You are previewing PhoneGap for Enterprise.
O'Reilly logo
PhoneGap for Enterprise

Book Description

Master the art of building secure enterprise mobile applications using PhoneGap

In Detail

This book covers the necessary concepts you'll need to build useful, rich, secure enterprise apps for mobile devices, and also explains portions of an example enterprise app development so that you have a working demonstration of the concepts in the book.

The book focuses heavily on security concepts such as authorization, SSL and certificates, source code protection, local data store encryption, and so on, as ensuring a secure channel of communication between the user and the enterprise servers is critical.

The book explores the entire app's design, covering the data model and business logic you'll use for your app. It then moves on to cover how to build middle-tier communication between the middle tier and the mobile device, handling application and network events (such as a network going offline), and culminates by showing you how to work with various rich presentation technologies.

This book is invaluable for anyone looking to learn how to create secure mobile apps for enterprise environments in an easy way with lots of useful examples.

What You Will Learn

  • Develop cross-platform mobile enterprise apps using PhoneGap
  • Understand the PhoneGap system and app architecture
  • Communicate between the mobile device and the backend using XHR and WebSockets for data transmission
  • Build a middle tier using Node.js to connect to the data store
  • Discover how PhoneGap allows you to whitelist trusted domains
  • Handle online/offline states by learning how to handle application and network status events
  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at If you purchased this book elsewhere, you can visit and register to have the files e-mailed directly to you.

    Table of Contents

    1. PhoneGap for Enterprise
      1. Table of Contents
      2. PhoneGap for Enterprise
      3. Credits
      4. About the Author
      5. About the Reviewers
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Errata
          3. Piracy
          4. Questions
      8. 1. PhoneGap and Enterprise Mobility
        1. Why PhoneGap/Cordova?
        2. History behind PhoneGap and Cordova
        3. Easy cross-platform development
        4. Cordova app architecture
          1. Cordova app structure
        5. Summary
      9. 2. Building the Data Store and Business Logic
        1. Introducing Tasker
        2. Server architecture
        3. Designing your data models
        4. Designing the business logic
        5. Permissions model
        6. Summary
      10. 3. Securing PhoneGap Apps
        1. General security precautions
          1. Filtering and validating input
          2. Encoding and escaping output
          3. JavaScript/browser security
            1. Avoiding JavaScript cryptography in the browser
            2. Avoiding the use of JavaScript eval
            3. Using strict mode
            4. Avoiding untrusted HTML injection
            5. Using Strict-Transport-Security
            6. Securing your cookies
            7. Using Content-Security-Policy
            8. Avoiding JSONP
            9. Avoiding the use of iframes
          4. Using TLS/SSL always
          5. Authentication
        2. Server-specific security precautions
          1. Securing your backend
          2. Hardening your backend against attack
            1. Avoiding SQL injection
            2. Preventing cross-site request forgeries
            3. Avoid trusting your client's state
            4. Verify message integrity with HMACs
          3. Quick Node.js and Express server security settings
        3. Cordova-specific security precautions
          1. Targeting modern mobile devices
          2. Source code protection
          3. Using InAppBrowser for external links
          4. Whitelisting domains
          5. Avoiding self-signed certificates
          6. Using a well-known certificate authority
          7. Man-in-the-middle attacks
          8. Local data store security/encryption
        4. Summary
      11. 4. Building the Middle-Tier
        1. Middle-tier architecture
        2. Designing a RESTful-like API
        3. Building our API using Node.js
          1. Connecting to the backend database
          2. Executing queries
          3. Using Passport to handle authentication and sessions
          4. Building API handlers
        4. Summary
      12. 5. Communicating between Mobile and the Middle-Tier
        1. Getting started
        2. Promises
        3. Ensuring secure communication
        4. Communicating with the backend using XHR
        5. Authenticating the user with the backend
        6. Summary
      13. 6. Application Events and Storage
        1. Getting ready
        2. Determining network connectivity
        3. Getting the current network type
        4. Detecting changes in connectivity
        5. Handling connectivity issues
        6. Handling changes in the application state
        7. Responding to application-level events
        8. Storing local data using SQLite
        9. Storing data in the iOS Keychain
        10. Summary
      14. 7. Push Notifications
        1. Delving into Push Notification architecture
        2. Boxcar Universal Push Notifications Platform
          1. Setting up Apple Push Notifications with Boxcar
        3. Setting up Google Cloud Messages with Boxcar
          1. Downloading the Boxcar PhoneGap SDK
        4. Integrating Boxcar with PhoneGap/Cordova
          1. Additional iOS configuration steps
          2. Additional Android Configuration steps
        5. Receiving Pushes from Boxcar
          1. Background vs foreground Push Notifications
        6. Sending a Push via Boxcar
        7. Summary
      15. 8. Building the Presentation Tier
        1. Mock-up design tools
        2. Libraries and frameworks
        3. Common patterns
          1. MVC (Model-View-Controller)
          2. The publish-subscribe pattern
          3. The observables pattern
          4. The templates pattern
          5. The data binding pattern
          6. The URL routing pattern
        4. Presentation of the app
          1. User Interface frameworks
          2. View management
          3. Forms and the validation
          4. Data visualization
        5. Seeing it in action
        6. Summary
      16. A. Useful Resources
        1. Chapter 1 – PhoneGap and Enterprise Mobility
        2. Chapter 2 – Building the Data Store and Business Logic
          1. Database servers
          2. Designing Data Models
        3. Chapter 3 – Securing PhoneGap Apps
          1. Security resources
        4. Chapter 4 – Building the Middle-Tier
          1. RESTful-like API resources
        5. Chapter 5 – Communicating between Mobile and the Middle-Tier
          1. Communication with the backend
        6. Chapter 7 – Push Notifications
          1. Push Notification services and BaaS
        7. Chapter 8 – Building the Presentation Tier
          1. Additional utility libraries and frameworks
          2. User Interface frameworks
      17. Index