mobile application development
TRANSCRIPT
![Page 1: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/1.jpg)
v
Building Mobile and Web Apps using the AWS Mobile and Javascript SDKs Parijat Mishra | Solutions Architect | Amazon Web Services [email protected]
![Page 2: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/2.jpg)
v
In this session, we’ll be creating Android apps to demonstrate various features of AWS
![Page 3: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/3.jpg)
v
How do we build mobile apps today?
![Page 4: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/4.jpg)
v
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Manage users and identity providers
Securely access cloud resources
Sync user prefs across devices
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Your mobile application
![Page 5: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/5.jpg)
v
Introducing AWS Mobile Services
Amazon Cognito Amazon Mobile Analytics Amazon SNS Mobile Push
Kinesis Connector DynamoDB Connector S3 Connector SQS Connector SES Connector
AWS Global Infrastructure (11 Regions, 28 Availability Zones, 52 Edge Locations)
Core Building Block Services
Mobile Optimized Connectors
Mobile Optimized Services
Your Mobile App, Game or Device App
AWS Mobile SDK, API Endpoints, Management Console
Compute Storage Networking Analytics Databases
Integrated SDK
![Page 6: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/6.jpg)
v Fully integrated AWS mobile SDK
Cross-platform,
optimized for mobile
Automatically handles intermittent and latent
network
AWS Mobile SDK
Reduced memory footprint Common authentication method across all services
![Page 7: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/7.jpg)
v
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Manage users and identity providers
Securely access cloud resources
Sync user prefs across devices
Track active users, engagement
Manage funnels, Campaign performances
Store user-generated photos Media and share them
Automatically detect mobile devices Deliver content quickly globally
Bring users back to your app by sending messages reliably
Store and query fast NoSQL data across users and devices
Collect real-time clickstream logs and take actions quickly
Your Mobile
App
Your mobile application
![Page 8: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/8.jpg)
v
Authenticate users
Authorize access
Analyze User Behavior
Store and share media
Synchronize data
Deliver media
Store shared data
Stream real-time data Track Retention
Send push notifications
Amazon Cognito (Identity broker)
AWS Identity and Access Management
Amazon Cognito (Sync)
Amazon Mobile Analytics
Amazon Mobile Analytics
Amazon S3 Transfer Manager
Amazon CloudFront (Device Detection)
Amazon SNS Mobile Push
Amazon DynamoDB (Object Mapper)
Amazon Kinesis (Recorder)
Your mobile application
with the AWS Mobile SDK
![Page 9: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/9.jpg)
v Let’s build a Media App!
What should it do?
![Page 10: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/10.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
![Page 11: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/11.jpg)
v
• Goals: • User is anonymous – we don’t care who they are, treat them as ‘Public’ or ‘Guest’
• Directly access AWS Simple Storage Service (S3) from the mobile application
• We do not want to upload to a server and then have the server push the file to S3…
• Requirements: • We need to authenticate the application on the mobile device
• We do not want to bake the AWS credentials in our mobile app!
