SlideShare une entreprise Scribd logo
1  sur  57
Télécharger pour lire hors ligne
iPhone developer's view at the
mobile web-services
Petr Dvořák
iPhone Developer

Prague, 24th September 2010
The key message



Well, iPhone might not last forever.
 Web-services written for it will.
What we will cover ...
   Motivation
   Technical matters
   Small appeal
   Q&A
Motivation
Renaissance of the web-services
   Back in 2005, WAP
    was pretty cool
   Web-services are for
    corporations and
    bussiness applications
Renaissance of the web-services
   Today, the web-services
    are „custommer goods“
Trends today
   Social apps are on the roll...
Trends today
   Modern media changes – news are everywhere...
Trends today
   iPhone is the business phone (sorry...)
Two points to remember for now...

   Importance of the web-services rapidly grows

   If you didn't start yesterday, it might be too late
Technical matters
XML-RPC/SOAP? Why not...
   Procedural approach to webservices
   Libraries already exist
       „Cocoa XML-RPC Framework“ used in WordPress
       Any C/C++ library will work
And the winner is ...
   RESTful + XML / JSON (YAML , PList …)
       REST principles implemented above HTTP protocol
       HTTP POST, GET, PUT, DELETE
   Data oriented – the main unit is resource
       vs. procedural approach
   Popularity originates in comprehensibility
Example of a REST API - Corkbin
<nearest lat="50.104571" lon="14.496027" max="2">

  <wine hash="w722833d" id="1284919812900_475001_4" recommended="false"

                       timestamp="1284919812900" userId="475001">

    <comment>Pink wine :)</comment>

    <img>wineImage/p1284919812900_475001_4</img>

    <gps lat="50.129139" lon="14.471089"/>

  </wine>

  <wine hash="w14a6cb4" id="1284902438029_125008_8" recommended="true"

                       timestamp="1284902438029" userId="125008">

    <comment>Nice wine from France</comment>

    <img>wineImage/p1284902438029_125008_8</img>

    <gps lat="45.192108" lon="9.208828"/>

  </wine>

</nearest>
Little issue to keep in mind ...
   Not all servers support all HTTP methods, when
    you need them
   „Pure RESTful“ needs all HTTP methods to work
       Fix your servers and frameworks
Which API format to choose?
XML vs. JSON – and the winner is ...
XML vs. JSON
   Choose what fits you best (or just start a flame...)
   XML
       Older, more robust, chatty format with more adult tools
       TouchXML, KissXML, NSXMLParser, ...
   JSON
       Better suits object serialization abstraction, compact
       TouchJSON, JSON Framework
Little remark on XML being chatty …

<!-- 76 chars //-->
<person>
  <name>Petr</name>
  <surname>Dvorak</surname>
  <born>1985</born>
</person>


<!-- 50 chars //-->
<person name=”Petr” surname=”Dvorak” born=”1985”/>
Plists
   You can use plists as a base format for API
Plists (Property List)
   You can use plists as a base format for API
       What the heck is plist?
   Apple's XML based format with a binary variant
       Binary variant is default, and very space efficient
       Used for object serialization and app properties
Plist - Example
<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"

           "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

    <key>Year Of Birth</key>

    <integer>1965</integer>

    <key>Kids Names</key>

    <array>

           <string>John</string>

           <string>Kyra</string>

    </array>

</dict>

</plist>
Optimal granularity?
What is granularity?



 „The way you split the complete model stored
    on the server into individual resources“
What is granularity?
   Extreme: One huge XML file with all information
    vs. Many small files
   Which direction should you choose?
Choose the right one, dummies! :-)
Practical testing
   One resource should have no more than 80kB
       GPRS: ~20-30 seconds to download (users don't die
        waiting)
       3G: ~6-8 seconds (users don't get bored)
   Latency is still an issue – try to keep resources as
    big as possible
Authentication on iPhone
Basic HTTP authentication
   Client-side method
   Almost for free on iPhone
       Implement authentication challenge callback
       … or just add credentials in the URL
   Do you really want to consider this method?
Basic HTTP authentication
-(void)connection:(NSURLConnection *)connection

    didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge {



     // you can use [challenge previousFailureCount] here



     NSURLCredential *newCredential = [NSURLCredential

                       credentialWithUser:USERNAME

                                 password:PASSWORD

                              persistence:NSURLCredentialPersistenceForSession];

