Integrating Google Sign-In into Android App

In your sign-in activity’s onCreate method

// Configure sign-in to request the user's ID, email address, and basic
// profile. ID and basic profile are included in DEFAULT_SIGN_IN.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
        .requestEmail()
        .build();

// Build a GoogleSignInClient with the options specified by gso.
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);

Start the sign-in flow

@Override
public void onClick(View v) {
    switch (v.getId()) {
        case R.id.sign_in_button:
            signIn();
            break;
        // ...
    }
}
private void signIn() {
    Intent signInIntent = mGoogleSignInClient.getSignInIntent();
    startActivityForResult(signInIntent, RC_SIGN_IN);
}
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);

    // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
    if (requestCode == RC_SIGN_IN) {
        // The Task returned from this call is always completed, no need to attach
        // a listener.
        Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
        handleSignInResult(task);
    }
}
private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
    try {
        GoogleSignInAccount account = completedTask.getResult(ApiException.class);

        // Signed in successfully, show authenticated UI.
        updateUI(account);
    } catch (ApiException e) {
        // The ApiException status code indicates the detailed failure reason.
        // Please refer to the GoogleSignInStatusCodes class reference for more information.
        Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());
        updateUI(null);
    }
}

References
https://developers.google.com/identity/sign-in/android/sign-in

How To List and Delete Iptables Firewall Rules on Ubuntu 16.04

List Rules by Specification

sudo iptables -S

List Rules as Tables

sudo iptables -L

Delete Rule by Specification

sudo iptables -D INPUT -m conntrack --ctstate INVALID -j DROP

Delete Rule by Chain and Number

sudo iptables -L --line-numbers
sudo iptables -D INPUT 3

Flush All Rules, Delete All Chains, and Accept All
Note: This will effectively disable your firewall. You should only follow this section if you want to start over the configuration of your firewall.

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X

References
https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules

OpenVPN software repository for Ubuntu 16.04

sudo -s
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg|apt-key add -
echo "deb http://build.openvpn.net/debian/openvpn/<version> <osrelease> main" > /etc/apt/sources.list.d/openvpn-aptrepo.list
echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" > /etc/apt/sources.list.d/openvpn-aptrepo.list
apt-get update && apt-get install openvpn

References
https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos

Android Facebook SDK get Email, Date of Birth and gender of User

GraphRequest request = GraphRequest.newMeRequest(
        accessToken,
        new GraphRequest.GraphJSONObjectCallback() {
            @Override
            public void onCompleted(
                   JSONObject object,
                   GraphResponse response) {
                // Application code
            }
        });
Bundle parameters = new Bundle();
parameters.putString("fields", "id,name,link");
request.setParameters(parameters);
request.executeAsync();

References
https://developers.facebook.com/docs/android/graph
https://stackoverflow.com/questions/29295987/android-facebook-4-0-sdk-how-to-get-email-date-of-birth-and-gender-of-user

Set up OpenConnect VPN Server (ocserv) on Ubuntu 16.04/17.10 with Let’s Encrypt

Installing OpenConnect VPN Server on Ubuntu 16.04/17.10

sudo apt install ocserv

Installing Let’s Encrypt Client (Certbot) on Ubuntu 16.04/17.10 Server

sudo apt install ocserv
sudo apt install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot

Obtaining a TLS Certificate from Let’s Encrypt

certbot certonly --standalone -d ocserv.example.com

Editing OpenConnect VPN Server Configuration File

sudo nano /etc/ocserv/ocserv.conf
auth = "plain[/etc/ocserv/ocpasswd]"
tcp-port = 443
udp-port = 443
run-as-user = nobody
run-as-group = daemon
socket-file = /var/run/ocserv-socket
server-cert = /etc/letsencrypt/live/ocserv.ml/fullchain.pem
server-key = /etc/letsencrypt/live/ocserv.ml/privkey.pem
ca-cert = /etc/letsencrypt/live/ocserv.ml/chain.pem
max-clients = 8
max-same-clients = 0
try-mtu-discovery = true
device = vpns
dns = 8.8.8.8
dns = 8.8.4.4
cisco-client-compat = true
default-domain = ocserv.example.com
tunnel-all-dns = true

Then comment out all the route directives (add # symbol at the beginning of the following four lines), which will set the server as the default gateway for the clients.

route = 10.10.10.0/255.255.255.0
route = 192.168.0.0/255.255.0.0
route = fef4:db8:1000:1001::/64

no-route = 192.168.5.0/255.255.255.0

Fixing DTLS Handshake Failure

DTLS handshake failed: Resource temporarily unavailable, try again.
sudo cp /lib/systemd/system/ocserv.service /etc/systemd/system/ocserv.service
sudo nano /etc/systemd/system/ocserv.service

Comment out the following two lines.

Requires=ocserv.socket

Also=ocserv.socket
sudo systemctl daemon-reload
sudo systemctl stop ocserv.socket
sudo systemctl disable ocserv.socket
sudo systemctl restart ocserv.service

Creating VPN Accounts

sudo ocpasswd -c /etc/ocserv/ocpasswd username

Enable IP Forwarding

sudo nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
sudo sysctl -p

Configure Firewall for IP Masquerading

ifconfig
sudo iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE

Preserving Iptables Rules

apt-get install iptables-persistent

If apt-get install iptables-persistent has no effect, run dpkg-reconfigure iptables-persistent instead

Or do it manually :
By default, iptables ruls are lost after reboot. To preserve them, you can switch to root user and then save your rules to a file.

su -

iptables-save > /etc/iptables.rules
nano /etc/systemd/system/iptables-restore.service
[Unit]
Description=Packet Filtering Framework
Before=network-pre.target
Wants=network-pre.target

[Service]
Type=oneshot
ExecStart=/sbin/iptables-restore /etc/iptables.rules
ExecReload=/sbin/iptables-restore /etc/iptables.rules
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload

sudo systemctl enable iptables-restore

Install and Use OpenConnect VPN client on Ubuntu 16.04/17.10 Desktop

sudo apt install openconnect
sudo openconnect -b vpn.example.com:port-number

-b flag will make it run in the background after connection is established

sudo pkill openconnect
sudo apt install network-manager-openconnect network-manager-openconnect-gnome

References
https://www.linuxbabe.com/ubuntu/openconnect-vpn-server-ocserv-ubuntu-16-04-17-10-lets-encrypt
https://yoursunny.com/t/2017/ocserv-letsencrypt/
https://lowendbox.com/blog/install-openconnect-server-on-ubuntu-16-04/
https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules