Create Small Database in Android for Remote Access by Multiple Users - java

New to android programming and want to save basic student information in a database. What is the easiest and simplest way to store this data so it can be accessed by multiple devices remotely at any time? I know that android supports sqlite but this seems to be only locally on one device. Any ideas or suggestions?Eventually want to publish application on google play and want users to be able to see students names in their class for each class.

If you're not interested in setting up and maintaining a remote server, Firebase is fast, free to get started, and operates in realtime:
https://firebase.google.com/docs/database/

It seems you've answered your own question :) Place your relational database, such as MySQL, on a remote server. Create an API that performs CRUD operations on the database tables.
Then issue requests to the API in your android app: https://developer.android.com/training/volley/index.html

Yea you basically answered your own, I highly recommend using retrofit2 for android for http requests.You’ll use annotations to describe HTTP requests, URL parameter replacement and query parameter support is integrated by default. Additionally, it provides functionality for custom headers, multipart request body, file uploads and downloads, mocking responses and much more.
Here is great link to get started on your way to happy life:)
Ideally you would want to create your server to handle request and give responses, and android client for those request, if you are going the custom route you probably want a node.js server, or php server. You can even use socket.io to spice things up for real time communication, or maybe some notification system from firebase. Firebase is awesome, it handle all the aforementioned.
For the database portion if you decide not to use Firebase, please do not Raw SQLite you will have nightmares, use something like Realm it is NoSQL ,fast and easy to perform database transactions.

Related

How do I design a database for storing OAuth2 client details mapped to a given user using MySQL and Spring-OAuth2?

Background
I am trying to make a public facing API that is gated behind an OAuth2 workflow. I've found example database designs using JPA Repositories/Spring-OAuth2, which is the framework that I'm using. I basically have this application, which is currently using an InMemory authentication, which I'm trying to convert to pull the data from a database using JPA Repositories and a relational database design.
I did find this guy, but the problem is that it doesn't account for how the data is related to one another.
IE I was hoping that I could split the scopes into a separate table so it'd be as simple as adding additional scopes that are available for apps later on. I was also thinking of adding support for having types of OAuth clients, such as bots, website, desktop app, mobile app, etc.
I'm assuming there is some sort of a relationship between oauth_approvals, oauth_refresh_token, oauth_client_token and oauth_client_details. I want to also make sure that it's possible to map an oauth client to a user. Ultimately I'd like them to be able to have multiple clients.
For my current use case it's definitely overkill to have this flow, but I am using this application to learn about different technologies.
What I currently have
I'm sure this can be done better, if so how?
Questions
How do I properly make the relationship between the different components of an oauth client?
How can I make this so that I properly allow a user to have many clients?
How would I be able to dynamically get a client from the database, or is this handled through ClientDetailsServiceConfigurer.jdbc()?
How would I be able to add types of clients to the flow?
If you have additional questions let me know and I'll be more than happy to update my question.

Android: RESTful JDBC Proxy. Performance and Security

We wanted to use cloud backend for storing Android app data.
Our backend RDBMS is famous MySQL server which comes with MySQL Connector/J (an Official MySQL Network JDBC Adapter which can connect to remote MySQL database).
Now the problem is we cannot use this MySQL Connector/J in Android as its not developed for android. So what we did is, we created a REST class with four rest methods /query, /insert, /update, /delete. All these methods takes JSON Object which is wrapping parameters of respective Android ContentProvider methods. /query rest method returns a tabular resultset data in JSON format.
Then we wrote Android ContentProvider which is acting as a proxy to call our above rest methods. ContentProvider.query() method calls /query rest method and converts the received resultset JSON into Cursor for returning it.
With this architecture our server code become generic without having any business logic. And our Android app is unaware of whether the data is coming from cloud server or local database. Practically all this is working fine.
So the question is how much secure this architecture is? from the hacking point of view. And what will be the impact on Android App performance? Please help us with your valuable comments/answers.
You not should connect directly from Android app to Database (MySQL), it will give you not good performance.
I recommend for you buid Webservice API which will connect to Database and fetch, hence from Android app connect and fetch data from Webservice.
I hope this helpful for you.
Anybody can decompile your code, find this service and if he breaks your service security he can do nasty things with your database. He can browse your database, steal data, corrup data .. Crackers are searching for SQL injection on web - and you are providing direct database access.
Do not do that. Create a service for each use case that will validate/escape parameters and then call prepared JDBC statement.