     [[challenge sender] useCredential:newCredential

           forAuthenticationChallenge:challenge];



}
Form-based authentication
   Long story short: You get it for free...
Form-based authentication
NSURL *url = [NSURL URLWithString:@”https://localhost/login.php”];

NSMutableURLrequest = [NSMutableURLRequest requestWithURL:url];

[request setHTTPMethod:@"POST"];

[request setValue:@"application/x-www-form-urlencoded"

         forHTTPHeaderField:@"Content-Type"];

NSData *postData = [@”login=joshis&password=********”

                   dataUsingEncoding:NSUTF8StringEncoding];

[request setHTTPBody:postData];

[request setValue:[NSString stringWithFormat:@"%d", [postData length]]

         forHTTPHeaderField:@"Content-Length"];

self.connection = [NSURLConnection connectionWithRequest:request

                                                  delegate:some_delegate];

[self.connection start];
Apparent problem ...
   Credentials are stored on device
       For the purpose of auto-login
   Does not have to be an issue
       Mobile device: Usually, it is...
   If not on HTTPS, content can be forged
   Any solution? Yes – let's dance...
OAuth
   Authentication protocol
   3 subjects – user, consumer, provider
       Consumer ~ Application at provider
   3 stages – request, authorize, access
   On mobile device: OOB (out-of-brand) version
Step 1: Request token

          Asks a request token



   Consumer                      Provider



          Grants request token
Step 2: Direct user to provider

        Points user to providers login page



   Consumer




        User re-writes PIN (verifier) in the app
Step 3: Access token

      Asks an access token (uses PIN)



   Consumer                       Provider



            Grants access token
OAuth – the good thing
   Access tokens are stored on the device, then used
    in OAuth header (HTTP)
   These are not the username and password
       And that's what we wanted
   Signature prevents content forgery
OAuth in an actuall app
OAuth – the bad thing
   You display a web page for authentication for your
    app
       Either in app – user writes in untrusted context
       Or in Safari – workflow is horrible
   The best security is achieved only in trusted
    browser
XAuth
   XAuth is still OAuth
   Credentials processed on client during the dance
       Username and password are exchanged for the access
        tokens
OAuth/XAuth – implementation
   It is a heck of a lot of work to implement
    OAuth/XAuth on the iPhone for the first time
       If you don't/can't use libraries
   It is definitely worth it, if you have the patience
       Users' passwords and communication are safe
   Web-service implementors: Do OAuth/XAuth!
Caching
Caching
   Better feel for user
   Less data transferred
   Technologies
       PLists
       SQLite database + nice wrappers (fmdb, TouchSQL, ...)
Cache validation



 Asking the server if the resource you have is
                 up to date.
ETag
   Every resource has a “tag” associated with it on
    “CREATE” operation on server (HTTP POST)
   Tag is updated on “UPDATE” operation on server
    (HTTP PUT)
   ETag is sent in HTTP header with resource
ETag
   Client caches the ETag with the resource
   Client sends a “If-none-match” header with eTag
    when asking for a resource
   If the resource is not modified, client receives a
    response “304 – Not Modified” from server and
    cancels the connection
HTTP Responses
Error handling
   HTTP responses often ignored on the server side
       Always returns 200 + XML with <error> elements …
   Wrong for a mobile clients
       Download just to find out error occurred
Error handling
- (void) connection:(NSURLConnection *)connection

        didReceiveResponse:(NSURLResponse *)response {



    int code = [((NSHTTPURLResponse*)response) statusCode];

    if (code == 200) { // OK, alt. (code / 100 != 2)

    } else if (code == 418) { // I'm a teapot

        [self iMaTeaPot];

    } else { // assume error here, switch depending on the response code

        [self handleError:code];

        [connection cancel];

        self.connection = nil;

    }



}
Little appeal
Little appeal



     Machines are people too...
Little appeal
   Making public data hard to process by machines
    does not help anyone
       And it does not stop anyone
   Registration at least enforces some policy
Real-world „web-services“
                  vs. YAML API after registration
                      10 API queries per 1 ad query
                      Enforcable
                           app does not follow rule → BAN
Romanian hydrometeorological
institute
                     vs. Paid XML/CSV
                      exports
                     Rational pricing
                         Now: ~ 10k EUR/year
The key message



