Wednesday, February 15, 2017

Password Reset Flow With Native Android

The Problem Scenario

I want a native Android application that will pull the user back after they have used their mail/SMS client to continue the password reset flow:

  1. using the native app, our user requests password reset via email or SMS
  2. the user presses link in their email or SMS client
  3. the user opens the native app to complete password reset
We write native applications for a richer user experience. For all of the valid security reasons the password reset must be out of phase. By pulling the user back into the native app to complete the password reset flow we can guide them to the native experience that we want to provide. (that we have spent money and time creating)


The scenario is defined by the following two gherkin test cases.
Given the user has submitted a password reset
And the system has emailed the long url with the website's address
When the user presses on the link in their phone's mail client
Then the native android app is offered to handle the URL
And when the user chooses the native android app they are taken directly to the screen to save a new password
Given the user has submitted a password reset
And the system has sent an SMS with a bit.ly shortened URL
When the user presses on the link in their phone's SMS client
Then the native android app should be offered to handle the URL
And when the user chooses the native android app they are taken directly to the screen to save a new password

The Android Activity Registration

In Android we can provide one Activity that handles completing the password reset flow. That Activity needs the appropriate intent filters so the operating system knows it can handle the long and the short URLs:

<activity
    android:name=".authentication.CompleteResetPasswordActivity">
    <intent-filter>
        <action android:name="android.intent.action.VIEW"/>
        <category android:name="android.intent.category.DEFAULT"/>
        <category android:name="android.intent.category.BROWSABLE"/>
        <data android:scheme="https" android:host="${host}" android:pathPrefix="/passwordreset"/>
    </intent-filter>
    <intent-filter>
        <action android:name="android.intent.action.VIEW"/>
        <category android:name="android.intent.category.DEFAULT"/>
        <category android:name="android.intent.category.BROWSABLE"/>
        <data android:scheme="https" android:host="m.my.bitly.domain"/>
    </intent-filter>
</activity>

Did you see that "${host}". That is resolved in build.gradle via:
....
buildTypes {
   debut {
      ...
      manifestPlacehodlers = [host:"qa.mydomain"]
   }
   release {
      ...
      manifestPlacehodlers = [host:"www.mydomain"]
   }
...

The Code

Android delivers the URL pressed by the user via the getIntent().getData() method. Which is an android.net.Uri instance. Play with it. Massage it. Turn it into whatever you want. For the url shortened Uri you will of course have to resolve that thing into the full URI. Perhaps you will be using either the REST or Android bi.ly API -- https://dev.bitly.com/.

You will notice that your CompletePasswordResetActivity is launched as the root of it's Task that has affinity to the email or messaging app. Tasks are tricky in Android. These aren't things I've had to deal with much in the past. But tasks and task affinity are things you will need to understand if you want to provide this type of user experience. But that's all I'm going to say about that here. Dealing with the task and getting the user back into the "main task" is worthy of it's own post.

Quality Assurance

There are a plethora of scenarios to test. For the email flow, does the user use gmail, outlook-web, some other web client, some other native mail client? For SMS you have each carrier's custom messaging client as well as Hangouts and other options from Google. I have so far tested with:

  • my Project Fi Nexus 6. I am stuck with Hangouts.  It does NOT work. Hangouts launches the link into it's own internal browser.
  • a Verizon Motorolla Droid.  That phone has Messaging, Messaging+ (Verizon's offering), and Hangouts. The above solution works as expected in all three SMS clients. We can open Gmail and press the full URL link as well.

So.... More testing is needed. Samsung has a wide following for sure. So I'll test on a few flavors of those.

Friday, September 16, 2016

Android Font Settings To Enable Font Variants

Today I learned that fonts often have settings to enable alternate representations of particular characters. For example Gotham is not a monospaced font.  However, if you enabled the "tnum" setting for your Android TextView, then the font will render as monospaced. That is cool!

It appears Android is supporting a W3 standard with this feature. The documentation has a link that references CSS Fonts. Furthermore, this method was added as part of API 21. So unfortunately your users on older API will not see the awesome column layout you can produce.

