Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Date

 

Zoom: https://ucsb.zoom.us/j/239650477

Attendees

Goals

  • Understand the development of the GoGaucho mobile application
  • Understand the architecture of GoGaucho 
  • Understand the security implement of GoGaucho
  • Develop Future Stesp

Discussion items

TimeItemWhoNotes
5 minWelcomeSteven Maglio
  • Greetings
20 minOverview of Application ArchitectureGoGuacho Team
  • Potential Projects for the future
    • Real time bus map (SBMTD)
    • Registration Information
      • Pop-Up message before a class will begin

Future Hopes for Campus SponsorshipGoGaucho Team
  • Looking for support by just have access to the Campus APIs
  • Have modeled their application around the successes of the Ohio State Student Developed App and the Iowa State Student Developed App
  • Would love to see any support by campus, that the campus is willing to provide

Future Hopes for APIsGoGaucho Team
  • Campus Events
  • Students Schedule (ie. Courses)
    • This would remove the need of having to screen scrape Gold
    • It would also make it easier to setup notifications on the phone to remind students when they need to leave for class
  • Alerting
    • Seth and Steven explained that it's a very difficult subject with many legal requirements around it and the campus needs to have a unified vision on it before any movement would be made on that.

Security Updates for the ApplicationsGoGaucho Team
  • Heroku API
    • Needs to have Authentication added to the API endpoints
    • DDOS Prevention (Maybe Heroku already does this?)
  • SqlLite on Phone
    • Encrypt Data at Rest
  • Code
    • Separate Secrets out of the code base
    • Include Secrets in Build Process


  • Depending on Campus Conversations
    • Sign Appendix DS

Security Updates for UCSB APIsSteven Maglio
  • Need to develop support to authenticate the user of the application (in this case the student)
  • Is it possible to pull the JWT token for Google Connect's authorization service?
    • We would still use API Keys with the API Gateway, but the student would be authenticated through Google's OAuth endpoint?
  • Re-prioritize getting the Teams Feature into the Developer Portal
    • Or, look at getting a Functional Account for the Team at the Campus Identity Level

Action items

  • GoGaucho Team - Submit Access Request Form https://ucsb.box.com/s/bm6y5dy68ng1pof8e6z804e4oj8vil2e
  • GoGaucho Team - Determine Developer Portal Account to associate request with
    • Hengyu Liu's account will be used (hengyuliu@ucsb.edu)
  • UCSB API Team - Start conversations with Campus on Usage
    • Follow-up with GoGaucho Team with results
  • UCSB API Team - Contact the Campus Connect Team and ask about their OAuth endpoint?



  • No labels