceive the world, how we travel, the way we relax and the way we buy things as well as many others. I just saw a post on LinkedIn, and to think that in 2003 the following didn’t exist:

  • iPhone
  • iPad
  • Kindle
  • Uber
  • Airbnb
  • Android
  • Spotify
  • Nest
  • Stripe
  • Square
  • Bitcoin
  • Instagram
  • Snapchat
  • YouTube
  • Facebook
  • Twitter

Some of them you may not be familiar with, but others are our main go to for every day essentials. We are becoming (or maybe we are already there) completely dependent on our mobile devices and any Entrepreneur or established business should be taking advantage of this mass mobile market.

With an exponential number of new apps being developed every day, the future has finally arrived. So why should a business bother thinking about creating a simple mobile app?

Well let the facts speak for themselves:

  • The volume of Mobile Phones is much higher than PCs.
  • The average time spent on Mobile Apps compared to desktops is +64%.
  • On an Average, people check their mobile every 6 minutes.
  • People use mobile Apps 6 times more than the websites.
  • 79% smart-phones users use their mobile to make purchasing decisions.
  • 50% users make purchase on Mobile within 1 hour as compared to 1 month on Desktops.
  • 73% of Business Owners use Mobile Apps daily.
  • Business owners also use Mobile Apps for Customer Engagement.

Mobile apps do not have to be massive ideas, or require massive amount of development. They are just another means for you to add that extra bit of value to your customers. So, don’t worry if you cannot think of an idea or a concept, because IMAC IT Solutions would be happy to work in partnership with you to extend your business and services into the mass mobile world.

Thanks for reading,

Ryan Farren

After catching a glimpse of an article in the paper about the first workshop a couple of weeks ago, and how busy/successful the event was, I decided to attend the second workshop by the Mid Ulster Council, held in the Terrace hotel Magherafelt, named “Making the web work for your business”, to see what all the fuss was about.

Firstly, the cold crisp March morning was enough to have anyone ready to go for an 8am Business Breakfast Workshop, and arriving at 7:45am I wasn’t surprised to find that the car park was full, as everyone must have been as eager to get into the heat as I was.

We were met with a selection of bacon and baps, as well as fruit salad and much needed coffee. The room was full of local businesses and it’s safe to say the workshop was a sell-out.

The workshop was started with the welcome note, given by the Mid Ulster District Council Chairman Cllr Trevor Wilson and after this, our fantastic host for the morning Daryl Conway, introduced the key speakers for the workshop and set us all the goal of coming away from the morning having learnt 1 thing.

In attendance we had the seasoned Digital Marketer Barry Adams, the website design expert Daithi Conlon and the PayPerClick Guru, Mark McColgan. A perfect panel of experts to guide the audience in all aspects to make the web work for their business.

After the initial introductions, the workshop turned into something that could only be described as “The Conway Show”, whereby Daryl has a series of questions for each member of the panel that picked information from each of their sectors but also informed the audience of some very insightful information.

Once the time limit had been reached, the floor was open to questions for the speaker and I got to pick Marks brain on a PPC aspect that has been bugging me. Weather to raise brand awareness more, or to concentrate on sales for a new business/website? and his answer was simple… both at the same time.

As soon as the questioning was finished, each expert was allowed to give a 1-minute elevator pitch to persuade members of the audience to attend their Mini-workshop that was located in different areas of the hotel. Different strategies were taken, however I decided to opt in on Marks mini workshop as I felt he could offer some great advice on areas I want to implement in my business, and I was right. His mini workshop was very informative and safe to say I surpassed the goal of the day after learning a range of different things related to pay-per-click.

As for the other 2 mini workshops, I’m sure they also went as smoothly.

When all mini workshops were completed, we all reconvened in the main function room of the hotel and Daryl closed the workshop with a final speech and some questionnaire completing.

All-in-all, a very informative and worthwhile morning, and I look forward to attending the “Selling on Social Media” workshop on the 28th of March.