DDevelopment & Design

Opportunity to grow

In 2022, in addition to the work we do for our clients, we put our heads together and organized events and activities that would help us further develop our skills and knowledge, while providing a healthy break from our daily tasks. What follows is a brief account of what we planned, what worked and what didn’t.

Book Santa

We started the new year with gifts. Everyone could order a book, an actual physical book made of paper and ink, the only condition was that it be “at least a little work-related”. The idea was well received and orders soon poured in. The logistics involved in collecting titles from 130 people, ordering and then sending them to those who work more often remotely proved something of a challenge, but somehow we managed. Only one book from the UK got irretrievably stuck in customs (thanks, Brexit!). I don’t know how many books were read – since they were gifts, it didn’t seem appropriate to ask! – but I do know that one of them is currently being used as a monitor stand. An unexpectedly fascinating side effect of the scheme was being able to take a look at the freely available excel sheet and see who had ordered what and to learn about books you’d previously been unaware of.

Flashtalks

We meet once a month on a Friday to hear three people from the company, usually developers, give short presentations. Ensuring that every month there are enough volunteers willing to talk about something technical or somehow related to our work is no mean feat. Persuading, encouraging, twisting the arms of busy colleagues is a major challenge for the organizers of these talks. Occasionally, these talks cover less technical areas and we get the chance to learn about advantages of giving and receiving feedback, money saving and how to become a conference speaker. The purpose of Flashtalks is to both share knowledge and create a space where presentation skills can be practiced and honed in front of a larger audience. In 2022 there were 29 speakers (seven of whom spoke twice) and 36 presentations altogether. Topics ranged from “How to monitor applications after deployment” to “Will Niagara Files work on the Mississippi” and “DIY simple lab power supply”. Both novice developers as well as senior conference veterans share their wisdom. One of the great things about Flashtalks is the post-talk questionnaire, which always provides us with valuable feedback on what went well and what could be done better. Each Flashtalk ends with a quiz, which introduces an element of gamification and prevents Flashtalks from becoming merely a chance to take a break from work.

One of the aims of the Flashki is to create new conference speakers. This year Monika Fus made her debut at Confitura, an event very much close to our hearts, where she spoke about “L10n, i18n and t9n in the JVM world”. Other speakers included Piotr Fus with his presentation “How to get started with metrics”, Maciek Próchniak with “Well, it’s time to synchronize watches” and Dominik Przybysz with “OOP Revisited”. The whole team traveled around Poland and beyond with their presentations. Check them out here: https://touk.pl/talks/2022. While we had hoped there would be more newcomers in 2022, we are confident that 2023 will see a greater number of conference debuts.

Dojo

TouK Dojo is a more hands-on learning initiative that one of the developers came up with this year. We hold technical workshops for each other and meetings where we solve problems, often algorithmic. It’s a good opportunity to bounce ideas off each other about how to do things, try out tools, ask questions and work on real examples. Meetings usually take place once a week, live and online.

Blog

In April, as a grassroots initiative, a few of us set a goal to post monthly on our company blog. We wanted to restore it to its former glory, or perhaps just revive it after the drought years of the pandemic. We almost succeeded, with our combined efforts resulting in six posts about hackathons, a summary of the first post-pandemic Confitura, and of course some technical posts. We are now thinking about how to take the initiative further. It seems that the valuable content we could share is there, but we need to find the time and a way to overcome writer’s block.

Hackathons

Last year we organized a couple of hackathons: one in the spring and one in the autumn. We had initially considered having four in the space of a year, but that turned out to be a bit too ambitious, given the amount of work we do for our clients and the number of ideas to hack. The general framework developed in battle is: two days in our office, any project, any team composition, pizza and snacks for all. You can read detailed descriptions of what we achieved here: https://touk.pl/blog/2022/05/12/touk-hackathon-toukathon-april-2022/ and https://touk.pl/blog/2022/11/28/toukathon-october-2022/. In spring sixteen people coded together, in autumn eight.