Android TextView Documentation

In code this would look something like this:
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {    grandTotal.setFontFeatureSettings("tnum");}
or perhaps you are targetting API 21 and can apply the XML setting so that any string put into the field uses the "tnum" or other settings:

<TextView   
    android
:id="@+id/grand_total"
    android:layout_width="wrap_content"
    android:layout_height="wrap_content"
    android:fontFeatureSettings="tnum"
    tools:text="$30.35"/>

Or perhaps you are targeting API 19 and your TextView has a style set that you can override in the values-21 directory:

<TextView
    android:id="@+id/three"
    style="@style/example"
    android:layout_width="wrap_content"
    android:layout_height="wrap_content"
    android:text="$20.13" />

Then you can define a base style configuration in values/styles.xml
<style name="example"> <item name="android:textSize">24sp</item> </style>
and then apply the fontFeatureSettings in values-v21/styles.xml
<style name="example"> <item name="android:textSize">24sp</item> <item name="android:fontFeatureSettings">tnum</item> </style>
I think the screenshot below with two emulators illustrates the difference well. You can clearly see that the columns do not line up between the three TextView fields.
On the right with "tnum"



Tuesday, August 30, 2016

Constant Code Reivew

Pair programming is constant code review.

Is there a column on your Kanban board for "Code Review"? Do you pair program? Why would you need that code review column?  That column is counter intuitive. It is not an agile software practice. I am not proposing you never code review. Actually the opposite. You are more likely doing constant code review.

We know that bugs are easier to fix the earlier they are found. So we pair program. Fix the bug as soon as it's typed with an attentive pair. You save time by doing it right the first time. Each time you or your pair inadvertently types a bug is a learning/teaching opportunity. Use these moments to talk and internalize how that bug came through and make a mental note to not let it happen again. When you make the mistake is the best time to learn from the mistake. So make sure your pair is being attentive and reviewing the code you type.

How big are your stories? Do they take more than one pairing session? Every time you pair-switch the incoming person should be reviewing the code. The review should cover the design patterns in use as well as looking for typical pitfalls where bugs crop up. Sure, there are probably other things that happen during pair switch. Make sure you review the code that came before! Maybe your stories are not bigger than one pairing session.  It does not matter.  Hold your pair accountable to be an active copilot.

The Agile Manifesto says "Individuals and interactions over processes and tools".  A code review column is putting process over your team members. We already established that you are pair programming. Why would you need to declare code review only happens after the pair team thinks the story is complete. What!? That doesn't make sense. How can the story be finished if it still needs a code review. Invest in your people. Don't let them use a code review column as a safety net that catches problems. The tightrope walker that has no net is much better at their craft than the one using a net.  They have to be or it's a really short career (grin). Take away your safety net to get better at YOUR craft.

Saturday, December 27, 2014

Quick Android Ringtone

My son was making himself at home in his Android phone Christmas present yesterday. He wanted a particular guitar solo as his ringtone.  Here's how I put it together. Spoiler alert, it's much easier than this:

  1. Slice out the guitar solo using itunes
  2. Convert the MP3 to ogg
  3. Added the ANDROID_LOOP metadata
  4. Copied the ringtone to the phone

Slice out the guitar solo using itunes

You can configure iTunes to export songs in MP3. You can also tell iTunes to start/stop playing at certain points in a song.
  1. select the song you want to use
  2. CMD-I to open the settings dialog
  3. Go to the Options tag to enter your start/stop time. This will likely take some fiddling to get the slice you want. With these set, the song will only play this section.
  4. Now open the File menu -> Create New Version -> Create MP3 Version
  5. You probably want to go back to the CMD-I properties dialog to clear the start/stop time of this song

Convert the MP3 to ogg

A drag-n-drop later I had an ogg file out of the mp3 by using Media Human. This ogg will work as a ringtone. However there is a long pause before it loops. This is not what we wanted. 

Added the ANDROID_LOOP metadata

I found Audacity to add the loop metadata key/value pair. Drag-n-drop the ogg file into Audacity. Then File menu -> Export Audio. Choose your destination file location and press the Save button. Now you get a new dialog where you can enter the new metadata key/value pair: ANDROID_LOOP:true.

Copied the ringtone to the phone

Android File Transfer works slick. Drag-n-drop the file from a Finder window into the Ringtones directory of android file transfer.  You don't have to disconnect the USB cable, navigate on your phone to Settings->Sounds and pick your ringtone!

