Google APIs

Download Google APIs

Post on 27-Dec-2014

588 views

Category:

Documents

2 download

Embed Size (px)

DESCRIPTION

Je Partage #1 - 2013 Prsentation sur le fonctionnement des Google APIs et les technologies Google les plus incontournables et les plus utiles dans le domaine de dveloppement. Par : DILMI Fethi (af_dilmi@esi.dz)

TRANSCRIPT

<ul><li> 1. UnderstandingGoogle APIsBuilding application that uses Google APIsFethi DILMIActive Member at Scientific Club of ESI CSETechnical Manager at GDG AlgiersMicrosoft Student Partner </li> <li> 2. Whats Google APIs? </li> <li> 3. Whats Google APIs Google offers a variety of APIs, mostly web APIs for web developers and mobile developers. The APIs are based on popular Google consumer products, including Google Maps, Google Earth, AdSense, Adwords, Google Apps and YouTube. </li> <li> 4. Whats Google APIs Example: YOU use Google+ from your web browser. Your Android application uses Google+ through Google+ API. i.e: Google APIs are the tools we need to build applications that can use Google Products. </li> <li> 5. How Google APIs work behindthe scenes? </li> <li> 6. How Google APIs work behind the scenes ? Most of Google APIs are web-based APIs. This kind of APIs are called RESTFUL APIs (because they are based on REST architecture). REST is a style of software architecture that is based on HTTP protocol to retrieve data. </li> <li> 7. How Google APIs work behind the scenes ? Most of Google APIs are web-based APIs. This kind of APIs are called RESTFUL APIs (because they are based on REST architecture). REST is a style of software architecture that is based on HTTP protocol to retrieve data. Simply, in order to use Google APIs , you only need to make HTTP requests to get data </li> <li> 8. How Google APIs work behind the scenes ? Example: Google Places APIhttps://maps.googleapis.com/maps/api/place/nearbysearch/xml?location=36.825,2.3257&amp;radius=50000&amp;sensor=false&amp;key=AddYourOwnKeyHere </li> <li> 9. Global Structure of an API HTTPrequest: </li> <li> 10. Global Structure of an API HTTP request Each HTTP request is composed of 4 parts: API Scope Action Output format Parameters To understand these parts, well take the previous example:https://maps.googleapis.com/maps/api/place/nearbysearch/xml?location=36.825,2.3257&amp;radius=50000&amp;sensor=false&amp;key=AddYourOwnKeyHere </li> <li> 11. Global Structure of an API HTTP request 1- API Scope: A scope is the main part of the HTTP request. In our case its: https://maps.googleapis.com/maps/api/place A scope defines the web address of the API. For example, the scope of Google Latitude API is: https://www.googleapis.com/latitude/ NB: Some API Scopes defines an API version, just like the Latitude API </li> <li> 12. Global Structure of an API HTTP request 2- Output formats: There are 2 possible output formats for an API request. JSON XML In the previous example, we could get the same results in JSON format:https://maps.googleapis.com/maps/api/place/nearbysearch/json ?location=36.825,2.3257&amp;radius=50000&amp;sensor=false&amp;key=AddYourOwnKeyHere </li> <li> 13. Global Structure of an API HTTP request 3- ACTION: Each Google web API gives you a set of possibilities called ACTIONS. In our example, we specified for the Google Places API the action nearbysearch to search places in a radius of 50Km. We could also search a places detail. </li> <li> 14. Global Structure of an API HTTP request 4- Parameters: Each action has a set of parameters. Action Parameters let you customize the results you want to get. In our example, we could add the parameter type=food to search only for restaurants. </li> <li> 15. Types of Google web APIs </li> <li> 16. Types of Google web APIs There are 2 kinds of Google web APIs: Public APIs. Private APIs. </li> <li> 17. Types of Google web APIs 1- Public APIs Interact with public content: Google Maps API, Google Places API .. Need an authentication key to be able to retrieve data. </li> <li> 18. Types of Google web APIs 2- Private APIs Interact with user private date: Google+ API, Google Latitude API, Google Drive SDK .. Need an authorization process before accessing to user data. </li> <li> 19. Public APIs and Authentication:Whats THAT !! </li> <li> 20. Authentication Public APIs use authentication key to identify your application. This means, in our previous example we would not be able to make a search using Google Places API without specifying an authentication key. Each device type has a different