Securing your API and mobile application - API Connection FR
Web API for Mobile
description
Transcript of Web API for Mobile
-
Web API for MobileJaxARCSIG April 2012
-
About MeDavid Fekke L.L.C.Mobile apps for iOSRegular presenter at JaxDUG, JSSUG and JaxFusionWriting Web Services for over 10 years
-
History of Web Services1989 - Tim Berners-Lee invents HTTP/HTML1998 - XML 1.0, SOAP begins ratification2001 - SOAP standard2000 - Fielding dissertation on REST
-
SOAPSimple Object Access ProtocolUses a standard XML Schema over HTTPExtremely cross platform compatibleExtremely Slow
-
RESTRepresentable State TransferUses standard HTTPCan use any text format including XML
-
XML vs JSONXML tag based document formattingJavascript Notation by Douglas CrockfordJSON less verbose than XML, more lightweightMobile devices have limited bandwidth
-
Public APIsTwitterFacebookFlickrAmazoniTunes
-
WebAPIAvailable now as Nuget PackageBuilt-in as part of MVC 4Take advantage of HTTP features directly
-
HTTP methods as ActionsDefault route will use http method for actionController/action/idAPI/Controller/id GET/POST/PUT/DELETE
-
HTTP Method meaningsGet - Return an existing documentPost - Create a new documentPut - Update a documentDelete - Self explanatory
-
Configure TransportSet Xml or JSON based on Content-Type or Accept headerAccept: application/xmlCan also use Odata
-
Return CodesNow have the ability to specify return codes beside 200HttpResponseMessageHttpStatusCode.Created 201response.Headers.Location = new Uri()
-
Http Status codes201 Created200 Success/204 Success but No Content 403 Not authorized404 Does not exist500 Server Error301 Uri Moved
-
Security[Authorize()]https over port 443Security TokensOAuth
-
Testing WebAPIDownload Fiddler2Firebug (Firefox)ChromeOn Mac use CocoaRestClient
-
Consuming WebAPIWeb Apps (ASP.NET, MVC, PHP, Java, ColdFusion, Ruby(Rails), Python, Perl(if you are masochistic))JavaScript/JQueryMobile (iOS, Android, WP7, Blackberry OS)
-
Develop WebAPI and iOS on Same ComputerParallels or VMWareSet Network Adapter to BridgedRun Visual Studio as AdministratorHost on IIS (do not use IIS Express or Casini)
-
Consuming WebAPI in iOSUse NSURLConnection delegate or GCDShow progress while waiting on responseUse JSON over XMLNSJSONSerialization class (new in iOS 5)
-
XML Parsing in iOSNSXMLParser (Slowest)libxml2 (C api)TBXML (DOM, Fastest, no write or xpath)TouchXML (DOM supports xpath, no write)KissXML (based on Touch, can write)GDataXML (DOM, from Google)RaptureXML (DOM, supports xpath)
-
Call WebAPI from AndroidCreate DefaultHttpClient();Create request with HttpGet(Url);Create response handler BasicResponseHandler();httpClient.execute(request, handler);
-
JSON in Androiduse the JSONObject to parseJSONObject jo = new JSONObject(jString); jo.getJSONObject(car);jo.getJSONArray(cars);
-
XML Parsing in AndroidDOM, SAX and PullW3C Dom parserStandard Java Sax ParserSJXP (Pull parser)
-
WebAPI as persistenceDont use WebAPI as default persistence on MobileBoth Android and iOS have device persistencelocal storage, CoreData and SQLiteiCloud to sync between iOS devices
-
Demo
-
Questions
-
Contact InfoDavid Fekkefekke.com/blogdavid fekke at gmail dot comtwitter @davidfekkeaim: davefekke