• Even though users are anonymous, we still want to control access to AWS
First App: Basic Download/Upload App
![Page 12: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/12.jpg)
v
Mobile App
S3 Bucket with test media
Cognito Identity
First App: Basic Download/Upload App
![Page 13: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/13.jpg)
v
Amazon Cognito
Granting ‘guest’ access to our ‘Public’ users for controlled access to AWS resources
![Page 14: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/14.jpg)
v
Cognito Identity Example Cognito Identity for Guests Cognito assigns a unique identifier for each device when a user is not logged on
Cognito Identity for Authenticated Users Cognito assigns a unique identifier for each user when they are authenticated. This will be the same identifier for this user regardless of which device they use
![Page 15: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/15.jpg)
v
Cognito setup
![Page 16: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/16.jpg)
v
Create a new Cognito Identity Pool
![Page 17: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/17.jpg)
v
Create a new Cognito Identity Pool
Supplying public identity providers is optional For this demo, we will not be supporting public identity providers, so we leave them empty
![Page 18: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/18.jpg)
v
Create a new Cognito Identity Pool
Enable guest access For this demo, we will allow ‘anonymous access’ so that unauthenticated users can upload and download from our S3 bucket
![Page 19: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/19.jpg)
v
Create a new Cognito Identity Pool
Create IAM Roles Create IAM roles for this Cognito Identity Pool. We will assign tight security controls to these roles later
![Page 20: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/20.jpg)
v
Create a new Cognito Identity Pool
And assign a role for unauthenticated access
![Page 21: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/21.jpg)
v
Create a new Cognito Identity Pool
Starter code samples Cognito conveniently provides starter code for you for Android, iOS and .Net! This is an example of how you can easily connect your app to Cognito
![Page 22: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/22.jpg)
v
Setup the required permissions in IAM
![Page 23: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/23.jpg)
v
Setup the required permissions in IAM
Note the default policy
![Page 24: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/24.jpg)
v
Setup the required permissions in IAM
Default policy created by Cognito By default, access to Cognito Sync and Mobile Analytics is permitted. This policy has been generated by the Cognito Create Identity Pool wizard
![Page 25: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/25.jpg)
v
Media in our S3 bucket S3 Bucket contents Test file that we will be downloading via the TransferManager S3 connector
![Page 26: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/26.jpg)
v
S3 Bucket ACLs Note that the ACLs on the bucket do not permit ‘Public’ so the asset is not world-accessible
Media in our S3 bucket
![Page 27: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/27.jpg)
v
Let’s give the anonymous ‘guest’ access to our S3 bucket for read and write
![Page 28: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/28.jpg)
v
Setup the required permissions in IAM
Use the Policy Generator We’ll create our specific S3-related policy using the Policy Generator
![Page 29: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/29.jpg)
v
Setup the required permissions in IAM
Specify our bucket Our policy will specify access for our specific bucket. We’ll allow GetObject and PutObject
![Page 30: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/30.jpg)
v
Setup the required permissions in IAM
Resulting Policy Document Here’s what the resulting policy looks like for allowing READ access to any object in the specific bucket, and the ability to WRITE any object
![Page 31: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/31.jpg)
v
We’re now set up – let’s start coding!
![Page 32: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/32.jpg)
v
Instantiate Cognito Credentials Provider
Give Cognito your details • Account Id
• Identity Pool ARN
• UnAuthenticated access Role ARN
• Authenticated access Role ARN
• The Region you are running Cognito in
![Page 33: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/33.jpg)
v
Implementation Note! This ‘Cognito’ class is just my convenience wrapper! I have chosen to implement this as a Singleton at App-scope
Your implementation may be different The only important thing is that you instantiate a CognitoCachingCredentialsProvider
![Page 34: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/34.jpg)
v
S3 Connector
• Multipart upload media (photos, videos, audio)
• Fault tolerant download (e.g. assets)
• No backend required
• Automatic retries
• Pause, resume, cancel functions
• Optimized for native OS
Amazon S3 Connector: Transfer Manager
![Page 35: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/35.jpg)
v
Pass Cognito Credentials to the AWS S3 Transfer Manager constructor
Pass the Cognito Provider to the TransferManager S3 connector to construct based on the Cognito-acquired AWS credentials
![Page 36: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/36.jpg)
v
Set up the download request and go!
Initiate the download
![Page 37: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/37.jpg)
v
Demo App
First, the Application instantiates a CognitoCachingCredentialsProvider()
Then initiates a download, followed by an upload
![Page 38: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/38.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
q Convert uploaded video files to various mobile/web formats
![Page 39: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/39.jpg)
v
Amazon Cognito
Now let’s authenticate our users via public identity providers
![Page 40: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/40.jpg)
v
• Goals: • User can be anonymous or they can choose to sign-in via Facebook
• If they are anonymous, we let them see a ‘Public’ view of the media library
• If they choose to sign-in, we let them see their own ‘Private’ view of the library
• Requirements: • We will use Cognito to help with the Public and Private authentication
• Again, no AWS credentials in our mobile app!
