Archive for

Amazon SimpleDB for Windows Phone Part 3 — Token Vending Machine

One important aspect of accessing SimpleDB on a Windows Phone directly is that it isn’t going through another service that can handle securing the credentials needed to access SimpleDB. SimpleDB, like most (if not all) AWS services, requires two pieces of information to secure a request of the service: AWS Access Key ID and Secret Key. These are two pieces of data that I would rather not put on a device that people carry around with them. Amazon agrees.

Amazon has something called the AWS Security Token Service (STS) and a reference application called the Token Vending Machine (TVM). The STS can provide temporary credentials in place of the actual credentials of an AWS account. These credentials can be tailored to provide specific access to specific services and resources and most importantly are time limited. They expire and not a moment too soon. But to use the STS, a web service like the TVM is needed to accept connections and hand out the temporary credentials.

I’m Being Cheap

My goal for this experiment was to provide a multiuser experience without having to put up any money or worry about running any servers. At least until I could see how the app was paying for itself and how resource intensive the app is. Microsoft’s Azure was my first choice as I have a lot of experience with SQL Server, ASP.NET, etc. However, even with the smallest instance type, Azure costs money. I’m not in the BizSpark program, so I don’t have any free hours available to me. So Azure is out.

My second option was to get a cheap hosting account and do something similar to Azure, just in a shared hosting environment; a MVC web service to a SQL Server backend. But even this option costs more money than I wanted to put out. I really wanted to spend $0 on this both now and in the months to come. (I’m not including my time in the cost calculation. Clearly.)

Looking over Amazon’s Elastic Compute Cloud (EC2) product, I found that they have a 1 year offer for a free tier. Here’s what that free tier comes with:

  • 750 hours of EC2 running Linux/Unix Micro instance usage
  • 750 hours of Elastic Load Balancing plus 15 GB data processing
  • 10 GB of Amazon Elastic Block Storage (EBS) plus 1 million IOs and 1 GB snapshot storage
  • 15 GB of bandwidth out aggregated across all AWS services
  • 1 GB of Regional Data Transfer

No Windows in sight. Boorah. At this point, I started to resign myself to either spending some money or moving outside of my comfort zone. Looking over the TVM application, I noticed that this is deployed using the AWS Elastic Beanstalk and can run in a micro linux/unix instance. SimpleDB usage is free for the amount of data that this app will use and Elastic Beanstalk itself doesn’t cost any money. The resources you use to run the application are what costs money, ie. EC2.

Getting the TVM Going

The TVM reference application is a web service written in Java running on Tomcat. I hadn’t used Java since 1999, but I use C# daily so I wasn’t completely out of my element. I agreed that this could be a good way to meet my goals for the application and, hey, I’d probably learn something. The installation instructions for the TVM are great. Following them was a breeze and in no time I had a TVM running on a micro EC2 instance in the cloud. For free.

The TVM has two modes for retrieving temporary credentials: Anonymous and Identity. In my case, Anonymous was the mode I wanted to use as the app I’m using it on does not span devices. I only care about the device itself being able to get credentials. Communicating with the TVM in anonymous mode is a 3 step process as shown in Amazon’s diagram:

First the device is registered with the TVM, then if there are no credentials or existing credentials have expired, the TVM is asked for a new set of credentials. The TVM will then send back a set of encrypted credentials (I’ll go over the encryption in Part 4). Again, Fiddler came in very handy debugging this part of the process. One of the first things I learned how to do was to check the logs of the application.

Screenshot of the TVM application showing how to get the logs.When debugging the TVM application, this is the first line of defense. Check the logs to see what errors the application is throwing.

Once the app is getting valid credentials, those credentials are sent to SimpleDB in a different way than with known static credentials. On page 24 of the Amazon SimpleDB Developer Guide (PDF), Amazon explains how the request will differ from a “standard” one:

Format of how a temporary credential request is formed against SimpleDB.

The request is similar to a standard request. There’s still an AWSAccessKeyId, but this one is the temporary one sent back from the TVM. Additionally, instead of signing the request with a known secret key, the request is signed with the SecretKeyId sent from the TVM. Those parts are essentially the same, but also needed is the Security Token retrieved from the TVM. Beyond sending these pieces of information, the request to SimpleDB is the same. The rest of the SimpleDB access code doesn’t change.

Amazon currently provides an AWS Android SDK and an AWS iOS SDK that include samples of how to communicate with the reference TVM. As I said in Part 1, they don’t have a WP7 SDK. Having the Android SDK is good for reference purposes and to see how the system is supposed to work in a mobile environment.

I’ll get into some code in Part 4, but this serves as a general overview of the Token Vending Machine and how I intend on interacting with it on Windows Phone.

Missed the rest of the series? Check ’em out:

Amazon SimpleDB for Windows Phone Part 1 — Signature
Amazon SimpleDB for Windows Phone Part 2 — Using Fiddler


Amazon SimpleDB for Windows Phone Part 2 — Using Fiddler

Almost immediately after writing the code to connect to the SimpleDB, I started running into HTTP error codes. No 200’s for me. Since my code is directly working with HttpWebRequest objects and their corresponding HttpWebResponse objects, I could just look through the response object and its properties to see what went wrong. But if you want to see what actually went over the wire, both on the way out and back in, there’s such a better way to do it. Fiddler.

If you don’t know what Fiddler is, it’s an awesome tool to view all http requests and their responses from your machine. It’s like the network console of IE’s F12 tool or Firebug for Firefox. And you get to see everything in excellent detail, mess with it, and replay requests to name just a couple features. Here’s how Fiddler describes itself:

“Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect traffic, set breakpoints, and “fiddle” with incoming or outgoing data.”

Getting it to work with a browser is not hard. But I wanted to use it with the Windows Phone Emulator. At first I had some trouble, but after finding this article by Eric Lawrence (Fiddler’s daddy), I was able to enable it and get down to business. Go read that article to get it running for your emulator. Eric’s article talks about viewing IE requests through fiddler, but it should work the same for your app’s networking code.

Viewing SimpleDB Traffic

The default way of connecting to SimpleDB is over https. However, that complicates debugging inside of Fiddler for a couple different reasons. During development, it’s easy enough to just set the connect URI for SimpleDB to

The first problem I ran into was that I was getting a HTTP 403 Error. Forbidden. Sounds so mean and uninviting. Honestly, the 403 error response is not very useful. But the payload of the response from SimpleDB was a big help. Here is the XML response that I received:

<?xml version="1.0"?>
            <Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.</Message>

Screenshot showing a SignatureDoesNotMatch SimpleDB error in Fiddler

We now have a more specific error message that says SignatureDoesNotMatch. Meaning the signature that I calculated and sent along in the request is not the same as what they calculated. I don’t remember the specifics on how I found what the problem was, but as I mentioned in Part 1, the values of the query string should be in alphabetical order except for the AWSAccessKeyId. Using Fiddler, I was able to see this error message easily, search the net for this error code and solve the problem.

Missed the rest of the series? Check ’em out:

Amazon SimpleDB for Windows Phone Part 1 — Signature

Amazon SimpleDB for Windows Phone Part 1 – Signature

The first thing to know about the SDK provided by Amazon for .NET (AWSSDK) is that it does not work on Windows Phone. You can’t reference the DLL because it hasn’t been compiled as a phone class library. If you try to put the source code in and compile it yourself, it won’t compile. This is because the SDK contains a lot of code that just doesn’t exist in the subset of .NET running on the phone. Amazon has released an SDK for Android and iOS but has yet to release one for Windows Phone. I assume they are working on it, but who knows.

I’m not going to go into how to use the entire AWSSDK with WP7. For my purposes, I only want to use SimpleDB and that’s all I’m concerned with in this series of blog posts. Amazon SimpleDB has an API accessible via REST requests and the documentation on creating the REST requests is fairly straightforward, so follow them as needed. For me, the biggest problem I ran into was the creating the signature necessary for a valid request. I kept getting a 403 response code with the error message SignatureDoesNotMatch.