Well, iPhone might not last forever.
 Web-services written for it will.
Q&A

http://twitter.com/inmite

Contenu connexe

Tendances

Introduction to OAuth 2.0 - Part 2
Introduction to OAuth 2.0 - Part 2Introduction to OAuth 2.0 - Part 2
Introduction to OAuth 2.0 - Part 2Nabeel Yoosuf
 
Internet Explorer 8 for Developers by Christian Thilmany
Internet Explorer 8 for Developers by Christian ThilmanyInternet Explorer 8 for Developers by Christian Thilmany
Internet Explorer 8 for Developers by Christian ThilmanyChristian Thilmany
 
OAuth for your API - The Big Picture
OAuth for your API - The Big PictureOAuth for your API - The Big Picture
OAuth for your API - The Big PictureApigee | Google Cloud
 
Seam Introduction
Seam IntroductionSeam Introduction
Seam Introductionihamo
 
There’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORMThere’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORMMikkel Flindt Heisterberg
 
PHP on Windows and on Azure
PHP on Windows and on AzurePHP on Windows and on Azure
PHP on Windows and on AzureMaarten Balliauw
 
Crud tutorial en
Crud tutorial enCrud tutorial en
Crud tutorial enforkgrown
 
Implementing OAuth with PHP
Implementing OAuth with PHPImplementing OAuth with PHP
Implementing OAuth with PHPLorna Mitchell
 
Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Jan Jongboom
 
How to make Ajax work for you
How to make Ajax work for youHow to make Ajax work for you
How to make Ajax work for youSimon Willison
 
Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0 - Part 1Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0 - Part 1Nabeel Yoosuf
 
Using OAuth with PHP
Using OAuth with PHPUsing OAuth with PHP
Using OAuth with PHPDavid Ingram
 
Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Web Directions
 
Liferay workshop
Liferay workshopLiferay workshop
Liferay workshopahmadsayed
 
Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0  - Part 1Introduction to OAuth 2.0  - Part 1
Introduction to OAuth 2.0 - Part 1Nabeel Yoosuf
 
Pragmatics of Declarative Ajax
Pragmatics of Declarative AjaxPragmatics of Declarative Ajax
Pragmatics of Declarative Ajaxdavejohnson
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moondavejohnson
 

Tendances (19)

Introduction to OAuth 2.0 - Part 2
Introduction to OAuth 2.0 - Part 2Introduction to OAuth 2.0 - Part 2
Introduction to OAuth 2.0 - Part 2
 
OAuth using PHP5
OAuth using PHP5OAuth using PHP5
OAuth using PHP5
 
Internet Explorer 8 for Developers by Christian Thilmany
Internet Explorer 8 for Developers by Christian ThilmanyInternet Explorer 8 for Developers by Christian Thilmany
Internet Explorer 8 for Developers by Christian Thilmany
 
OAuth for your API - The Big Picture
OAuth for your API - The Big PictureOAuth for your API - The Big Picture
OAuth for your API - The Big Picture
 
Seam Introduction
Seam IntroductionSeam Introduction
Seam Introduction
 
There’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORMThere’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORM
 
PHP on Windows and on Azure
PHP on Windows and on AzurePHP on Windows and on Azure
PHP on Windows and on Azure
 
Crud tutorial en
Crud tutorial enCrud tutorial en
Crud tutorial en
 
Implementing OAuth with PHP
Implementing OAuth with PHPImplementing OAuth with PHP
Implementing OAuth with PHP
 
Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014
 
How to make Ajax work for you
How to make Ajax work for youHow to make Ajax work for you
How to make Ajax work for you
 
Php
PhpPhp
Php
 
Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0 - Part 1Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0 - Part 1
 
Using OAuth with PHP
Using OAuth with PHPUsing OAuth with PHP
Using OAuth with PHP
 
Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5
 
Liferay workshop
Liferay workshopLiferay workshop
Liferay workshop
 
Introduction to OAuth 2.0 - Part 1
Introduction to OAuth 2.0  - Part 1Introduction to OAuth 2.0  - Part 1
Introduction to OAuth 2.0 - Part 1
 
Pragmatics of Declarative Ajax
Pragmatics of Declarative AjaxPragmatics of Declarative Ajax
Pragmatics of Declarative Ajax
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moon
 

