Networking and Security in iOS Applications
You will learn to extend your knowledge of making iOS apps so that they can securely interact with web services and receive push notifications. You'll learn how to store data securely on a device using Core Data. You’ll also learn to securely deploy apps to the App Store and beta users over-the-air.
The format of the course is through a series of code tutorials. We will walk you through the creation of several apps that you can keep as a personal app toolbox. When you make your own apps after this course, you can bring in these capabilities as needed. When necessary we pop out of the code tutorials to talk about concepts at a higher level so that what you are programming makes sense.
Upon completing this course, you will be able to:
1. Post Facebook, Twitter, Sina Weibo, Tencent Weibo messages to social media using single sign-on on behalf of a user.
2. Use OAuth 2.0 to securely authenticate to Instagram and retrieve photos on behalf of a user
4. Describe JSON’s syntax
5. Write well-formed JSON
6. Work with JSON data objects in Objective-C
7. Appropriately set the security settings for App Transport Security in iOS 9.0
8. Use http, https and https with perfect forward secrecy to fetch web resources
9. Obtain permissions to receive local push notifications
11. Write an app that can send and receive local push notifications
12. Obtain permissions to receive remote push notifications
13. Write an app that can receive remote push notifications
14. Authenticate using Apple’s cryptographic services such that the developer can use 3rd party infrastructure to send remote push notifications to their app.
15. Securely store data on the user’s device.
16. Authenticate using Apple’s cryptographic services such that they can deploy an app to the app store
-Welcome to this course on Networking and Security in iOS Applications. Our focus in this course is very practitioner oriented. We want to get you up and running using social networking integration with single sign-on, basic OAuth2 functionality, secure JSON web APIs, cryptographically secured push notifications, and secure data storage so that you can get apps into the iTunes ecosystem and out into the marketplace. This course will have several code sessions in which we walk you through the process of building apps, some of which you will also build for peer review assignments. Interspersed with the tutorials we will take time-outs to cover the basics of some concepts that might be mysterious without a more formal treatment. Our hope is that you come out of this course knowing more (of course!) and having several projects that you can refer to in the future when you want to incorporate these techniques into your apps - your personal app toolbox. The intensity picks up from the previous course in this Specialization, so get ready!
Using Secure Web APIs: an Instagram Case Study
-Now it's time to consider what we are going to do if we want to work with web services that aren't deeply integrated into iOS. There are hundreds (thousands?!?!) of them. Most of them require authentication via the OAuth 2.0 protocol. In this week's lessons we will walk through an example of getting a photo from Instagram on behalf of a user. This week is also a code tutorial in preparation for your peer review assignment, but in the middle we need to step back from coding to cover some basics: How do we use a UIImageView? What is OAuth 2.0 anyway? What is JSON and how do we read it? What's the big deal about http vs https anyway?
Don't be so pushy!
-In this week we will look at several aspects of push notifications. Those are those alerts that show up at the top of your iOS interface when an app wants to get your attention. There are several ways that they can be initiated. They can be initiated from an app on a local device, or they can be initiated by a remote server somewhere on the internet. Obtaining permission to post those notifications requires lots of steps, certificates, passwords etc. We'll walk you through it all. This week we start with a high-level overview of the iOS app lifecycle. Then we will do three code tutorials. The first will be the one that you will need to do the peer-review assessment. It's a basic countdown timer that sends a notification at a specific time. The second will show you how to make it all fancy with custom actions. The final one will be for remote notifications. Since remote notifications require an Apple developer account ($$$) we won't assess you on it, but if you have one you can try it out on your own and add it to your personal app toolbox.
-In this week we look at method of securely storing data on the iOS platform called Core Data.