JavaFX application with remote DB

I'm developing a desktop application in JavaFX with login system and some data that must be saved in a remote database. The question is: What it's the best way to stablish a database connection with each user with the server? Should I use a RESTful API or connect to database using the remote host just like if it was a local DB?
What kind of data are you looking to manipulate? Depending on exactly how much control you may need over the information (and how secure it must be?) if you don't need an absolutely synchronized view of the information (re: the server side app having a persistent connection to the client which is informed on change events and such) it may be best to just build up a RESTful API to do all of your grunt work between the two.
If you're coming to the RESTful api and also have to design it I suggest giving this a good read. Best Practices for a Pragmatic RESTful API

Is it safe to make a query from android to mysql?

I'm developing an app for Android which needs data of my server. My doubt is:
Is it safe to make a query from android to mysql?
Because... I was thinking to obtain a JSON with a PHP file, but I believe this is slower method. So, now i'm trying to make a query to mysql server without any PHP file, putting the password and the user of data base in the android project.
I need to know if someone could decompile my app and see my credentials in java files.
Are there other methods?
More than "safe", there's not a native way to send data from Android to a MySQL server. The correct way is implementing a web-service that receives the query (for instance, via HTTP POST), then handles it, connects to the local (or remote) database and executes the requested query (and possibly returns the result if needed).
As far as security goes, this seems to be a totally different question, but in this kind of architecture it seems that a Asymmetric encryption algorithm is what best fits this kind of transactions, as you can hardcode/download each time you need the public key for encrypting messages and they'll be only decrypted by the server side using the private key.
Hardcoding credentials into your app is pretty much a bad idea, because if someone who has some knowledge about this subject, will try crack you app, and if your app manages some financial sensitive data, they actually will try triplify efforts.
How to securely share key between two remote devices?
How dangerous might be publishing a public key?
You should be aware that people can always get the db user and password from the application. This allows them to login and drop your tables in the database.
Therefore creating a small web service that will do it for you gives you more security, since you can decide what operations is allowed to perform to the database.
Using a RESTful (in your case)PHP framework is the way to go. You can then use data from JSON or XML in your application. This way is definitely not slower. You can use this framework:
http://www.slimframework.com/
Or whatever your are using right now.

Wish to create desktop app that combines facebook and email accounts all in one go - stuck at the first hurdle?

first poster :)
As the title says, I am looking to create a desktop app which will notify me of changes on facebook and new emails, and the facebook part (the first part I've tried) is baffling me. I've never worked with an api before, and have no idea how to integrate facebook's api with this desktop helper I want to create. I will be using java to create this desktop helper.
Thanks in advance!
Here are few pointers for you to get started. Please feel free to ask for clarifications and I will edit my answer accordingly:
For facebook, you can actually pull all those info via their API. There are a lot of types for API, but Facebook specifically use REST API over http.
To simplify, think of it as making an http call with specific parameters and you will be getting an output back.
In order to use facebook API you need to understand their protocol including authentication/login and how to request for things that you want. This would require some reading to their documentation which is pretty complete and available at http://developers.facebook.com/docs/.
For the description of their API URL and the input/output documentation, you could directly jump to Graph API Documentation http://developers.facebook.com/docs/reference/api/.
In order to call their API via HTTP from Java, you could leverage HttpClient library from Apache Http Components project http://hc.apache.org/. They have plenty of tutorial and examples for how to make http call using HttpClient
For combining with all other emails accounts (per your question), you need to deal with SMTP or IMAP (whichever email protocol that you are planning to combine with Facebook). This is already built-in to Java via their Java Mail API collection
You then can poll this data on interval basis to get an update from Facebook and your mails
Once you have figured out how to get the data, the rest is just following a good MVC framework. That means separating out your presentation, data and controller (application logic). Make sure that you are separating the classes for #1 and #2 and each of them put their data to normalized data format that then get feed to your View (presentation layer)

Categories