En vedette

Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5
Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5
Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5WebExpo
 
Mobisys 08 - 5 Minute Madness Presentation
Mobisys 08 - 5 Minute Madness PresentationMobisys 08 - 5 Minute Madness Presentation
Mobisys 08 - 5 Minute Madness PresentationLicia Capra
 
Jg Barker Publishing
Jg Barker PublishingJg Barker Publishing
Jg Barker Publishingjeannebarker
 
ARM'08 - Keynote Talk
ARM'08 - Keynote TalkARM'08 - Keynote Talk
ARM'08 - Keynote TalkLicia Capra
 
Shd Portfolio Pdf Presentation
Shd Portfolio Pdf PresentationShd Portfolio Pdf Presentation
Shd Portfolio Pdf PresentationLiquis
 
Tomáš Procházka: Moje zápisky z designu
Tomáš Procházka: Moje zápisky z designuTomáš Procházka: Moje zápisky z designu
Tomáš Procházka: Moje zápisky z designuWebExpo
 
Michal Blažej: Zbavte sa account managementu
Michal Blažej: Zbavte sa account managementuMichal Blažej: Zbavte sa account managementu
Michal Blažej: Zbavte sa account managementuWebExpo
 
Jakub Vrána: Code Reviews with Phabricator
Jakub Vrána: Code Reviews with PhabricatorJakub Vrána: Code Reviews with Phabricator
Jakub Vrána: Code Reviews with PhabricatorWebExpo
 
Endoscopy skills 2 2-2015
Endoscopy skills 2 2-2015Endoscopy skills 2 2-2015
Endoscopy skills 2 2-2015HeshamAnwar
 
Richard Fridrich: Buď punkový konzument!
Richard Fridrich: Buď punkový konzument!Richard Fridrich: Buď punkový konzument!
Richard Fridrich: Buď punkový konzument!WebExpo
 
WebExpo 2008 Glogster
WebExpo 2008 GlogsterWebExpo 2008 Glogster
WebExpo 2008 GlogsterWebExpo
 
Jakub Krč: Typografie v elektronických médiích
Jakub Krč: Typografie v elektronických médiíchJakub Krč: Typografie v elektronických médiích
Jakub Krč: Typografie v elektronických médiíchWebExpo
 
Lukáš Zaplatílek: Kašlete na uživatele
Lukáš Zaplatílek: Kašlete na uživateleLukáš Zaplatílek: Kašlete na uživatele
Lukáš Zaplatílek: Kašlete na uživateleWebExpo
 
Jiří Sekera: Vzory: dobrý sluha, ale špatný pán
Jiří Sekera: Vzory: dobrý sluha, ale špatný pánJiří Sekera: Vzory: dobrý sluha, ale špatný pán
Jiří Sekera: Vzory: dobrý sluha, ale špatný pánWebExpo
 
Petr Ludwig: Jak bojovat s prokrastinací?
Petr Ludwig: Jak bojovat s prokrastinací?Petr Ludwig: Jak bojovat s prokrastinací?
Petr Ludwig: Jak bojovat s prokrastinací?WebExpo
 

En vedette (16)

Hotmail Add Other Account
Hotmail Add Other AccountHotmail Add Other Account
Hotmail Add Other Account
 
Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5
Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5
Tom Krcha & Petr Pecháček: Adobe rocks! Flash a HTML5
 
Mobisys 08 - 5 Minute Madness Presentation
Mobisys 08 - 5 Minute Madness PresentationMobisys 08 - 5 Minute Madness Presentation
Mobisys 08 - 5 Minute Madness Presentation
 
Jg Barker Publishing
Jg Barker PublishingJg Barker Publishing
Jg Barker Publishing
 
ARM'08 - Keynote Talk
ARM'08 - Keynote TalkARM'08 - Keynote Talk
ARM'08 - Keynote Talk
 
Shd Portfolio Pdf Presentation
Shd Portfolio Pdf PresentationShd Portfolio Pdf Presentation
Shd Portfolio Pdf Presentation
 
Tomáš Procházka: Moje zápisky z designu
Tomáš Procházka: Moje zápisky z designuTomáš Procházka: Moje zápisky z designu
Tomáš Procházka: Moje zápisky z designu
 
