Architecture of the Mozilla Apps Ecosystem

Text

ARCHITECTURE OF THE MOZILLA APPS ECOSYSTEM

Bill Walker

Thursday, November 15, 12

• Show the value to users and developers

•Define the systems and concepts

• Show how data flows between them

•Consider how the architecture will meet coming challenges

WHY ARE WE HERE?


DEMOES


VALUE PROPOSITIONUser, Developer


User ValuesI buy my App once and run it everywhere


User Values

Stores and services

I’m always me across carriers, networks


User Values

Self-publisher

App StoreI discover Apps in many ways

Recommendation Engine


User ValuesCloud-based services

I backup my all App receipts

Self-publisher

App Store

Recommendation Engine


Cloud-based services

User Values

I manage my Apps across all my devicesThursday, November 15, 12

Developer value• I code to one platform

• I optimize for devices if needed

•My users discover, buy, and install my Apps on all their devices

• I can innovate without hitting arbitrary restrictions


Developer value• I can submit and manage my Apps programmatically

• I have access to great development tools

• I get access to App usage analytics


ec·o·sys·tem /ˈekōˌsistəm/

a biological community of interacting organisms and their physical environment


Systems and ConceptsPayment ProviderApp Backend App Store

package

discover

install

identify

manifest

launch

Apps in the Cloud

package

manage

manifest

package

manifest

receipt receiptreceiptreceipt

pay


CONCEPTSApp, Web Runtime, App Store


What is an App?•A native application experience built with HTML5

•Web content reachable from a launch URL within an Origin

• Like the web, except that it works offline

•A context for In-App payments

WebsiteBookmark Tab


What is an App Manifest?•App metadata (version, developer info, icon)

• Enumeration of sensitive API use{ "name":"Test App ({subdomain})", "description":"This app has been automatically generated by testmanifest.com", "version":"1.0", "icons":{ "16":"http://testmanifest.com/icon-16.png", "48":"http://testmanifest.com/icon-48.png", "128":"http://testmanifest.com/icon-128.png" }, "installs_allowed_from":[ "*" ], "developer":{ "name":"Gregory Koberger", "url":"http://gkoberger.net" }}


http://testmanifest.com/icon-16.png






http://gkoberger.net

http://gkoberger.net

alarmbackgroundservicebluetoothbrowsercameracontactsdesktop-notificationdevice-storagefmradiogeolocationmobileconnection

powerpushsettingssmsstoragesystemclocknetwork-httpnetwork-tcptelephonywake-lock-screenwebapps-manage

Device and Web API’s


App Security Model

Web No sensitive API’s Packaged or notHosted Anywhere

Privileged Some sensitive API’s Signed packagesHosted at Store

Certified SMS, Phone Pre-installed


Who hosts an App?

users neither know nor care


Who hosts an App?•Developers host Apps

• that don’t use sensitive API’s

• that work offline using traditional Web tools

• that do need frequent updates


Who hosts an App?• Firefox Marketplace hosts App packages

• that do use sensitive API’s1

• for when appcache is not enough2

1Mozilla will not host or review an App’s server-side logic or content2App has no server-side logic or content; Developer lacks hosting


What is an App Receipt?• JWT (Javascript Web Token, signed text blob)

•Cryptography reveals tampering or forgery

•Does Not reveal a user’s identity

•Not tied to a device


What is an App Receipt?{ typ: "purchase-receipt", product: { url: "https://grumpybadgers.com", storedata: "5169314356" }, user: { type: "directed-identifier", value: "4fb35151-2b9b-4ba2-8283-c49d381640bd" }, iss: "https://appstore.com", nbf: 131360185, iat: 131360188, exp: 141360188, detail: "https://appstore.com/receipt/5169314356", verify: "https://appstore.com/verify/5169314356", reissue: "https://appstore.com/reissue/5169314356"}


https://grumpybadgers.com/

https://grumpybadgers.com/

https://appstore.com/

https://appstore.com/

https://appstore.com/receipt/5169314356

https://appstore.com/receipt/5169314356

https://appstore.com/verify/5169314356

https://appstore.com/verify/5169314356

https://appstore.com/reissue/5169314356

https://appstore.com/reissue/5169314356

What is an App Receipt?• Issued by Marketplace

• Installed on device upon purchase

•Backed up by an opt-in ecosystem service

•Provided to App at launch time for server-side verification and fraud detection

•Periodically expired and refreshed to mitigate risk of key compromise


What is an In-App Payment?•A payment from the user to the developer from within the App

• Facilitated by DOM API for payment

•Current invisible to ecosystem services


What is an In-App Payment?