If you look through the AWSSDK to find how Amazon does the signature, you’ll find that they cover all their bases. The SDK is broad, configurable, and robust. For example, the SDK allows you to specify a hash algorithm at runtime by changing the configuration. They do this by using a KeyedHashAlgorithm that the hash method uses to hash the parameters. In my case, I don’t need a lot of that. Instead, I used a specific hash algorithm as shown below:

public static string HMACSign(string dataToSign, string key)
          var hashKey = Encoding.UTF8.GetBytes(key);
          var hasher = new HMACSHA1(hashKey);
          var hashedData = hasher.ComputeHash(Encoding.UTF8.GetBytes(dataToSign));
          return Convert.ToBase64String(hashedData);

Using the JavaScript Scratchpad for Amazon SimpleDB and some F12 debugging tools in IE9, I was able to verify my signature method was signing the data correctly. But I was still having trouble getting my data to match up with the data from the scratchpad, so I was never getting a correct signature. It turns out, the problem was with the order of the parameters getting signed.

To sign the request, the parameters must be in alphabetical order. That is EXCEPT the AWSAccessKeyId. This has to be before the Action parameter even though it clearly would come after it if the paramters were sorted as is.

AWSSDK uses a SortedList to sort the parameters collection. Once again, this class isn’t in WP7. Instead, I used a LINQ query to sort the parameters collection.

     var sorted = from p in parameters orderby p.Key ascending select p;

The trick for me was to sort the parameters Dictionary before adding AWSAccessKeyId. When creating the string of data to be signed, I manually append the AWSAccessKeyId before looping through the collection of parameters to add them.

This creates a string like this:


Notice that all the parameters are sorted except for the AWSAccessKeyId. Put that one in there before the sorted ones, then sign that string. Once I made that change, I was able to create requests and sign them successfully. This sample was done using the GetAttributes function of SimpleDB with a GET request. Stay tuned for more posts on this subject. I’m posting as I work through my solution. Eventually I’ll share what I’m using SimpleDB for.

Missed the rest of the series? Check ‘em out:

Amazon SimpleDB for Windows Phone Part 2 — Using Fiddler

Constraints for Devs and Managers

The sheer amount of options that developers have is staggering. Software language, platform, and frameworks are all big choices that developers have to make. And they think they love it. They think that they’re in a smorgasbord of choice and that it’s the greatest thing ever. But it’s not. What they don’t realize is that if they had fewer choices, their code would be better, the end product will be better, and they’ll be happier.

Make Your Own Constraints

If you’re in the type of job where you create the same thing over and over, then you need to start making your own constraints. Don’t worry about all the possible ways you could do something. Cut out most of the options and solve it using a self-imposed set of constraints.

For example, when LINQ first came out, I had a new project that was fairly typical. I told myself that this project was going to be done without using T-SQL stored procedures. I was going to do all the data access in LINQ to SQL in order to learn how to do it. Some things were big challenges. I was so used to doing complicated T-SQL patterns in stored procedures that I had to force my brain to relearn how to do what had become simple tasks. But it was worth it. Not only did I learn LINQ syntax and some of the more complicated joins, but I had a good time. I made my own job more interesting. It probably took longer. But the long term payoff was greater.

Do You Run a Group of Software Devs?

If you’re the guy in charge, you need to keep your devs interested. They can get bored easily and if you’re not challenging them, they might want to move on. If the type of work you do is often regurgitated over and over, then you need to create fake problems for your engineers. I really mean it. Fake problems. Don’t tell them they are fake problems, though. Just tell them that, oh by the way, the internet pipe to that client is only online once every hour for 2 minutes. It sounds ridiculous in this day and age, but it will force your engineers to solve the problem creatively.

They also like to be tricky. If you’ve given them a problem with a loose set of fake problems, they will naturally try to work around a problem and just might inadvertently solve a different problem. Since the constraint is fake, you don’t really care if they worked around it. But you just might get something you weren’t looking for, something you can use later, or some new technology or feature upgrade to put in another product or sell to another client.

By focusing their logical minds on solving a problem, you will be allowing the creative side of their brains to open up and solve other problems in new and interesting ways. Engineers love to solve problems and if there are no problems to solve, the stagnate and get bored. Don’t let your engineers get bored.

Frameworks Are Your Friends

Software Devs can be like kids sometimes. And anyone with a kid (hopefully) knows that you need to set boundaries. Boundaries are good for the kids because it lets them play securely within the boundary. They know, “as long as I’m in here, I’m safe”. And the same applies to software devs. Give them a framework to play in that is smaller than the full range of possibilities. Language frameworks nowadays can be quite large and that can be overwhelming. But if a developer knows that they can only use a certain subset of the entire framework, there’s less to keep track of.