Michal Blažej: Zbavte sa account managementu
Michal Blažej: Zbavte sa account managementuMichal Blažej: Zbavte sa account managementu
Michal Blažej: Zbavte sa account managementu
 
Jakub Vrána: Code Reviews with Phabricator
Jakub Vrána: Code Reviews with PhabricatorJakub Vrána: Code Reviews with Phabricator
Jakub Vrána: Code Reviews with Phabricator
 
Endoscopy skills 2 2-2015
Endoscopy skills 2 2-2015Endoscopy skills 2 2-2015
Endoscopy skills 2 2-2015
 
Richard Fridrich: Buď punkový konzument!
Richard Fridrich: Buď punkový konzument!Richard Fridrich: Buď punkový konzument!
Richard Fridrich: Buď punkový konzument!
 
WebExpo 2008 Glogster
WebExpo 2008 GlogsterWebExpo 2008 Glogster
WebExpo 2008 Glogster
 
Jakub Krč: Typografie v elektronických médiích
Jakub Krč: Typografie v elektronických médiíchJakub Krč: Typografie v elektronických médiích
Jakub Krč: Typografie v elektronických médiích
 
Lukáš Zaplatílek: Kašlete na uživatele
Lukáš Zaplatílek: Kašlete na uživateleLukáš Zaplatílek: Kašlete na uživatele
Lukáš Zaplatílek: Kašlete na uživatele
 
Jiří Sekera: Vzory: dobrý sluha, ale špatný pán
Jiří Sekera: Vzory: dobrý sluha, ale špatný pánJiří Sekera: Vzory: dobrý sluha, ale špatný pán
Jiří Sekera: Vzory: dobrý sluha, ale špatný pán
 
Petr Ludwig: Jak bojovat s prokrastinací?
Petr Ludwig: Jak bojovat s prokrastinací?Petr Ludwig: Jak bojovat s prokrastinací?
Petr Ludwig: Jak bojovat s prokrastinací?
 

Similaire à Petr Dvořák: Mobilní webové služby pohledem iPhone developera

[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho
[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho
[CB16] Esoteric Web Application Vulnerabilities by Andrés RianchoCODE BLUE
 
The Future of the Web - Cold Front conference 2016
The Future of the Web - Cold Front conference 2016The Future of the Web - Cold Front conference 2016
The Future of the Web - Cold Front conference 2016Robert Nyman
 
The Future of Progressive Web Apps - View Source conference, Berlin 2016
The Future of Progressive Web Apps - View Source conference, Berlin 2016The Future of Progressive Web Apps - View Source conference, Berlin 2016
The Future of Progressive Web Apps - View Source conference, Berlin 2016Robert Nyman
 
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009Aduci
 
Automated Testing Of Web Applications Using XML
Automated  Testing Of  Web  Applications Using  XMLAutomated  Testing Of  Web  Applications Using  XML
Automated Testing Of Web Applications Using XMLdiongillard
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging  the Enterprise Into It (nodejs)The Real World - Plugging  the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)Aman Kohli
 
How to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptxHow to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptxChanna Ly
 
Windows Azure: Connecting the Dots for a Mobile Workforce
Windows Azure: Connecting the Dots for a Mobile WorkforceWindows Azure: Connecting the Dots for a Mobile Workforce
Windows Azure: Connecting the Dots for a Mobile WorkforceTechWell
 
Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009mirahman
 
What's New with Windows Phone - FoxCon Talk
What's New with Windows Phone - FoxCon TalkWhat's New with Windows Phone - FoxCon Talk
What's New with Windows Phone - FoxCon TalkSam Basu
 
Fanug - Pragmatic Windows Phone Developer
Fanug - Pragmatic Windows Phone DeveloperFanug - Pragmatic Windows Phone Developer
Fanug - Pragmatic Windows Phone DeveloperSam Basu
 
Iphone client-server app with Rails backend (v3)
Iphone client-server app with Rails backend (v3)Iphone client-server app with Rails backend (v3)
Iphone client-server app with Rails backend (v3)Sujee Maniyam
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API DesignOCTO Technology
 
Develop iOS and Android apps with SharePoint/Office 365
Develop iOS and Android apps with SharePoint/Office 365Develop iOS and Android apps with SharePoint/Office 365
Develop iOS and Android apps with SharePoint/Office 365Kashif Imran
 
