tag:blogger.com,1999:blog-124470722012-01-27T16:46:03.935-05:00When you don't have anything nice to say, well then perhaps its time consider a career as an analyst.Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.comBlogger1872125tag:blogger.com,1999:blog-12447072.post-78253488650902018632012-01-27T16:46:00.001-05:002012-01-27T16:46:03.941-05:002012-01-27T16:46:03.941-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/lwT725yTXGOdd2oohZ6ufkMUD1ITi7NhyPbng2LuuS9LfmvvZCiQG8aTsesY/Screen_shot_2012-01-27_at_4.44.png"><img alt="Screen_shot_2012-01-27_at_4" height="421" src="http://getfile3.posterous.com/getfile/files.posterous.com/paulmadsen/A6uOfpVsD4XOf9sxUMasxiH6JtlzlrEBtN1ta9z6hhovbhygcmoxijorMMd4/Screen_shot_2012-01-27_at_4.44.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-14144">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-7825348865090201863?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/nAy_14Duqjk" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-91102587625527607142012-01-27T06:54:00.001-05:002012-01-27T06:54:20.444-05:002012-01-27T06:54:20.444-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile0.posterous.com/getfile/files.posterous.com/paulmadsen/gBKnzXHN7fWVg5DN2U1jZoP16buh1bzS217GDP6jRb5ijIVqI41RDRyrDalS/Screen_shot_2012-01-27_at_6.52.png"><img alt="Screen_shot_2012-01-27_at_6" height="388" src="http://getfile1.posterous.com/getfile/files.posterous.com/paulmadsen/lzFtYH93iV1ummwRaTGMJ8Ef9tblO3Wshx7zzenKE9kyi7HTOzEPBH5VsxV8/Screen_shot_2012-01-27_at_6.52.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-byod-41887">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-9110258762552760714?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/7QNNsdcAqj8" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-91279821020011935672012-01-26T06:21:00.001-05:002012-01-26T06:21:03.569-05:002012-01-26T06:21:03.569-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2012-01-26_at_6" height="458" src="http://getfile6.posterous.com/getfile/files.posterous.com/paulmadsen/OeUsNp8I2KdNDY41B1sNfFTdKfYGCR4fkc1nz9ks8qUldxQQR4Nh6JWWHuT2/Screen_shot_2012-01-26_at_6.19.png" width="466" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-byod-mdm">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-9127982102001193567?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/qvhfE0xDAJE" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-87811156121475564882012-01-17T09:50:00.001-05:002012-01-17T09:50:05.586-05:002012-01-17T09:50:05.586-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile1.posterous.com/getfile/files.posterous.com/paulmadsen/wjcPTZDljjCGFo27hzDN112QQzFHZELIVmtxnYNiMxlgJdX0McvuewhZW6F3/Screen_shot_2012-01-17_at_9.46.png"><img alt="Screen_shot_2012-01-17_at_9" height="259" src="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/Z9lJtBwJdiCxEGlbtpAOTFFnwwGzPASAylvwFj25PbKq9dkCWUNqDmgF6RVB/Screen_shot_2012-01-17_at_9.46.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-92631">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8781115612147556488?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/nlo8qrb0Lb4" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-77054222700437548112011-12-24T08:18:00.001-05:002011-12-24T08:18:44.289-05:002011-12-24T08:18:44.289-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/CMsTx01bE6EL3RQ0Zi1eypGgiVbjupCl1cLvvPr5xKM3Il68tqnxErfVcCyr/Screen_shot_2011-12-24_at_8.17.png"><img alt="Screen_shot_2011-12-24_at_8" height="320" src="http://getfile3.posterous.com/getfile/files.posterous.com/paulmadsen/X62WWnnsHEeQZKCXkSZAMcXg4xfTrheaeUJ2aDYNEBXaY1H6uKrytn33RHjL/Screen_shot_2011-12-24_at_8.17.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-21970">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-7705422270043754811?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/NHp-yIKmdks" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-35539222790829463762011-12-23T15:00:00.001-05:002011-12-23T15:00:08.929-05:002011-12-23T15:00:08.929-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile8.posterous.com/getfile/files.posterous.com/paulmadsen/27ezknXUiWD0hIBnnX3w5prbhcY5GoJq5TvKo5nYM7mj6KGoVj6IANpOB6lb/Screen_shot_2011-12-23_at_2.58.png"><img alt="Screen_shot_2011-12-23_at_2" height="318" src="http://getfile9.posterous.com/getfile/files.posterous.com/paulmadsen/Wiz0fP9TyY4RnqwkSrHwdsynAPdXVHtoCeDxvWgypqA5MeV8ynfDB9hpfx73/Screen_shot_2011-12-23_at_2.58.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-tripit-46378">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-3553922279082946376?