An inexperienced dev might work on something thinking, “I wonder if there’s a better way to do this that I just don’t know about.” And there might be. But if you limit their set of tools, it will be clearer to them that the solution they came up with is in fact the best way to do something. An anxious engineer is not a good engineer.

I’m not saying pretend jQuery doesn’t exist and make them recreate it each time. But maybe say, “Time spent downloading JavaScript frameworks must be less than 50 ms.”. This will force them to limit the sheer amount of JavaScript they include in the page which will limit their toolset. And you never know. They might just come up with something awesome.

Design Guidelines

If you’re designing for a specific platform that has a set of design guidelines, thank your lucky stars. Mobile platforms such as the Windows Phone and iPhone have published guidelines on how an app should reuse existing navigation and design guidelines. This helps ensure that the user experience is consistent regardless of the app. Android, on the other hand, does not have these guidelines, so a developer is left to their own devices. And often those devices are wrong.

Just getting started on Android can be harder because you don’t necessarily know where to start. At least on the other platforms, you have certain ground rules that you should follow and following those rules makes development easier. Sometimes, not following the rules will keep your app from being certified. If you don’t have a designer on staff, you don’t necessarily need one. The platforms have already employed designers who have made some guidelines for you. Follow the guidelines for design and focus your energy on what you’re good at.

Write Good Software

Regardless of the constraints, write excellent software that is simple, easy to debug, and clean. Spend more time on the code you do write, and less time worrying about what you didn’t write. Limiting the sheer volume of what’s available will help accomplish this.

Photo courtesy of Flickr user edwbaker.

United Pixelworkers 50 States T-Shirts

UPDATE: This sale is now over. If you didn’t get one, bummer.

Have you heard of United Pixelworkers yet? It’s a cool t-shirt design shop from the folks at Full Stop Interactive. They feature t-shirt designs from guest designers, take orders for a set number of days, then ship the t-shirts. Here’s what they have to say for themselves:

United Pixelworkers is an unspoken alliance of web workers — designers, developers, copywriters, user experience architects, and bloggers — dedicated to building a better Internet. We’re all in this together.

So it’s a fake union concept aimed at bringing all of us web workers together. I’m primarily a developer and a wannabe designer, so this is aimed straight in my direction. I’ve got this Nightowl Division one on the way and I can’t wait to see what else they come up with. I covet these t-shirts.

Right now they’re running a 50 state t-shirts in 50 days sale. They look awesome and I think I might just get one. Go get yours!

Holy Lame Apple Product Announcement Batman!

You really did it to yourself, Apple. I suppose it’s not that surprising. You did really well time after time and we all just assumed you would do well again. But this time, there was (implicit) overpromise, under deliver. Maybe if you hadn’t announced most of this stuff at WWDC just months ago, we’d be impressed. Actually, you should have introduced this stuff at WWDC and just never done this announcement.

How Many Megahertz?

Why exactly do we suddenly care about the technical specs of the phone? Dual core? Fancy lens? My mom isn’t ever going to care about that. The 8 MP camera might interest her. So the iPhone 4S has the same chip as the iPad 2. Big deal. Whenever anyone asks me about my iPad 2, I never get asked, “Does that have the dual core A5 chip in it?” No, they want to feel how light it is, how thin it is and does it play Angry Birds. The iPhone 4S looks exactly like the iPhone 4 and that’s what makes it lame. Fine, you’ve got dual antennas now. Way to fix a problem a year later. You couldn’t just admit that you made a mistake there and redesigned it? No, you had to go and make it more complicated. Wasn’t it Einstein who said:

“Make everything as simple as possible, but not simpler.”  *

Pfft. Einstein. Who cares. Put two antennas in there!!! You know, you could just not make the band around the phone the antenna. Sometimes the road less travelled is less travelled for a reason. Seinfeld said that.

Wait. Apple is a Greeting Card Company Now?

There was an Onion article that spoofed how new Apple CEO Tim Cook wanted to focus on printers. Who knew how close to the truth that was. Since you didn’t really have much new in the software department to show us, we got to see your oh so awesome greeting card app. Now my friends and family can see just how thoughtful I am. I cared enough to click a button on my phone. Really? Where’s Seth Meyers? Also, that was super sweet when you introduced Google Latitude. I mean Glympse. I mean Find my Friends.

