Mobile User Authentication with On-Premise LDAP Server / Social Login using IBM Mobile Foundation
‘My ‘My W Ward’ ’ – wh what is t is th the a app a about
Ser Servi vices ces used used
IBM Mobile Foundation V8 {API} Mo Mobile optimized Backe Ba kend logic and Ap App Lifecycle RE REST APIs enter ent erprise e Management Ma Of Offline Sync Ma Manage Feature in integratio ion wi with on Release using Live Re De Device data Up Update IT Business Operations AI AI Model Distribution Teams Teams Mobile Mo Adapter auto Ad Projects Pr ge generation on f for or a any Co Comprehensive Ba Backe kend RE REST Se Security and Cloud and ud Mobile Mo Fu Function ons A APIs Is Development Analytics with An Adapters for Ad Ri Rich Push Crash and Cr Cognitive services Co notificat no cation Flexible Hosting Choice Alert Al SDKs SD Ks Mo Mobile Digital App Builder Di Starter Pr St Projects, Fo Found undation n Dev Re Ready Apps, and Admin CLIs an Is Sa Samp mples
IBM Mobile Foundation Architecture Web Server to host We Web artif ifacts Backend /api Mobile Foundation V8 Se Secured Mobile Adapters rs RE REST ST APIs App App Backend layer) On On-pr prem HT HTTP • Se Serve vers el API End points Microservice la App Au Ap Authenticity § Cl Cloudant • REST anno RE nnotated § App Checks Ap ksum § Cogniti tive • Java Ja MF Clie MF lient Devi De vice § /api servi se rvices Ja Javascript § white telist/ t/blackl klist SDK SDKs Cogniti tive NLU & • De Define sc scopes s § Certi tificate te pinning § Conversati tion and polici an cies es check ch ecks Open Whisk Op • Auto-Gen Au Gen § API Gateway (Mi App lifecycle, Versio Ve ion enforce § Rules Rule framework fr crash analytics, annel Authoriza zation § Server Se security, push, chan app authenticity Omni-ch events on on Ana nalyt ytics Offl Offline Sync Push ush Om API Cloud Cl oud Di Direct & Toolin Tooling Consol Console App Distribution Ap Li LiveU eUpdate ate Rich Ric h CLI LI • /api Platform Services RMAD* RM • St Standalone server • /api Samples, SD Sa SDKs • CI/CD DevOps PLAN DEV BUILD TEST DEPLOY PROD
Ba Base pattern – Hyb Hybrid id m mobile ap ile app wit with clo cloud n nat ative b ive back acken end Code - https://github.com/IBM/Ionic-Mobile Foundation-App/
Mo Mobi bile User Au Auth thenti ticati tion pa patte ttern – bu built t on ba base pa patte ttern
Components setup 1. Create Cloudant database and populate it with sample data 2. Create IBM Cloud Object Storage service and populate it with sample data 3. Setup LDAP server and Secure Gateway Client 4. Register Android App with Google and Facebook for Social Login
Architecture flow diagram
this.fb.login(['public_profile', 'user_friends', 'email']) Sign-in service .then(res => { if(res.status === "connected") { …. 2 var accessToken = res.authResponse.accessToken; … Provider Cloud CLOUDANT OBJECT 3 Maps STORAGE SDK Mobile Foundation SDK 1 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter facebooklogin()
Sign-in service Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 4 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter WLAuthorizationManager.login(this.securityCheckNameSocial, credentials)
Validate the accesstoken HTTPS GET https://graph.facebook.com/ Sign-in service 5 Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter
Sign-in service Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 6 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter Receive the authenticated user information from the securitycheck
@GET @OAuthSecurity(scope = "socialLogin") Sign-in service @Path("/socialLogin") @Produces("application/json") public Response getAllEntries_sl() throws Exception { … } Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation 7 SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter
@GET Sign-in service @OAuthSecurity(scope = "socialLogin") @Path("/socialLogin/objectStorage") @Produces("application/json") public Response getObjectStorageAccess_sl() throws Exception { … } Provider Cloud CLOUDANT OBJECT Maps STORAGE Mobile Foundation 8 SDK SDK MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter
Mobile app initializes image-caching plugin Uses the authorization token to fetch the images from Object storage. Mobile app displays the data obtained Sign-in service from MFP adapter as a list of items. The image caching plugin running on the mobile app downloads and caches images from Cloud Object Storage. Provider Cloud 9 CLOUDANT OBJECT Maps STORAGE Mobile Foundation SDK SDK 10 MOBILE FOUNDATION User Ionic application Social Login Resource security check Adapter
Sign-in service 2 5 Provider Cloud 9 CLOUDANT OBJECT 3 Maps STORAGE 6 7 8 SDK 10 Mobile Foundation SDK MOBILE FOUNDATION User Ionic application Social Login Resource 4 security check Adapter
<property name="ldapURL" defaultValue="ldap://caplons.integration.ibmcloud.com:11111" displayName="The LDAP Server URL"/> Provider Cloud Customer Data center CLOUDANT OBJECT Maps STORAGE 6 Mobile Foundation 5 7 SDK 4 8 Secure Enterprise Gateway LDAP Server Client SECURE GATEWAY 3 2 1 MOBILE FOUNDATION User Ionic application LDAP security Resource login() check Adapter WLAuthorizationManager.login(this.securityCheckName, {'username':username, 'password':password})
Demo
Resources - Links 1. DevOps with Mobile Foundation 2. In App Feedback for obtaining direct feedback from end users 3. PWA Support 4. React Native SDK 5. Security Capabilities 6. Offline Sync 7. Low code App Development • Other Useful Links v Industry Ready Apps v Mobile Blogs v Dev Center v Stack Overflow v Slack v Get Help
Resources – Code Patterns 1. Develop a hybrid mobile app with a cloud-native back end https://developer.ibm.com/patterns/develop-hybrid-mobile-app-with-cloud-native-back-end/ https://github.com/IBM/Ionic-MFP-App/ 2. Secure mobile offline synchronization https://developer.ibm.com/patterns/secure-offline-synchronization-ibm-mobile-foundation/ https://github.com/IBM/MFP-JSONStore-OfflineSync 3. Mobile User Authentication with On-premise LDAP Server/Social Login using Mobile Foundation https://developer.ibm.com/patterns/implementing-mobile-user-authentication https://github.com/IBM/MFP-Auth-LDAP/ 4. Tag-based push notifications using IBM Mobile Foundation https://github.com/IBM/tag-based-push-notifications
Recommend
More recommend