{ "aud": "marketplace.mozilla.org", "iss": "1OTC1FA7K1HOCADCS3KD", "request": { "priceTier": 1, "name": "The Product", "productdata": "<set to local transaction ID>", "description": "detailed description" }, "exp": 1348795465, "iat": 1348791865, "typ": "mozilla/payments/pay/v1"}


What is an App Store?•An App that lets Users discover, purchase, and install Apps

•A Web service that generates and validates App Receipts

•An community that reviews and curates Apps

•Any web page that calls mozApps.install()


Firefox Marketplace• Scalable implementation based on addons.mozilla.org

• 30Mbps on version checks

• 3 billion add-ons downloaded

• 25,000 developers

• Tiered architecture separates persistence, business logic, presentation layer

•Persistence layer preparing for multiple Data Centers


What is a Web Runtime?•Client-side code that includes

• Same HTML, JS, and CSS engines on all platforms

•Access to device API’s as governed by App Security Model

•Native application experience on each platform

•Access to cloud services

Browser


Web Runtime platformsFirefox OS Gecko Part of Gaia

Android Gecko Testing now in Firefox 18 Aurora

iOS WebKit? TBD

Mac OS X

GeckoEnabled for developers in Firefox 16

Firefox Marketplace support comingWindows Gecko

Enabled for developers in Firefox 16

Firefox Marketplace support coming

Linux

GeckoEnabled for developers in Firefox 16

Firefox Marketplace support coming


DATA FLOWSDiscover, Purchase, Install, Launch, Manage


Payment Aggregator

Discover + Purchase an App

receipt

nav.id

iframe

navigator.id.request(…)

navigator.id.onlogin(assertion)

assertion

nav.pay()

generate and sign

nav.pay callback

start session

launch marketplace

discover app

App Server App StoreApps in the

Cloud

Buy


Install Web App

receipt

nav.id

generate and sign

discover app

payment flow

mozApps.install(manifest URL, receipt)

GET manifestmanifest

manifest

receipt

manifest

Payment AggregatorApp Server App Store

update

receipt

Apps in the Cloud

Buy


Install Privileged App

receipt

nav.id

generate and sign

discover app

payment flow

mozApps.installPackage(package, receipt)package

receipt

package

update


receipt

Apps in the Cloud

Buy


Launch Appnav.id

receipt

validate receipt

nav.mozApps.getSelf()

refresh expired receipt

app running

create user session

access content


receipt

Apps in the Cloud


Make In-app Paymentnav.id

iframe

nav.pay()

buy

payment choices

access content


nav.pay notification

Apps in the Cloud


Update Web Appnav.id

receipt

manifest

Receipt Validation

access updated contentupdate AppCache


Apps in the Cloud


Update Privileged Appnav.id

receipt

package1

check for update (HEAD request + Etag)


get updated package

package2

Apps in the Cloud


Manage Appsnav.id

update


receipt

receipt

navigator.id.request(…)

navigator.id.onlogin(assertion)

assertionstart session

receipt

receipt

install

Apps in the Cloud


Values & User Stories

Systems & Concepts

Data Flows

Implementationdesign pressure design pressure


Engineering Values• Loose coupling between systems

•Open standards for HTML Apps

•User Sovereignty


CHALLENGESPrivacy, Payments, Sandboxes


Challenges: App Analytics

Provide developers with detailed information about

usage of installed AppsProtect User Privacy and

Sovereignty


Challenges: Links across Apps

Protect Users by creating new App isolation tools

Enable current Web services using new platform API’s

Protect Users with traditional Web sandbox

Current Web services just work


Challenges: Links across Apps


Challenges: Links across AppsLike the Browser Like Native Apps

Runtime, Profiles Shared Isolated

Sandbox Web Origin Native Platform

Paypal, Persona, etc Shared (but secure) Native Platform

User Settings Shared Native Platform

App Identity Origin Package / unique ID


Challenges

SOLVED

Permit Apps to access device API’s while protecting Users

Make App development very much like Web development


HOW WE WIN

•Build great experiences

•Be Natives, not Tourists

•Create an Open Ecosystem


HOW WE WIN

•Create Web Runtime (google, mozilla)

•Offer parity with Native platforms

• Exploit Web runtime (you)

•Avoid sock with sandals, loud plaid shirts

• Embrace native menus, device API’s

•Be awesome offline


1. CONTRIBUTE YOUR APP!


2. GET INVOLVED!


3. WE’RE HIRING!


REFERENCES

navigator.mozApps APIApp Manifest specification

http://mozilla.github.com/webapps-spec/

App Security model https://wiki.mozilla.org/Apps/Security

App Packaging format https://developer.mozilla.org/en-US/docs/Apps/Packaged_apps




https://wiki.mozilla.org/Apps/Security

https://wiki.mozilla.org/Apps/Security

https://developer.mozilla.org/en-US/docs/Apps/Packaged_apps




Architecture of the Mozilla Apps Ecosystem

Documents

Transcript of Architecture of the Mozilla Apps Ecosystem