I have quite a few projects in ‘beta’ stage for both Android and iOS, so I’ve become way more acquainted than I want to be with the painful process of beta distribution and store submission for both ecosystems. The two processes are vastly different, and in general iOS is way more of a pain and far more involved than Android. I finally decided to automate the whole thing from start to finish and make use of the amazing build tools that are out there instead of doing it manually. In the next two blog posts, I’ll share my learnings about how to use the iOS toolset in Fastlane, to completely streamline this whole schemozzle down to a single command.
When a specific integration involves one organisation/user, with one or more clients (in the server-client sense), this is the ideal use of 2-legged OAuth — where the client and server are known to each other. The basic premise of this is that since the client application is owned by the user, the user doesn’t have a need to authorise the application, the client and server just need to verify that they are who they say they are. We can skip the authorisation process and just sign our requests with a uniquely identifying signature. This has many benefits, including removing the need to repeatedly log in and verify an application, and longer term tokens.