WP7 & Azure
WP7 & AzureWP7 & Azure
WP7 & AzureSam Basu
 
Azure & WP7 at GRDevDay
Azure & WP7 at GRDevDayAzure & WP7 at GRDevDay
Azure & WP7 at GRDevDaySam Basu
 
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd Sencha
 
Sherlock Homepage (Maarten Balliauw)
Sherlock Homepage (Maarten Balliauw)Sherlock Homepage (Maarten Balliauw)
Sherlock Homepage (Maarten Balliauw)Visug
 

Similaire à Petr Dvořák: Mobilní webové služby pohledem iPhone developera (20)

[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho
[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho
[CB16] Esoteric Web Application Vulnerabilities by Andrés Riancho
 
The Future of the Web - Cold Front conference 2016
The Future of the Web - Cold Front conference 2016The Future of the Web - Cold Front conference 2016
The Future of the Web - Cold Front conference 2016
 
The Future of Progressive Web Apps - View Source conference, Berlin 2016
The Future of Progressive Web Apps - View Source conference, Berlin 2016The Future of Progressive Web Apps - View Source conference, Berlin 2016
The Future of Progressive Web Apps - View Source conference, Berlin 2016
 
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009
Incorporating Web Services in Mobile Applications - Web 2.0 San Fran 2009
 
Automated Testing Of Web Applications Using XML
Automated  Testing Of  Web  Applications Using  XMLAutomated  Testing Of  Web  Applications Using  XML
Automated Testing Of Web Applications Using XML
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging  the Enterprise Into It (nodejs)The Real World - Plugging  the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)
 
How to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptxHow to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptx
 
Windows Azure: Connecting the Dots for a Mobile Workforce
Windows Azure: Connecting the Dots for a Mobile WorkforceWindows Azure: Connecting the Dots for a Mobile Workforce
Windows Azure: Connecting the Dots for a Mobile Workforce
 
Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009
 
HTTP Basics Demo
HTTP Basics DemoHTTP Basics Demo
HTTP Basics Demo
 
What's New with Windows Phone - FoxCon Talk
What's New with Windows Phone - FoxCon TalkWhat's New with Windows Phone - FoxCon Talk
What's New with Windows Phone - FoxCon Talk
 
Fanug - Pragmatic Windows Phone Developer
Fanug - Pragmatic Windows Phone DeveloperFanug - Pragmatic Windows Phone Developer
Fanug - Pragmatic Windows Phone Developer
 
Iphone client-server app with Rails backend (v3)
Iphone client-server app with Rails backend (v3)Iphone client-server app with Rails backend (v3)
Iphone client-server app with Rails backend (v3)
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API Design
 
Develop iOS and Android apps with SharePoint/Office 365
Develop iOS and Android apps with SharePoint/Office 365Develop iOS and Android apps with SharePoint/Office 365
Develop iOS and Android apps with SharePoint/Office 365
 
WP7 & Azure
WP7 & AzureWP7 & Azure
WP7 & Azure
 
Azure & WP7 at GRDevDay
Azure & WP7 at GRDevDayAzure & WP7 at GRDevDay
Azure & WP7 at GRDevDay
 
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
Sencha Roadshow 2017: Build Progressive Web Apps with Ext JS and Cmd
 
Sherlock Homepage (Maarten Balliauw)
Sherlock Homepage (Maarten Balliauw)Sherlock Homepage (Maarten Balliauw)
Sherlock Homepage (Maarten Balliauw)
 

Plus de WebExpo

Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...
Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...
Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...WebExpo
 
Steve Corona: Scaling LAMP doesn't have to suck
Steve Corona: Scaling LAMP doesn't have to suckSteve Corona: Scaling LAMP doesn't have to suck
Steve Corona: Scaling LAMP doesn't have to suckWebExpo
 
Adii Pienaar: Lessons learnt running a global startup from the edge of the world
Adii Pienaar: Lessons learnt running a global startup from the edge of the worldAdii Pienaar: Lessons learnt running a global startup from the edge of the world
Adii Pienaar: Lessons learnt running a global startup from the edge of the worldWebExpo
 
Patrick Zandl: Energy industry post Edison, Křižík & IoT
Patrick Zandl: Energy industry post Edison, Křižík & IoTPatrick Zandl: Energy industry post Edison, Křižík & IoT
Patrick Zandl: Energy industry post Edison, Křižík & IoTWebExpo
 