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/_tqYtpJr_ws" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-34079094972531698882011-12-23T09:23:00.001-05:002011-12-23T09:23:47.478-05:002011-12-23T09:23:47.478-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/ApXLX1AXX8HkbjGPAVaoN8RNlxmMTrY6dvgrjqGL3mBdXcsyOK5FbtqkChff/Screen_shot_2011-12-23_at_9.22.png"><img alt="Screen_shot_2011-12-23_at_9" height="405" src="http://getfile3.posterous.com/getfile/files.posterous.com/paulmadsen/TGTqzeWAurPCx7GQ4UCW5C0fyjN4lOswrfJ6SVEM3tp0xdqGPdJqTs9ciXMn/Screen_shot_2011-12-23_at_9.22.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-72451">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-3407909497253169888?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/YLrEfiVw2yY" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-58723696872887866202011-12-22T17:42:00.001-05:002011-12-22T17:42:41.426-05:002011-12-22T17:42:41.426-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile8.posterous.com/getfile/files.posterous.com/paulmadsen/EURmH7t2yMPIWZFaSznDNoYWK8yGFnaEI6NB6DCFaAC0vviqcbFrGQFuM1pb/Screen_shot_2011-12-22_at_5.40.png"><img alt="Screen_shot_2011-12-22_at_5" height="232" src="http://getfile9.posterous.com/getfile/files.posterous.com/paulmadsen/iCLlmqcv3DcLvuNkqwGrDakiC8ePARWeDxoQvVL3QpVbz0L1XG5rPCSLifju/Screen_shot_2011-12-22_at_5.40.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-81680">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-5872369687288786620?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/76QbLS0UPmE" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-88537930313427890912011-12-22T17:04:00.001-05:002011-12-22T17:04:02.460-05:002011-12-22T17:04:02.460-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2011-12-22_at_5" height="478" src="http://getfile4.posterous.com/getfile/files.posterous.com/paulmadsen/tLf6UfapzLiYEW8lkZ5dLufOmaL4vLacWidYNzV8cXlVRZkyBYVN7EgFdT2c/Screen_shot_2011-12-22_at_5.01.png" width="469" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-72916">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8853793031342789091?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/RNbClGjnQrY" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-36021564735402041282011-12-22T08:24:00.001-05:002011-12-22T08:24:24.718-05:002011-12-22T08:24:24.718-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile3.posterous.com/getfile/files.posterous.com/paulmadsen/OZM1nuVW7k6oud3PMG2sfLyVI14NhnFKsZ8TIYEQRtTP3NPZxKCUqjMYJXck/Screen_shot_2011-12-22_at_8.23.png"><img alt="Screen_shot_2011-12-22_at_8" height="316" src="http://getfile4.posterous.com/getfile/files.posterous.com/paulmadsen/SkqOPUanpnFUvPyILDAM7BEZ7QjzNMXRcflyDBmEqGlgrm0dbkbftRSJVlHG/Screen_shot_2011-12-22_at_8.23.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-byod">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-3602156473540204128?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/3qCgZrhyfC0" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-13211605094652039862011-12-21T08:40:00.001-05:002011-12-21T08:40:37.278-05:002011-12-21T08:40:37.278-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2011-12-21_at_8" height="508" src="http://getfile0.posterous.com/getfile/files.posterous.com/paulmadsen/BaK4NQHpGsvn4P7m4aN0xeL78Pa5o4liy1OvpAo6XRkeaEkXMXesMlMWlOdg/Screen_shot_2011-12-21_at_8.38.png" width="486" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-spml-scim">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-1321160509465203986?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/BBZT6HygjF8" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-80872517772191711352011-12-20T05:34:00.001-05:002011-12-20T05:34:51.911-05:002011-12-20T05:34:51.911-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/cmXWsGur1GvueZ0O5DgZDvhBktnqN6Q1T19FkHPyBCxXo0hA2SITIG6nK4Wa/Screen_shot_2011-12-20_at_5.33.png"><img alt="Screen_shot_2011-12-20_at_5" height="369" src="http://getfile3.posterous.com/getfile/files.posterous.com/paulmadsen/zW6Yha6CzyALqLQUxOtFhEDjAKO6RVdGiDSYi5oyC2kuuw9uyrxMDfHTxkZt/Screen_shot_2011-12-20_at_5.33.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-93334">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8087251777219171135?