Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Page Properties


Project Title
Target Release
Epic
Document Status
Status
colourGreen
titlein use
Document Owner

Document Sign-Off
Subject Matter Expert(s)
Technical Expert(s)


...

TitleDescriptionNotesStatusExpected Delivery
Not an official UCSB AppIt's been requested that the application have the first line of the description in the application stores a disclaimer stating that it is not an application officially produced by UCSB. As similar disclaimer should be on the login page.
  • Store Text:
    This is not an official UCSB application. (GoGaucho is a mobile app developed by UCSB students ...
  • Login Page Text:
    Not an official UCSB app
Status
colourBlue
titlecompleted
 
GoGauchoApp AccountCreate an account on the Developer Portal for the GoGuacho app, and create applications for the app & cams.
Status
colourBlue
titlecompleted
 
International Server/ServiceRemove the international server/service from the architecture. It's purpose was to caching the Menu; which is now available as an API.
  • This service was only being used to cache the dining menu information.
  • But, it's location is an issue.

Resolution

  • Moving to Heroku
    • This is not quite ready yet ... gotta work out the caching

Status
colourBlue
titlecompleted

(New Functionality Not Available Yet)

 
Use Google SSO Development/Proof of ConceptGet the development work done to sign in with Google's OAuth; and the ability to call Campus API's using the OAuth token.
  • Add JWT onto requests to the Heroku service.
  • Yaun Yao will be working on this.
Status
colourBlue
titlecompleted
 
Switch Apps to use OAuthWhen ready, switch the GoGaucho mobile app to use Google OAuth to login.
  • Development work
Status
colourBlue
titlecompleted
 
Replace Screen Scraping DevelopmentReplace the screen scraping with Campus API web services in a Development branch.
  • The goal it to replace the screen scraping with a web api call to the GoGaucho Heroku service. The Heroku service will then call the API Gateway.
  • Not the updates for the screens on the apps


  • Menus
    • In Progress (because Auto-Approved)
  • Student Schedules
    • DONE - Need to fill out API Access Request form on developer.ucsb.edu 

Android

Status
colourBlue
titlecomplete

iOS

Status
colourBlue
titleCOMPLETE

Android
 

iOS
 

Update the iOS App Store and Google Play StoreAfter the update of the student-schedules API, update the apps in the app store and google play store
  • Android (Jimmy)
    •  The function of GOLD login has completely transferred to Google OAuth. It is available in Google Play Store 20 days ago. More than 70% of active users have updated to the newest version. 
  • iOS (Henry)
    •   From Henry: here’s only small things left to finish OAuth for getting student’s schedule. I can finish it before this fall quarter.
    •  The app has had the Schedule information removed until the OAuth implementation can be put in place. This is a great compromise to keep things secure.
    •  Updated and released (released:  )
Android
Status
colourBlue
titlecomplete


iOS
Status
colourBlue
titlecomplete

Android

iOS
 

Use Authentication on Heroku ServiceAdd authentication onto the requests between the mobile apps and the Heroku service to ensure only known clients are using the service.
  • GoGuacho team will figure it out and bring their solution back
  • Very closely connected to one above "Store Keys/Secrets on Mobile App Securely"

Resolution

  • Will send a magic string between the mobile apps and Heroku
  • Henry found a way to encrypt the communication between Heroku and the app


Android

Status
colourBlue
titlecomplete


iOS

Status
colourGreen
titlein progress

(done - awaiting approval from Apple)

Android
 


iOS 
 

Store Keys/Secrets on Mobile App SecurelyUse encryption at rest to store keys/secrets in the mobile application.
  • Encrypted Data
  • File should not be in source control
  • Should be packaged into the distributable
  • GoGuacho team will figure it out and bring their solution back

Android (Jimmy)

  • On Mobile Device - Not Yet
  • On Heroku - Implementing

iOS (Henry)

  • Researching iOS Keychain



Android

Status
colourGreenBlue
titlein progress
(done - will be available next week)
complete


iOS

Status
colourGreen
titlein progress

(done - awaiting approval from Apple)

Android




iOS
  

Move Keys/Secrets to the Heroku Service Where possible, move keys/secrets to the Heroku service so that they aren't stored within the mobile application.
  • UCSB API Key has to be in Heroku and not the mobile apps
  • This is really a part of "Store Keys/Secrets on the Heroku Service Securely (nodejs)"
Status
colourBlue
titlecompleted
 
Store Keys/Secrets on the Heroku Service Securely (nodejs)Use encryption at rest (or a reasonable alternative) to store the keys/secrets securely.
  • Encrypted Data
  • File should not be in source control
  • Should be packaged into the distributable
  • Reasonable alternative is using Heroku built in key stores to save passwords and inject them at runtime.
Status
colourBlue
titlecompleted
 
Access Card API - Remove Username/PasswordDisable the access card functionality because of the need to enter a username/password.
  • Android (Jimmy)
    • Disable the functionality

  • iOS (Henry)
    • Disable the functionality

Android

Status
colourBlue
titlecompleted

iOS

Status
colourBlue
titlecompleted

Android - 
 

iOS -  

Events APIWhen ready, add events API into GoGaucho app
  • Need to be able to filter Student events from API endpoint
Status
colourGrey
titlepipeline






...