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...WebExpo
 
Marli Mesibov - What's in a Story?
Marli Mesibov - What's in a Story?Marli Mesibov - What's in a Story?
Marli Mesibov - What's in a Story?WebExpo
 
Jiří Knesl: Souboj frameworků
Jiří Knesl: Souboj frameworkůJiří Knesl: Souboj frameworků
Jiří Knesl: Souboj frameworkůWebExpo
 
Jakub Nešetřil: Jak (ne)dělat API
Jakub Nešetřil: Jak (ne)dělat APIJakub Nešetřil: Jak (ne)dělat API
Jakub Nešetřil: Jak (ne)dělat APIWebExpo
 
Denisa Lorencová: UX Designer - Anděl s ďáblem v těle
Denisa Lorencová: UX Designer - Anděl s ďáblem v těleDenisa Lorencová: UX Designer - Anděl s ďáblem v těle
Denisa Lorencová: UX Designer - Anděl s ďáblem v těleWebExpo
 
Jan Vlček: Gamifikace 101
Jan Vlček: Gamifikace 101Jan Vlček: Gamifikace 101
Jan Vlček: Gamifikace 101WebExpo
 
Luke Wroblewski: Mobile First
Luke Wroblewski: Mobile FirstLuke Wroblewski: Mobile First
Luke Wroblewski: Mobile FirstWebExpo
 
Adam Hrubý: Evoluce designéra
Adam Hrubý: Evoluce designéraAdam Hrubý: Evoluce designéra
Adam Hrubý: Evoluce designéraWebExpo
 
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačka
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačkaJan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačka
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačkaWebExpo
 
Jana Štěpánová: Neziskovky Goes Web
Jana Štěpánová: Neziskovky Goes WebJana Štěpánová: Neziskovky Goes Web
Jana Štěpánová: Neziskovky Goes WebWebExpo
 
Douglas Crockford: Serversideness
Douglas Crockford: ServersidenessDouglas Crockford: Serversideness
Douglas Crockford: ServersidenessWebExpo
 
Richard Fridrich: 5 x *, * a */5
Richard Fridrich: 5 x *, * a */5Richard Fridrich: 5 x *, * a */5
Richard Fridrich: 5 x *, * a */5WebExpo
 
Jiří Močička: Design as Storytelling
Jiří Močička: Design as StorytellingJiří Močička: Design as Storytelling
Jiří Močička: Design as StorytellingWebExpo
 
David Hussman - Products and People over Process and Dogma
David Hussman - Products and People over Process and DogmaDavid Hussman - Products and People over Process and Dogma
David Hussman - Products and People over Process and DogmaWebExpo
 
Martin Hujer: PHP ve Windows Azure cloudu
Martin Hujer: PHP ve Windows Azure clouduMartin Hujer: PHP ve Windows Azure cloudu
Martin Hujer: PHP ve Windows Azure clouduWebExpo
 
Design by Paskal: Kreativita×efektivita
Design by Paskal: Kreativita×efektivitaDesign by Paskal: Kreativita×efektivita
Design by Paskal: Kreativita×efektivitaWebExpo
 

Plus de WebExpo (20)

Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...
Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...
Jaroslav Šnajdr: Getting a Business Collaboration Service Into Cloud: A Case ...
 
Steve Corona: Scaling LAMP doesn't have to suck
Steve Corona: Scaling LAMP doesn't have to suckSteve Corona: Scaling LAMP doesn't have to suck
Steve Corona: Scaling LAMP doesn't have to suck
 
Adii Pienaar: Lessons learnt running a global startup from the edge of the world
Adii Pienaar: Lessons learnt running a global startup from the edge of the worldAdii Pienaar: Lessons learnt running a global startup from the edge of the world
Adii Pienaar: Lessons learnt running a global startup from the edge of the world
 
Patrick Zandl: Energy industry post Edison, Křižík & IoT
Patrick Zandl: Energy industry post Edison, Křižík & IoTPatrick Zandl: Energy industry post Edison, Křižík & IoT
Patrick Zandl: Energy industry post Edison, Křižík & IoT
 
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...
Ameya Kanitkar: Using Hadoop and HBase to Personalize Web, Mobile and Email E...
 