And thanks for those helpful statistics on Lion. 10% of your user base in 2 weeks and Windows 7 took a whole month?? Seriously, what intern did you have working on that slide deck? You know, Windows 8 had 10% of your Lion user base downloaded in less than 12 hours. And it’s not even released. Interesting stat? Nope. Neither was yours. Besides, Lion was a service pack. Not a new OS. Firefox much?

What Did I Like?

Actually, I liked the $99 AppleCare+ announcement. If it were for a MacBook. So I have to pay $99 just for the chance to spend ANOTHER $49 to get my phone fixed if I drop it? Amazing. You’re going to convince people to spend $199 on a 16 GB phone on contract, and then another 50% for the possibility of getting a refurb one when they inevitably drop it. It’s a phone. It’s not a collector’s item. If you drop it, just wait 12 months until Apple releases a new one. This is a page right out of Best Buy’s playbook.

Now You Too Can Be a 4 Year Old Girl

Oh sweet! A Mickey Mouse watch face for my iPod nano. Awesome. I’m gonna go get laid right now. Hold my fanny pack?

It’s too little and quite lame in comparison to the Windows Phone Mango rollout that just preceded you. Remember when everyone had a PlayStation?

* This is the classic paraphrase of Einstein. Someone said it simpler than he did. How meta.

My Top 5 Windows Phone Mango Features for Consumers

 Windows Phone 7.5 (Mango) is a huge upgrade for Windows Phone users. There’s a crazy number of new features and it’s hard to pick just five. But let’s try, shall we?

Twitter Integration
This is totally what I wanted from Twitter integration on Mango. I love being able to easily post photos from the camera directly to Twitter, update my status from the “Me” tile, and read tweets from single contacts or groups of contacts right on the front page. That tile flips over and I get to see what someone said. Just like we’ve been able to do with Facebook. I initially had some issues linking Twitter contacts, but I wrote about how to link them up so that should make it easier.

Live Tiles
Live tiles prior to Mango were possible, but implementation by developers was weak and inconsistent. With Mango, developers have been given some significant powers to make their tiles awesome and engaging. I really hope that developers take advantage of this feature and drop some cool stuff in there. Not just the primary tile. I want to see secondary tiles with deep links. C’mon!

Voice Text Messaging
I experienced this feature the first time while driving in the car and it was a total surprise. I received a text message and suddenly the phone started reading the message to me! Then it asked me if I wanted to reply! I said sure, spoke my message out loud, and there it was on the phone. A little back and forth without having to touch the phone. Totally seamless and natural. Killer. Works while connected to bluetooth.

Camera Touch to Snap
Any random with an iPhone knows how to focus the camera by touching anywhere on the screen. But what they can’t do is take the picture at the same time. Mango can. Not only can you focus on a particular part of the screen by touching it, but the camera will take the shot at the same time. Then, uploading to Twitter is just a couple taps away.

Linked Inbox
I enabled this feature immediately for my Exchange account and a Gmail account. In general, I’m not a fan of linked inboxes; I tend to keep them separated to keep my sanity. But I’ve actually never turned off the linked inboxes. It’s really easy to add a new one and the single email count on the lock screen is awesome. Sending new messages is just as easy.

So there’s five. Maybe we’ll do another five some other time as there’s just so much to talk about.

Core77 Fast Track to the Mobile App Contest

Looks like the awesome folks over at Core77 are sponsoring a windows phone app development competition along with Microsoft. All you have to do is come up with an idea and present it with a 500 word description, up to 5 mock up screen images, and optionally a video and/or SketchFlow prototype. What’ll could you win?

Five winners receive an App Development Deal with a revenue-splitting partnership option, Windows Phone device, Xbox 360 with Kinect, and an App Hub subscription. 100 finalists receive an App Hub subscription with access to free developer tools, and twenty-five semi-finalists also win a Windows Phone device.

Looks like a good deal for someone who wants to get involved in windows phone programming For more information, check out the Fast Track App Competition contest site.