kind of key: Android application authentication key. Web application authentication key. Web Service authentication key .. </li> <li> 21. AuthenticationBut Why ? </li> <li> 22. Authentication Identify from which device your application is making API request: i.e: You cant make an API request from a web browser using an Android application authentication key. Limit the quota of requests per day: Each API has a limited number of requests per day. Since your application makes request using an authentication key, Google Servers will be able to stop your application when it exceeds its daily quota. Limit the number of requests per second for a single user: Your application may be used by millions of people at the same time, and since were talking about a daily quota, we have to limit the number of requests/second for a single user. </li> <li> 23. Authentication Identify from which device your application is making API request: i.e: You cant make an API request from a web browser using an Android application authentication key. Limit the quota of requests per day: Each API has a limited number of requests per day. Since your application makes request using an authentication key, Google Servers will be able to stop your application when it exceeds its daily quota. Limit the number of requests per second for a single user: Your application may be used by millions of people at the same time, and since were talking about a daily quota, we have to limit the number of requests/second for a single user. </li> <li> 24. Authentication Identify from which device your application is making API request: i.e: You cant make an API request from a web browser using an Android application authentication key. Limit the quota of requests per day: Each API has a limited number of requests per day. Since your application makes request using an authentication key, Google Servers will be able to stop your application when it exceeds its daily quota. Limit the number of requests per second for a single user: Your application may be used by millions of people at the same time, and since were talking about a daily quota, we have to limit the number of requests/second for a single user. </li> <li> 25. Private APIs and Authorization:Whats THAT !! </li> <li> 26. Authorization: Private APIs try to fetch user data. This cannot be done without the permission of the user. So we need a tool to demand permissions from the user in order to perform action on his/her private data. </li> <li> 27. Authorization: Private APIs try to fetch user data. This cannot be done without the permission of the user. So we need a tool to demand permissions from the user in order to perform action on his/her private data. THIS TOOL IS CALLED OAuth2.0 </li> <li> 28. What is OAuth2.0 ?It is trying to solve a tricky problem. </li> <li> 29. What is OAuth2.0 ?If you, the developer, are building an application. </li> <li> 30. What is OAuth2.0 ? And your users </li> <li> 31. What is OAuth2.0 ?have data in another service that your application needs to function </li> <li> 32. What is OAuth2.0 ?such as their tasks list, or their photos </li> <li> 33. What is OAuth2.0 ? ???HOW DO YOU GO ABOUT GETTING IT? </li> <li> 34. NO !!You could ask the user for their name and password. </li> <li> 35. NO !!But then the user has given your application access to all their data on that service. Thats not safe. Dont do that. </li> <li> 36. NO !!The users name and password are like keys to their digital kingdom, you should never ask for them. </li> <li> 37. Better What we really want is a special key, one that only allows access to a limited set of data in the API. </li> <li> 38. Better A special key that the User can let the App acquire and use without the use of their name and password. </li> <li> 39. Thats OAuth2.0 But for that to work, everyone has to confirm that everyone else is who they say they are. </li> <li> 40. Thats OAuth2.0 That looks simple after all this </li> <li> 41. Thats OAuth2.0 But actually, its a little more complicated than even that, because that special key (Code) </li> <li> 42. Thats OAuth2.0 can change over time to keep things secure. </li> <li> 43. How to create Authentication andAuthorization keys ? </li> <li> 44. How to create Authentication and Authorization keys ? To get authentication/authorization keys, you have to register your application. Registering your application is signing its name, type, package, and extra info. </li> <li> 45. How to create Authenticat...</li></ul>