• We want to enforce Fine-Grained Access Control on the database views
Implement Public & Private views
![Page 41: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/41.jpg)
v
User ID (Temp
Credentials)
DynamoDB
End Users
Developer
App w/SDK Access
to AWS Services
Cognito Identity Broker
Login OAUTH/OpenID Access Token
Cognito ID, Temp
Credentials
S3
Mobile Analytics
Cognito Sync Store
AWS Management
Console
Access Token Pool ID
Role ARNs
Amazon Cognito Security Architecture
![Page 42: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/42.jpg)
v
Raw DynamoDB records example
Range Key Each OwnerId has multiple Filenames
Hash Key Each OwnerId identifies a user by their Cognito identity, or ‘public’ if they didn’t log on to Facebook
![Page 43: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/43.jpg)
v
Raw DynamoDB records example
Inventory is partitioned based on the OwnerId ‘public’ is accessible to the ‘guest’ Cognito Identity Anything else must match the identity of the user accessing the application
Assigned by Cognito automatically
![Page 44: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/44.jpg)
v
Use the DynamoDB Mapper
Use the DynamoDB Mapper annotations to decorate your value object Specify the HashKey, RangeKey and the individual Attributes in your value object that should map to columns in the DynamoDB table
![Page 45: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/45.jpg)
v
For this demo, we’ll use Facebook as our Public Identity Provider
![Page 46: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/46.jpg)
v
Mobile App
DynamoDB
Implement Public & Private views
OAUTH/OpenID Access Token
Cognito Identity Broker
Cognito ID, Temp
Credentials
Query for results filtered by OwnerId
![Page 47: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/47.jpg)
v
• Great how-to https://developers.facebook.com/docs/android/getting-started
Using Facebook in your App
![Page 48: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/48.jpg)
v
Create an App on Facebook
![Page 49: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/49.jpg)
v
Create an App on Facebook
![Page 50: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/50.jpg)
v
Create an App on Facebook
Cognito needs the App ID The App ID from Facebook is what binds the Identity Pool to the Facebook application
![Page 51: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/51.jpg)
v
Configure Cognito to use Facebook
![Page 52: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/52.jpg)
v
Add an Android application to FB
![Page 53: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/53.jpg)
v
Add an Android application to FB
![Page 54: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/54.jpg)
v
Add an Android application to FB
Generate your signing hash from your development environment – check the documentation…
![Page 55: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/55.jpg)
v
We’re now set up – let’s start coding!
![Page 56: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/56.jpg)
v
Secure access to DynamoDB
Simply instantiate the AmazonDynamoDBClient and specify your Cognito provider as the credential provider in the constructor
![Page 57: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/57.jpg)
v
Querying the DynamoDB table from code
Querying the DynamoDB table is simple! The DynamoDB Mapper will map the columns in the table to the fields in your value object and return a typed list of records ready to iterate
![Page 58: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/58.jpg)
v
Demo App
Guest access
• Connects to Cognito as anonymous user
• Gets AWS token and uses that to instantiate a DynamoDB client
• Queries DynamoDB using the key ‘public’
Authenticated access
• Gets token from Facebook
• Passes token to Cognito
• Impersonates authenticated user
• Queries DynamoDB using the key that matches the Cognito Identity of this user
![Page 59: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/59.jpg)
v
Raw DynamoDB records example
Inventory is partitioned based on the OwnerId ‘public’ is accessible to the ‘guest’ Cognito Identity Anything else must match the identity of the user accessing the application
![Page 60: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/60.jpg)
v
FGAC on DynamoDB using IAM Fine-Grained Access Control (FGAC)
• Restrict which Actions can be called by the user
• Restrict which DynamoDB Tables can be accessed by the user
• Restrict which rows in the table are accessible by the user
• Control which fields are accessible in the query results
![Page 61: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/61.jpg)
v
FGAC on DynamoDB using IAM
Control the actions the user can invoke
The “Unauthenticated” Role Policy
![Page 62: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/62.jpg)
v
FGAC on DynamoDB using IAM
Control the DynamoDB Table the user can access
The “Unauthenticated” Role Policy
![Page 63: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/63.jpg)
v
FGAC on DynamoDB using IAM
Restrict the Rows in the DynamoDB table the user can access
The “Unauthenticated” Role Policy
![Page 64: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/64.jpg)
v
FGAC on DynamoDB using IAM
Use the Cognito Id for this user to restrict the rows that will be accessible to the user
The “Authenticated” Role Policy
![Page 65: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/65.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
q Convert uploaded video files to various mobile/web formats
![Page 66: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/66.jpg)
v
Amazon SNS
Push Notifications
![Page 67: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/67.jpg)
v Each platform works differently, and push gets even more complex as you scale to support millions of devices.