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/kTqv63TdyEE" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-50588208498127358162011-12-19T06:43:00.001-05:002011-12-19T06:43:05.940-05:002011-12-19T06:43:05.940-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile1.posterous.com/getfile/files.posterous.com/paulmadsen/NbtnrTv7QUsiglRi35i6TXSXqMHCbMebDbJBFG62ADD2b0ehLE2II7UFPuU4/Screen_shot_2011-12-19_at_6.39.png"><img alt="Screen_shot_2011-12-19_at_6" height="311" src="http://getfile2.posterous.com/getfile/files.posterous.com/paulmadsen/bzn7u4RkwMPFJAM1ZgKWrxsTckCV2Q1u53XmGba2zNoMrIiQ8gg8qJOoPdmC/Screen_shot_2011-12-19_at_6.39.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-81288">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-5058820849812735816?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/DLKoxo8nPDU" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-60915923535059282152011-12-16T11:03:00.001-05:002011-12-16T11:03:10.155-05:002011-12-16T11:03:10.155-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile5.posterous.com/getfile/files.posterous.com/paulmadsen/xeEzGmRuTl52jr5vKmlJ5bEFwiu201ppfQVTRJC3eOwMe1Lngx1mThnCIWFN/Screen_shot_2011-12-16_at_11.0.png"><img alt="Screen_shot_2011-12-16_at_11" height="262" src="http://getfile6.posterous.com/getfile/files.posterous.com/paulmadsen/DuFEJQXkykx1pN1YYY7cDxyLhaMQuuMPl6HGiU6ZseEgvRcp14PSp70Ngatr/Screen_shot_2011-12-16_at_11.0.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-7304">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-6091592353505928215?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/pR_M3tg8_DA" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-47668152532975587482011-12-14T06:45:00.001-05:002011-12-14T06:45:42.831-05:002011-12-14T06:45:42.831-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile7.posterous.com/getfile/files.posterous.com/paulmadsen/14SvBd46vqlcvwGTfCTOijGgKFXVG3UVzGzpJ9tKBQyjZHHAdNDCe5qesWQE/Screen_shot_2011-12-14_at_6.42.png"><img alt="Screen_shot_2011-12-14_at_6" height="276" src="http://getfile8.posterous.com/getfile/files.posterous.com/paulmadsen/cDsWEzhwNFwRBtaK1IgoHGD4Y3FKreE6LR1iRo91pjFAzZvgZ55dSZfXMWjI/Screen_shot_2011-12-14_at_6.42.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-41995">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-4766815253297558748?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/ayxmuE32U0E" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-86380650046744247872011-12-12T15:58:00.001-05:002011-12-12T16:07:32.126-05:002011-12-12T16:07:32.126-05:00OAuth 2.0 defines how mobile native applications can obtain an access token from an Authorization Server – this token used on calls to the API behind which sits the application data (e.g. their calendar, their TripIt data , etc) that the native application seeks.<br /> <br /> Obtaining the first access token typically happens via the browser – the sequence<br /> <br /> 1)&nbsp;&nbsp; &nbsp;The user indicates they wish to ‘authorize the app’ or equivalent<br /> 2)&nbsp;&nbsp; &nbsp;the native application pops an external browser window and loads the AS login page<br /> 3)&nbsp;&nbsp; &nbsp;the User logs into the AS (and may be asked for their consent for that native application to be able to access particular resources)<br /> 4)&nbsp;&nbsp; &nbsp;if successful, the AS redirects the browser to a specified callback URL, including in the redirect URL an ‘authorization code’<br /> 5)&nbsp;&nbsp; &nbsp;The browserpasses the authorization code to the native application <br /> 6)&nbsp;&nbsp; &nbsp;The native application sends the authorization code back to the AS, and is returned the desired access token (as well as optionally a refresh token, which the native application can use going forward to get new access tokens)<br /> <br /> Step 5 in the above might have caused you to wonder just how exactly does the browser, after grabbing the code from the callback URL, pass it to the native application?<br /> <br /> Good question.<br /> <br /> One emerging best practice is to leverage the mobile OSes (Android &amp; iOS at least) support for custom schemes as a means of inter-application messaging. When the native application is installed, it registers itself as the handler for URLs of a particular scheme (just like the browser handles HTTP URLs, and the markets have their corresponding schemes).<br /> <br /> Below is the Android manifest for an app registering itself as the handler for the 'coolmobileapp' scheme.