Books

It has always been possible for any employee to order books for our shared library. Perhaps because of the number of books gifted at the start of the year, the number of books ordered during the year was a little smaller than normal. Still, our library has now been enriched with:

  • Diagnosing and Changing Organizational Culture: Based on the Competing Values Framework, Kim S. Cameron, Robert E. Quinn
  • The Enterprise Big Data Lake, Alex Gorelik
  • The Java Module System, Nicolai Parlog
  • Bulletproof TLS and PKI 2ed, Ivan Ristić
  • Job crafting nowa metoda budowania zaangażowania i poczucia sensu w pracy, Malwina Puchalska-Kamińska, Agnieszka Łądka- Barańska
  • Functional programming in Scala second edition, Paul Chiusano, Runar Bjarnason
  • Functional Design and Architecture v7, Alexander Granin
  • Functional Event-Driven Architecture, Gabriel Volpe
  • Code, Charles Petzold

Since January is time for resolutions, here are ours. This year we want to continue the Flashki (the first has already taken place on 20 January), we will confidently hack together, and we are already planning a calendar of speeches at conferences.

— Previous article

TouKathon – October 2022

You May Also Like
DDevelopment & Design

Phonegap / Cordova and cross domain ssl request problem on android.

In one app I have participated, there was a use case:
  • User fill up a form.
  • User submit the form.
  • System send data via https to server and show a response.
During development there wasn’t any problem, but when we were going to release production version then some unsuspected situation occurred. I prepare the production version accordingly with standard flow for Android environment:
  • ant release
  • align
  • signing
During conduct tests on that version, every time I try to submit the form, a connection error appear. In that situation, at the first you should check whitelist in cordova settings. Every URL you want to connect to, must be explicit type in: 
res/xml/cordova.xml
If whitelist looks fine, the error is most likely caused by inner implementation of Android System. The Android WebView does not allow by default self-signed SSL certs. When app is debug-signed the SSL error is ignored, but if app is release-signed connection to untrusted services is blocked.



Workaround


You have to remember that secure connection to service with self-signed certificate is risky and unrecommended. But if you know what you are doing there is some workaround of the security problem. Behavior of method 
CordovaWebViewClient.onReceivedSslError
must be changed.


Thus add new class extended CordovaWebViewClient and override ‘onReceivedSslError’. I strongly suggest to implement custom onReceiveSslError as secure as possible. I know that the problem occours when app try connect to example.domain.com and in spite of self signed certificate the domain is trusted, so only for that case the SslError is ignored. 

public class MyWebViewClient extends CordovaWebViewClient {

   private static final String TAG = MyWebViewClient.class.getName();
   private static final String AVAILABLE_SLL_CN 
                               = "example.domain.com";

   public MyWebViewClient(DroidGap ctx) {
       super(ctx);
   }

   @Override
   public void onReceivedSslError(WebView view, 
                                  SslErrorHandler handler, 
                                  android.net.http.SslError error) {

       String errorSourceCName = error.getCertificate().
                                  getIssuedTo().getCName();

       if( AVAILABLE_SLL_CN.equals(errorSourceCName) ) {
           Log.i(TAG, "Detect ssl connection error: " + 
                       error.toString() + 
                       „ so the error is ignored”);

           handler.proceed();
           return;
       }

       super.onReceivedSslError(view, handler, error);
   }
}
Next step is forcing yours app to  use custom implementation of WebViewClient. 

public class Start extends DroidGap
{
   private static final String TAG = Start.class.getName();

   @Override
   public void onCreate(Bundle savedInstanceState)
   {
       super.onCreate(savedInstanceState);
       super.setIntegerProperty("splashscreen", R.drawable.splash);
       super.init();

       MyWebViewClient myWebViewClient = new MyWebViewClient(this);
       myWebViewClient.setWebView(this.appView);

       this.appView.setWebViewClient(myWebViewClient);
       
       // yours code

   }
}
That is all ypu have to do if minSdk of yours app is greater or equals 8. In older version of Android there is no class 
android.net.http.SslError
So in class MyCordovaWebViewClient class there are errors because compliator doesn’t see SslError class. Fortunately Android is(was) open source, so it is easy to find source of the class. There is no inpediments to ‘upgrade’ app and just add the file to project. I suggest to keep original packages. Thus after all operations the source tree looks like:

Class SslError placed in source tree. 
 Now the app created in release mode can connect via https to services with self-signed SSl certificates.