Cloud App
Platform Services Mobile Apps
SNS application targets
![Page 68: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/68.jpg)
v
Amazon SNS Cross-platform
Mobile Push
Apple APNS
Google GCM
Amazon ADM
Windows WNS and MPNS
Baidu CP
With Amazon SNS, developers can send push notifications on multiple platforms and reach mobile users around the world
Android Phones and Tablets
Apple iPhones and iPads
Kindle Fire Devices
Android Phones and Tablets in China
Windows Desktop and Phones
SNS application targets
Your applicationback-end
![Page 69: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/69.jpg)
v
• Goals: • Application automatically registers with Google Cloud Messaging (GCM)
• The device registration Id is then sent to SNS to register as a device endpoint
• The application then subscribes that device endpoint to a well-known SNS topic
This topic is shared by all other devices using the application
• The application then confirms SNS Push Notifications are working by sending
a message to itself via SNS. The user sees a pop-up message.
• Later, whenever a message is sent to the shared SNS Topic,
all devices subscribed receive a pop-up notification
Next App: SNS Push Notification App
![Page 70: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/70.jpg)
v
Mobile App
Next App: SNS Push Notification App
SNS Topic
SNS Application
ENDPOINT APP
TOPIC
Cognito
Create Platform Endpoint
Subscribe to topic
Publish test message to our
Endpoint
Push notification from GCM
SNS
![Page 71: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/71.jpg)
v
Setup Amazon SNS
![Page 72: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/72.jpg)
v
On the SNS Dashboard, create a new Topic
![Page 73: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/73.jpg)
v
On the SNS Dashboard, create a new Topic
![Page 74: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/74.jpg)
v
Note the Topic’s ARN We will need this in our code to subscribe the device to the topic so we can receive notifications
On the SNS Dashboard, create a new Topic
![Page 75: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/75.jpg)
v
Create a Google API Project and obtain the Google Project ID
![Page 76: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/76.jpg)
v
Enable GCM for Android
![Page 77: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/77.jpg)
v
Create the Server API Key
![Page 78: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/78.jpg)
v
Obtain the Server API Key from Google
![Page 79: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/79.jpg)
v
On the SNS Dashboard, create a new App
![Page 80: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/80.jpg)
v
Specify the API Key you got from Google
![Page 81: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/81.jpg)
v
Note the ARN for this SNS Application
![Page 82: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/82.jpg)
v
We’re now set up – let’s start coding!
![Page 83: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/83.jpg)
v
Instantiate Cognito Credentials Provider
Give Cognito your details • Account Id
• Identity Pool ARN
• UnAuthenticated access Role ARN
• Authenticated access Role ARN
• The Region you are running Cognito in
![Page 84: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/84.jpg)
v
Again, this ‘Cognito’ class is just my convenience wrapper implemented as a Singleton
Instantiate SNS using Credentials from Cognito
![Page 85: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/85.jpg)
v
Get the device registration ID from GCM
We’re requesting the device identifier/token for this unique device, against the Google Project Id we created earlier
![Page 86: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/86.jpg)
v
And register this device with the SNS App
The ‘deviceIdentifier’ is the device token returned from GCM for this unique device
![Page 87: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/87.jpg)
v
Finally, subscribe the endpoint to the Topic
The endpoint is the ARN you got back from the previous call to getEndpointArn()
![Page 88: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/88.jpg)
v
Demo App
At startup, we register this device with the SNS Application
Then we subscribe this device Endpoint to the global SNS Topic
We then send a test message from the device to ourselves to confirm the round trip is working
If we subsequently publish to the global SNS Topic, all devices subscribed will be notified
![Page 89: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/89.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
![Page 90: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/90.jpg)
v
How did we initiate the sending of the Push Notification to the
global SNS Topic?
But wait!