<br /> <br /> <pre>&lt;activity android:name=".AppActivity" android:label="@string/app_name"&gt; &lt;intent-filter&gt; &lt;data android:scheme="coolmobileapp" android:host="cma.ex.com" /&gt; &lt;action android:name="android.intent.action.VIEW" /&gt; &lt;category android:name="android.intent.category.BROWSABLE" /&gt; &lt;category android:name="android.intent.category.DEFAULT" /&gt; &lt;/intent-filter&gt; &lt;/activity&gt; </pre> <br /> <br /> Once registered as a handler for a given scheme, whenever the OS sees a URL in that scheme, it will pass that URL to the application.<br /> <br /> If then, the callback URL that the AS redirects the browser to belongs to a scheme that the relevant native application ‘owns’, then the browser, upon seeing that URL, will pass it onto the OS for appropriate forwarding to the app.<br /> <br /> Once the native application is passed the URL, it can grab the authorization code, and use it to obtain the desired tokens.<br /> <br /> The hitch in the above mechanism is that nothing prevents multiple native applications from registering themselves as the handler for a given URL scheme. If you have multiple browsers installed on your phone you will have seen how Android deals with multiple such handlers – it asks the user which to use for a given URL (unless a default is set). Nothing in the OS prevents such collisions, nor mediate conflicts other than this user query mechanism.<br /> <br /> Consequently, it is theoretically possible for a rogue application to lay claim to the very same custom scheme handler as a valid native app with the hope that it would obtain the authorization code as part of the OAuth authorization process rather than the valid &amp; appropriate app.<br /> <br /> In the next installment, I will present ideas as to how to mitigate the above callback attack - based on discussions with my Ping colleagues Scott Tomilson, Travis Spencer, and Brian Campbell (to be fair, Brian has contributed very little).<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8638065004674424787?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/_swsElSCveo" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-26090729240704689952011-12-06T08:16:00.001-05:002011-12-06T08:16:04.352-05:002011-12-06T08:16:04.352-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile7.posterous.com/getfile/files.posterous.com/paulmadsen/J941dalDZpstH8tqABlSCKFSp9TlzCR4PBNFRidLpouKyvPZRA2vjCOdokU0/Screen_shot_2011-12-05_at_4.28.png"><img alt="Screen_shot_2011-12-05_at_4" height="332" src="http://getfile8.posterous.com/getfile/files.posterous.com/paulmadsen/lXqsXXQhgHn52kvVFQZTT0Y8BFMpHKC8gYOcq0xSgmPuitcAUnrg6zrDWJQT/Screen_shot_2011-12-05_at_4.28.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-41742">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-2609072924070468995?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/Zk6nLd57CwY" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-85797286803875842632011-12-05T09:51:00.001-05:002011-12-05T09:51:34.084-05:002011-12-05T09:51:34.084-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2011-12-05_at_9" height="312" src="http://getfile5.posterous.com/getfile/files.posterous.com/paulmadsen/9zFnrRKh8E9PFUAqgtpt1y9B4WWfgDF2uAIxfynP2fkVMkzUisOoEiTGR4Yc/Screen_shot_2011-12-05_at_9.50.png" width="496" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-27269">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8579728680387584263?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/iAHDKGBu9pk" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-9845252943457726462011-12-03T06:44:00.001-05:002011-12-03T06:44:43.012-05:002011-12-03T06:44:43.012-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2011-12-03_at_3" height="537" src="http://getfile4.posterous.com/getfile/files.posterous.com/paulmadsen/78owhTidW8384PZdXZyEUayqaIyKbvDemdFmSVxyjnJeND7nqNrEtsflj717/Screen_shot_2011-12-03_at_3.42.png" width="437" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-58345">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-984525294345772646?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/sHDIMwPI6k0" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-83731489452303835922011-11-29T10:15:00.001-05:002011-11-29T10:15:50.659-05:002011-11-29T10:15:50.659-05:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile9.posterous.com/getfile/files.posterous.com/paulmadsen/IDYa8xf48SPnBIbBKJMG9yjNsmjryfS301ESWEBoEECcc00zSFEureu96NjP/Screen_shot_2011-11-29_at_10.0.png"><img alt="Screen_shot_2011-11-29_at_10" height="173" src="http://getfile0.posterous.com/getfile/files.posterous.com/paulmadsen/4NFwIsdSRsrNili0wWX0LfMfEIMuVdpgh5kP72eb7VXjmlwfeWsgLwUefRWM/Screen_shot_2011-11-29_at_10.0.