Conclusion

In the end I could have just used Audacity since my music library is already MP3 format. I did not have to get iTunes to export an AAC into MP3. Audacity will let you select a section of song by clicking and dragging. Then further adjust the start/stop points. Simple go to the same File menu -> Export Selected Audio.

Sunday, March 23, 2014

Scala Play Framework Template Imports

The template compiler is pretty sweet. Using a template like a function is awesomely simple.  If you have a bit of html code that makes up a reused block on more than one page you just factor it out to it's own ___.scala.html. Then reference it with the "magical" @ character.

However, the error messages that the template engine provides are less-than-detailed. I had created a subdirectory named: app/views/tags. When I tried to use one of the template functions out of that directory I got the error: not found: value gallery

So let's take a look at the important parts.

I have templates:

  • app/views/main.scala.html
  • app/views/tags/gallery.scala.html
With this as the important parts of main.scala.html

@(artist: models.ArtistModel,
      tags: List[String])(implicit artistModel: Option[models.ArtistModel]) @import tags._
.....
...
@gallery()....
Hmmmm, "not found: value gallery"? Why can't it find gallery? I imported it. It's formed correctly. Well, this is painfully obvious now, but it took a few minutes for me to reconcile that the "tags: List[String]" is clashing with the "@import tags._" 

More on the Play Framework Templates

Saturday, February 23, 2013

Are You Following the Golden Rule?

Well, are you? I'm often asking my sons that exact question. The Golden Rule: Treat others the way you want to be treated. Pretty simple. No room for interpretation. I may have heard it growing up. I don't remember. The Golden Rule was core to the culture at (the company formerly known as) A.G. Edwards & Sons. Ben Edwards often referenced it in his monthly news letters as he visited branches. Mr. Edwards would inevitably digress to how the food tasted and how that branch was following the golden rule. But now I digress.

It occurred to me the other day that The Golden Rule should not just be about how you treat other people. But how you think about other people. To my sons (11 and 8 at this time) this applies to knowing without hesitation that there is no need to say, "Stephen, don't break it!" But as software developers, we should remind ourselves, "This crap code I'm looking at, well, I'm sure the person who wrote it had good intentions and isn't just an idiot." Because remember, the crap code you're looking at just might be your own.

Tuesday, October 2, 2012

Logging Configuration for Testing

I realized this morning that putting the name of the test in the logging frameworks (log4j/slf4j) Mapped Diagnostic Context (MDC) gives great context to every logging statement. I'm not sure why I didn't do this before. Well, I've always had a different log4j (and now slf4j) configuration file sitting in src/test/java to change the level of local classes while executing tests. This configuration almost always goes to the console where the main code will log to a file.
This example uses log4j but slf4j has the same MDC class.
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
  <appender class="org.apache.log4j.ConsoleAppender" name="console">
    <param name="Target" value="System.out" />
    <layout class="org.apache.log4j.PatternLayout">
      <param name="ConversionPattern" value="%d{ISO8601} %X{testMethod} %-5p %c - %m%n" />;
    </layout>
  </appender>
  <root>
    <priority value="debug" />
    <appender ref="console" />
  </root>
</log4j:configuration>
Then, in Java, you'll need a custom TestWatchman that uses the same string 'testmethod' as seen above inside the french braces %X{testMethod}):
/**
 * This helpfull little thing works in concert with the log4j configuration.
 * There are two steps to it's use:
 * <ol>
 * <li>declare a Rule in your test: @Rule public TestNameMDC testNameMDC = new TestNameMDC();</li>
 * <li>include the %X in the log4j pattern: %X{testMethod}</li>
 * </ol>
 * Note that the 'testMethod' in french braces above must match the {@link #MDC_KEY} defined here.
 *
 */
public class TestNameMDC extends TestWatchman {

  private static final String MDC_KEY = "testMethod";

  @Override public void starting(FrameworkMethod method) {
    MDC.put(MDC_KEY, method.getName());
  }
 
  @Override public void finished(FrameworkMethod method) {
    MDC.remove(MDC_KEY);
  }

  public String getMethodName() {
    return (String)MDC.get(MDC_KEY);
  } 
}