![Page 91: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/91.jpg)
v
Demo web page to send Push Notifications
Plain old Javascript and HTML! The website is a standard HTML site with Javascript. It is being served from S3, so no back-end servers The magic comes from the AWS Javascript SDK
![Page 92: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/92.jpg)
v
Demo web page to send Push Notifications
Topic ARN This is the topic we subscribed our application to when it started up
Cognito Role This is the IAM role we want to use – we’re using the unauthenticated ‘guest’ role in this demo
Cognito Identity Pool ID This is the specific Cognito pool we want to use for authentication
![Page 93: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/93.jpg)
v
Demo web page to send Push Notifications
![Page 94: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/94.jpg)
v
Demo web page to send Push Notifications
![Page 95: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/95.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
![Page 96: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/96.jpg)
v
Amazon Cognito
Sharing data between devices
![Page 97: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/97.jpg)
v • Goals:
• User is authenticated with Facebook
• Each time they modify gadgets in the app, the state of the gadgets is synchronized with all other devices using the application (for that user account)
• Verify these shared data changes in a companion web page, where the user is also authenticated with Facebook, and is the same user principal
Next App: Shared application data
![Page 98: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/98.jpg)
v
Add a Web application to FB
![Page 99: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/99.jpg)
v
Add a Web application to FB
S3 bucket name We’re using S3 to serve the web site in this example, but you can use CloudFront, or EC2, or use a CNAME
![Page 100: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/100.jpg)
v
Javascript code to read Cognito Sync Data
Instantiate the CognitoSync object It will inherit the Cognito credentials from those we obtained earlier from our call to CognitoIdentityCredentials()
![Page 101: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/101.jpg)
v
Javascript code to read Cognito Sync Data
Specify our parameters We need to specify the DatasetName that we want to connect to, and the Cognito Identity information as shown
![Page 102: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/102.jpg)
v
Javascript code to read Cognito Sync Data
Call CognitoSync::listRecords() …and provide our params and a callback
![Page 103: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/103.jpg)
v
Javascript code to read Cognito Sync Data
OnSuccess() …iterate the results and do something interesting with the data records
![Page 104: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/104.jpg)
v
Demo App Web Page The web page has access to the shared data when authenticated as the Facebook User
Mobile application
…and the mobile application has access to
the same shared data if the user is logged on to Facebook as the same
user
![Page 105: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/105.jpg)
v
Our Media App’s wish-list of features q Upload & Download media files to/from S3 buckets
q Grant anonymous but secure access to AWS resources in our account
q Grant authenticated access for users that log in via Public Identity Providers
q Send push notifications to mobile devices
q Store the media library inventory in the cloud so it can be queried by many users
q Provide partitioned access to the media library based on Public and Private views
q Synchronise user data across devices
q Make all this available across devices (iOS, Android, Kindle) and web
q Convert uploaded video files to various mobile/web formats
![Page 106: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/106.jpg)
v
We covered a lot of ground in this deep-dive session!
![Page 107: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/107.jpg)
v Amazon Cognito
Amazon SNS Mobile Push
DynamoDB Connector
S3 Connector
SQS Connector
User identity & data synchronization service
Store any NoSQL data and also map mobile OS specific objects to DynamoDB tables
Powerful Cross-platform Push notification service
Easily upload, download to S3 and also pause, resume, and cancel these operations
Access distributed buffering and queuing service
AWS Mobile Services
![Page 108: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/108.jpg)
v Amazon S3
Amazon Elastic Transcode Service
Amazon CloudFront
Amazon Elastic Beanstalk
Amazon Identity and Access Management
Online file storage web service
Content Delivery Network (CDN)
Highly scalable, media transcoding in the cloud
Platform as a Service (PaaS)
Securely control access to AWS services and resources for your users
AWS Services & Features
![Page 109: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/109.jpg)
v Fully integrated AWS mobile SDK
Cross-platform,
optimized for mobile
Automatically handles intermittent and latent
network
AWS Mobile SDK
Reduced memory footprint Common authentication method across all services
![Page 110: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/110.jpg)
Online Labs | Training
Gain confidence and hands-‐on experience with AWS. Watch free
Instruc;onal Videos and explore Self-‐Paced Labs
Instructor Led Classes
Learn how to design, deploy and operate highly available, cost-‐effec;ve and
secure applica;ons on AWS in courses led by qualified AWS instructors
Validate your technical exper;se with AWS and use prac;ce exams
to help you prepare for AWS Cer;fica;on
AWS Cer9fica9on
h<p://aws.amazon.com/training
![Page 111: Mobile Application Development](https://reader030.vdocument.in/reader030/viewer/2022032505/55c5217cbb61eb9d338b45a4/html5/thumbnails/111.jpg)
v
Thank You