JSONExport is a desktop application for Mac OS X which enables you to export JSON objects as model classes with their associated constructors, utility methods, setters and getters in your favorite language.

Technical Note TN2232: HTTPS Server Trust Evaluation

If this trust evaluation fails, the client refuses to connect. This can happen for a variety of reasons, some benign—the server might be using a self-signed certificate, an intermediate certificate is missing, and so on—and some malicious—the server is an impostor, looking to steal the user’s data. This document describes the reasons why server trust evaluation can fail, and how this problem can be resolved while not compromising the user’s security.

OAuth2 for iPhone and iPad applications

  • A client requests access to a provider’s service using its own unique client ID and secret token.
  • The user logs into the service directly (using a web page on the provider’s server) and grants the client permission to access.
  • The provider redirects the user to a URL unique to the client passing along a verification code in the query string.
  • The client verifies the authorization request and uses the verification code from step 3 to obtain an access token.
  • The client may periodically refresh the access token when it expires.

Flow Chart 和 UI Flow

上圖只是簡單的流程示範,不過是隨口多一句「喂、幫我加個驗證碼功能」,Flow Chart 就會突然肥一截。真正的會員登入驗證還有更多花樣以及安全性考量,比如登入錯誤 3 次就多提示一句「忘記密碼」等等,更狠的直接鎖帳號請使用者找客服申訴。Flow Chart 和 UI Flow 相輔相成,甚至是先有 Flow Chart 才有 UI Flow 。在沒有 Flow Chart 、不知道要處理多少判斷時就產出 UI Flow,規劃不周掉頁面漏功能的機率非常非常高。

