Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

41

Transcript of Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Page 1: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda
Page 2: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIsConsiderations for Connected Mobile Apps

Torey LomendaChief Technologist, Object Partners (OPI)

Page 3: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

About OPI• Founded in 1996

• Java, Groovy, Mobile, Web, Open Source

• ~ 100 Employees

–Twin Cities, Omaha

–Chicago, Denver

–Average Tenure over 5 Years

Page 4: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Living in a Mobile World

Page 5: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

What Users Expect

Responsive, connected apps

...All The Time

Reality

Mobile Constraints

•Network Latency

•Runs on Battery

•CPU

Page 6: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Mobile Apps Need

Access to Online Data & Services

Remembering Constraints

Page 7: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

From Web Apps to Mobile AppsEvolution of Connected Apps

Page 8: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Focus on Web

Page 9: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Focus on Interoperability

Page 10: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Focus on Mobile (Web)

Page 11: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Another Challenge

The move to Micro-services

Page 12: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Martin Fowler Article (http://martinfowler.com/articles/microservices.html)

Page 13: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

A Friendly API

User Perspective

Doesn't get in the way of a great UX

Developer Perspective

Is intuitive, a pleasure to integrate into codebase

Page 14: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

The Rise of the “Friendly” Interface

Page 15: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Connecting Apps Shouldn't Be Painful

Page 16: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

Mobile API Standards Simple & Fast Completeness Best Practices Extras

Mobile API Considerations

Page 17: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Standards

Whatever Happened to SOA?

Page 18: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

HTTP Request (Headers/Body)

SOAP Envelope (WS-Basic)

WS-Security

WS-* Stack

XML Payload

Interoperability

XML for data exchange

HTTP for network protocol

What could be better?

Mobile Friendly APIs: Standards

DATA

Page 19: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

From SOAP to REST<?xml version="1.0"?>

<soap:Envelope

xmlns:soap="http://www.w3.org/2001/12/soap-envelope"

soap:encodingStyle="http://www.w3.org/2001/12/soap-

encoding">

<soap:Body xmlns:m="http://www.example.org/stock">

<m:GetStockPrice>

<m:Ticker>GOOG</m:Ticker>

</m:GetStockPrice>

</soap:Body>

</soap:Envelope>

<?xml version="1.0"?>

<soap:Envelope

xmlns:soap="http://www.w3.org/2001/12/soap-envelope"

soap:encodingStyle="http://www.w3.org/2001/12/soap-

encoding">

<soap:Body xmlns:m="http://www.example.org/stock">

<m:GetStockPriceResponse>

<m:Price>534.5</m:Price>

</m:GetStockPriceResponse>

</soap:Body>

</soap:Envelope>

ticker=GOOG

{"price":534.5}

Mobile Friendly APIs: Standards

Page 20: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

RESTlike NOT RESTful

The “Essential” Parts

JSON

POST/GET Requests

Action & Parameters

The “Other” Parts

PUT/DELETE

HATEOS & HAL

engine of application state

relational links

Mobile Friendly APIs: Simple & Fast

Page 21: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

RESTlike is Just Fine

POST player/create

POST player/delete/$id

POST player/update/$id

Mobile Friendly APIs: Simple & Fast

Page 22: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

JSON is your FriendStay Consistent

Completeness

Only What is Needed

Mobile Friendly APIs: Simple & Fast

"player": {

"name": "Torey Lomenda",

"number": "14",

"position": "center",

"funFacts": [...],

"seasonStats": [...]

}

"team": {

"name": "Lakeville Panthers"

"roster": [{

"player_name": "Torey Lomenda",

"player_number": "14",

"player_position": "center",

}]

}

NOT CONSISTENT

Page 23: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Completeness

API Granularity

Design APIs by Screen

Consider an API Gateway for Mobile

Page 24: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Completeness

API GranularityLazy APIs put the burden on the mobile app

Minimize use of Network

– Completeness (avoid roundtrips)

Page 25: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Minimizing Use of NetworkHTTP Latency ~1 second for each request over

3G

Battery drain as each network request requires power

Mobile Friendly APIs: Completeness

Page 26: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

API: Pure REST Approach

2

1

3

Page 27: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

API: “Friendlier” Approach

Mobile Friendly APIs: Completeness

12 3

Page 28: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Best Practice

Don't Forget

Slim It Down (gzip compression)

Heavy Lifting on the server

aggregation

server-side caching strategies

Page 29: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Best Practice

API Errors

Manage errors on server-side

Human-readable (ie: friendly) messages

Page 30: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Caching and Offline AccessHTTP Headers (Cache Control)

Cache-Control: specify how to cache the data

max-age: <seconds>

ETag: "15f0fff99ed5aae4edffdd6496d7131f" ← Entity Tag

If-None-Match: "15f0fff99ed5aae4edffdd6496d7131f"

Last-modified: <GMT Date>

If-Modified: <GMT Date>

Mobile Friendly APIs: Best Practice

Page 31: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Intermittent Connectivity: Maintain State

Picking up where you left off.

Keeping APIs stateless

Mobile-side: send “current state” from device through API

API-side: Merging & Conflict Resolution

Mobile Friendly APIs: Best Practice

Page 32: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Best Practice

Securing Your APIs Basic Auth/SSL

Token-based approaches like OATH

SSL Pinning (client checks server's certificate against a known copy of the certificate)

Page 33: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Batching Requests[{"method":"POST",

"relative_url":"me/feed",

"body":"message=Test status update&link="

},

{"method":"GET","relative_url":"me/feed?limit=

1"}]

[{ "code": 200,

"headers": [...],

"body":"{...}"

},

{ "code": 200,

"headers": [...],

"body": "{...}

}]

Mobile Friendly APIs: Best Practice

Return batch responses

Page 34: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Best Practice

Background/Async Processing

Making multiple requests for a screen → Don't hold up the UI

HAL JSON (http://stateless.co/hal_specification.html) → Fetch linked data asynchronously

Page 35: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Neutral Testing of API

Useful Tools to Test APIs:

RESTClient

Runscope

Mobile Friendly APIs: Best Practice

Page 36: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Best Practice

API Versioning

Indicate Version to Client

Version via URL

(major version only)

HTTP accepts-header

Version in JSON Document

JSON Format

blank-out fields no longer used

deprecated fields

backward compatible on minor version, breaking changes on major version

Page 37: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

API Documentation

Swagger

https://helloreverb.com/developers/swagger

Mashery I/O Docs

http://www.mashery.com/product/io-docs

Mobile Friendly APIs: Best Practice

Page 38: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Extras

What's In a Protocol?

(TCP/IP is Fabric of Internet Not HTTP)

Page 39: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Extras

Custom Key/Value Pair (KVP)

Taking message-passing efficiency to the next level

Not as “friendly” but fast. Consumption of messages

Serializing/Deserializing

Page 40: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs: Extras

MQTT (Message Queue Telemetry Transport)

What is It

Low overhead protocol with bandwidth and CPU limitations in mind

publish/subscribe message passing

Can use JSON over MQTT

Use Cases

In-app push notification

Internet of Things (device to device)

Facebook Messenger App (Chat)

Page 41: Building Mobile Friendly APIs For Connected Apps | Torey Lomenda

Mobile Friendly APIs

ReferencesFred Brunel- CTO WhereCloudhttps://speakerdeck.com/fbrunel/mobile-api-design-techniques

Article

http://natashatherobot.com/best-practices-mobile-friendly-apis/