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-73960">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8373148945230383592?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/O6vkZxyXX9A" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-62695783352316231942011-11-06T07:33:00.001-05:002011-11-06T07:33:11.132-05:002011-11-06T07:33:11.132-05:00<div class='posterous_autopost'><p><div class='p_embed p_image_embed'> <a href="http://getfile3.posterous.com/getfile/files.posterous.com/temp-2011-11-06/mdFBjFrslccmsFjxlDtjuxuogFnhBcvszwreiByEvdjpDziomzpcjgvlytlx/Screen_shot_2011-11-06_at_7.27.29_AM.png.scaled1000.png"><img alt="Screen_shot_2011-11-06_at_7" height="277" src="http://getfile6.posterous.com/getfile/files.posterous.com/temp-2011-11-06/mdFBjFrslccmsFjxlDtjuxuogFnhBcvszwreiByEvdjpDziomzpcjgvlytlx/Screen_shot_2011-11-06_at_7.27.29_AM.png.scaled500.png" width="500" /></a> </div> rds</p> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-13483">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-6269578335231623194?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/A1gw954AZ0Y" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-27181170699235826212011-11-03T10:24:00.001-04:002011-11-03T10:24:09.244-04:002011-11-03T10:24:09.244-04:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile6.posterous.com/getfile/files.posterous.com/paulmadsen/Vj8VBMoqEPoVdrkPTOkxb55tYm4OGq6rrQqsJMxhcyfoKBhTuk2ICrGjQNmM/Screen_shot_2011-11-03_at_10.2.png"><img alt="Screen_shot_2011-11-03_at_10" height="312" src="http://getfile7.posterous.com/getfile/files.posterous.com/paulmadsen/b7z6WbP3b71E0V2v6lH2P5lt1KKmo1l8WQGrAOXV2glV55tzZsHMTk8NaWoJ/Screen_shot_2011-11-03_at_10.2.png.scaled.500.jpg" width="500" /></a> </div> <p> credit @brad_tumy</p> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/byod-venn">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-2718117069923582621?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/X4hSbrEJl2c" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-71167567738762741682011-11-03T09:03:00.001-04:002011-11-03T09:03:13.176-04:002011-11-03T09:03:13.176-04:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://getfile4.posterous.com/getfile/files.posterous.com/paulmadsen/28wzEsjPdEdK8hB1cQeFIi1B8Rg3JnJH7mMNRdkeYIeAqkAQSomlqSQE18qw/Screen_shot_2011-11-02_at_6.43.png"><img alt="Screen_shot_2011-11-02_at_6" height="281" src="http://getfile5.posterous.com/getfile/files.posterous.com/paulmadsen/ArOg3nz8v4DhGAcdalWVrz7gIUaPREe6mZpcklg0HO5VbVbWmf9IL7Hfj1zJ/Screen_shot_2011-11-02_at_6.43.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-40516">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-7116756773876274168?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/Q-U-iszY2W0" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-82032955427689102072011-11-01T17:02:00.001-04:002011-11-01T17:02:58.464-04:002011-11-01T17:02:58.464-04:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <img alt="Screen_shot_2011-11-01_at_11" height="486" src="http://getfile8.posterous.com/getfile/files.posterous.com/paulmadsen/Cc6arJB5C1Td4jqKIYVxdRKxwQUCI9ti2u9iCe33VuS8UC8duA0euBFLF9rv/Screen_shot_2011-11-01_at_11.3.png" width="473" /> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-63285">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8203295542768910207?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/z3mM6UWYeVE" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0tag:blogger.com,1999:blog-12447072.post-87824592847546467562011-10-19T14:08:00.001-04:002011-10-19T14:08:07.429-04:002011-10-19T14:08:07.429-04:00<div class='posterous_autopost'><div class='p_embed p_image_embed'> <a href="http://posterous.com/getfile/files.posterous.com/paulmadsen/BFlE5Wp41MtAFhfomUp6XrwVF2nRCFhFkZBS3nN4VRsWnIAQZguTBkkQZEaL/Screen_shot_2011-10-19_at_11.0.png"><img alt="Screen_shot_2011-10-19_at_11" height="501" src="http://posterous.com/getfile/files.posterous.com/paulmadsen/Jhxl22m6RHyUVUuk4aPnufcO7rmK2k2VdgqfxJ1jiM5mJO4TXcImnhM88S7R/Screen_shot_2011-10-19_at_11.0.png.scaled.500.jpg" width="500" /></a> </div> <p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> from <a href="http://paulmadsen.posterous.com/new-line-of-greeting-cards-iiw-81972">Pre(posterous)</a> </p> </div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/12447072-8782459284754646756?l=connectid.blogspot.com' alt='' /></div><img src="http://feeds.feedburner.com/~r/blogspot/gMwy/~4/l71HWmDfd98" height="1" width="1"/>Paul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.com0