Mobile and Backend Development

In this post I would like to explain how to do the SSL Pinnig from  Android. First of all we will get a little idea about what is SSL and Pinnig means. In this post I did referred the OWASP( Open Web Application Security Project )  page, where we can gain knowledge in common security risks of our software. Mostly in client-server communication, we uses TCP/IP protocol. Based on TCP/IP there are application layer protocols, which are well known to the world(Such as HTTP, SMTP, FTP etc...) Widely used client-server communication protocol is HTTP. HTTP is an unsecured protocol and any one can interfere the communication between clients-server. Well know security risk in HTTP is Man-In-The-Middle attack, where attacker can read/update data inside  a HTTP request/response. To overcome this kinds of attack HTTPS protocol is used, which will create a secure channel for client-server communication(This uses a X509 Certificate provided by Certificate Authority[CA] and asymmetric cryptography

In a previous post, I have explained how to access the Linkedin API's using Scribe . But luckily Linkedin have introduced their Mobile SDK for Android recently. This will save lot of times for developers and hope in the future will have lot of functions over the SDK. In this post I'm going to give some hints and important steps to integrate Linkedin SDK for existing linkedin integrated(Using Scribe) application. When using Scribe for OAuth authentication, linkein returned us an AccessToken and we saved that in shared preferences for future use. With the new SDK we can use the previously saved AccessToken to access linkein API's without creating new token. I have added that example in SDKIntergrationActivity.java class and it's being commented. You can refer  this project and previous project in Github.(Find the below code snippet in SDKIntergrationActivity.java) LocalSharedPreferenceStorage localSharedPreferenceStorage = LocalSharedPreferenceStorage.getInstance(c