Introducing: Pomodoro Timer for Windows Phone Mango

I’d like to officially take the wraps off the Windows Phone 7.5 Mango app that I’ve been working on for the past couple months and introduce you to the Pomodoro Timer for Windows Phone 7.5 Mango. For those who don’t know, a pomodoro timer is the basis of a time management system introduced by Francesco Cirillo back in the 1980s. You can read more about it The general idea is that you set a timer for 25 minutes and focus on one task only for those 25 minutes. After the timer is up, take a short break, and go again. I’ve used it and found that it makes the day go by faster and keeps me “in the zone” longer.

I wanted to make Pomodoro Timer for Windows Phone so that took advantage of many of the new features in mango and had a sense of style. So, lets take a look!


  • Multitasking
  • Phone Reminders
  • Switch Between Pomodoro, Break, and Long Break
  • Track Internal and External Interruptions Quickly
  • Live Stats for Today and the Past Week
  • Live Tiles
  • Edit Entries to Add a Description
  • Delete Unwanted Entries
  • Customize Timer Durations
  • Customize Phone Lock Behavior
  • Ad Free


The main page of the app is the timer page. On this page, you can select to do a pomodoro or a break. Tapping multiple times on the break button will switch between normal and long break. The great thing about this app is that you can start the timer and then leave the app. No need to keep the app running in the foreground. Your timer keeps going as expected. This is great for battery life as you can lock your phone while you’re working. Once the timer is up, you’ll get an alarm and you’re done. Go back into the app to start a break or check your stats.

The stats page has three different graphs. The first is a glyph list of what you’ve done today;  a tomato for pomodoro and a coffee cup for a break. A long break is three coffee cups. The second graph is from the past week. Red triangles represent completed pomodoros and accent colored ones represent pomodoros started, but not completed. One of the tenets of the pomodoro technique is that a pomodoro cannot be paused. It is voided if you stop. Those are marked as incomplete in my app.

The third graph shows the interruptions for today and how prevalent each one is. There are two types of interruptions, internal and external. The app bar has an icon for each that you can easily press while the timer is running to mark an interruption. A dot will appear above or below the timer and the graph will show you how you get interrupted more often. This helps in determining if you are being interrupted by yourself or by people around you so you can make changes.

Tapping the entry list app bar icon lets you see a list of each pomodoro and break for today. You can check one or more and either add a description or delete them. If you’d like to clear out all of your data, click the “clear log” button and you can start over.

Don’t like the default times? No problem. Just go into the settings page and set the duration for the pomodoro, break, and long break. You can even keep the phone from locking while a timer is active by switching the log toggle to on.

Screen Shots

Get the pomodoro timer on the Windows Phone Marketplace!

Twitter Contact Linking in Windows Phone Mango

This confused me a little bit from the get go, but it turns out I had made it harder on myself without realizing it. When I turned on the Twitter integration on Windows Phone Mango, the first thing I noticed is that now my people tile was full of contact photos from Twitter. I don’t follow that many people (136), but all those people were now filling my contacts list. Just imaging what yours will look like! This was no good to me, so I filtered them out.

If you go into settings in the people hub, there is a button that says “filter my contact list”.

Tapping this lists all of the accounts that you have. I unclicked Twitter and, voila!, no more Twitter contacts in my contact list.


This does not mean that you can’t see Twitter updates on the “what’s new” tab. To make sure you’re seeing Twitter updates on the “what’s new” tab, click on “what’s new” and choose “Twitter” on the “show updates from” window.

What happened to me was, now that I didn’t have Twitter contacts in my list, I couldn’t see how to link a Twitter account to a phone account so that updates would show up in their tile. This is where it turns out I was not looking closely. In your Twitter feed on the “what’s new” tab, clicking on the person’s name will bring up that contact card. Clicking on the post itself will show you that post. That’s where I got confused.


Slide over to “profile” and there in the app bar is the “link” button that allows you to link contacts just like you could in all other accounts.


Had I not removed Twitter from my list of contacts I could have found the contact in the list and done the contact link normally. I don’t have a Facebook account, but I assume the process is the same for that.


I'm Ken Stone. I'm an indie developer with a focus on .NET and Windows Phone development. I have a day job, but everything I say is mine alone.

TechEd 2012July 11th, 2012
Let the learning begin.