Marli Mesibov - What's in a Story?
Marli Mesibov - What's in a Story?Marli Mesibov - What's in a Story?
Marli Mesibov - What's in a Story?
 
Jiří Knesl: Souboj frameworků
Jiří Knesl: Souboj frameworkůJiří Knesl: Souboj frameworků
Jiří Knesl: Souboj frameworků
 
Jakub Nešetřil: Jak (ne)dělat API
Jakub Nešetřil: Jak (ne)dělat APIJakub Nešetřil: Jak (ne)dělat API
Jakub Nešetřil: Jak (ne)dělat API
 
Denisa Lorencová: UX Designer - Anděl s ďáblem v těle
Denisa Lorencová: UX Designer - Anděl s ďáblem v těleDenisa Lorencová: UX Designer - Anděl s ďáblem v těle
Denisa Lorencová: UX Designer - Anděl s ďáblem v těle
 
Jan Vlček: Gamifikace 101
Jan Vlček: Gamifikace 101Jan Vlček: Gamifikace 101
Jan Vlček: Gamifikace 101
 
Luke Wroblewski: Mobile First
Luke Wroblewski: Mobile FirstLuke Wroblewski: Mobile First
Luke Wroblewski: Mobile First
 
Adam Hrubý: Evoluce designéra
Adam Hrubý: Evoluce designéraAdam Hrubý: Evoluce designéra
Adam Hrubý: Evoluce designéra
 
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačka
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačkaJan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačka
Jan Sotorník: Grafika e-shopu jako sexy a chytrá prodavačka
 
Jana Štěpánová: Neziskovky Goes Web
Jana Štěpánová: Neziskovky Goes WebJana Štěpánová: Neziskovky Goes Web
Jana Štěpánová: Neziskovky Goes Web
 
Douglas Crockford: Serversideness
Douglas Crockford: ServersidenessDouglas Crockford: Serversideness
Douglas Crockford: Serversideness
 
Richard Fridrich: 5 x *, * a */5
Richard Fridrich: 5 x *, * a */5Richard Fridrich: 5 x *, * a */5
Richard Fridrich: 5 x *, * a */5
 
Jiří Močička: Design as Storytelling
Jiří Močička: Design as StorytellingJiří Močička: Design as Storytelling
Jiří Močička: Design as Storytelling
 
David Hussman - Products and People over Process and Dogma
David Hussman - Products and People over Process and DogmaDavid Hussman - Products and People over Process and Dogma
David Hussman - Products and People over Process and Dogma
 
Martin Hujer: PHP ve Windows Azure cloudu
Martin Hujer: PHP ve Windows Azure clouduMartin Hujer: PHP ve Windows Azure cloudu
Martin Hujer: PHP ve Windows Azure cloudu
 
Design by Paskal: Kreativita×efektivita
Design by Paskal: Kreativita×efektivitaDesign by Paskal: Kreativita×efektivita
Design by Paskal: Kreativita×efektivita
 

Dernier

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 

Dernier (20)

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 

Petr Dvořák: Mobilní webové služby pohledem iPhone developera

  • 1. iPhone developer's view at the mobile web-services Petr Dvořák iPhone Developer Prague, 24th September 2010
  • 2. The key message Well, iPhone might not last forever. Web-services written for it will.
  • 3. What we will cover ...  Motivation  Technical matters  Small appeal  Q&A
  • 5. Renaissance of the web-services  Back in 2005, WAP was pretty cool  Web-services are for corporations and bussiness applications
  • 6. Renaissance of the web-services  Today, the web-services are „custommer goods“
  • 7. Trends today  Social apps are on the roll...
  • 8. Trends today  Modern media changes – news are everywhere...
  • 9. Trends today  iPhone is the business phone (sorry...)
  • 10. Two points to remember for now...  Importance of the web-services rapidly grows  If you didn't start yesterday, it might be too late
  • 12. XML-RPC/SOAP? Why not...  Procedural approach to webservices  Libraries already exist  „Cocoa XML-RPC Framework“ used in WordPress  Any C/C++ library will work
  • 13. And the winner is ...  RESTful + XML / JSON (YAML , PList …)  REST principles implemented above HTTP protocol  HTTP POST, GET, PUT, DELETE  Data oriented – the main unit is resource  vs. procedural approach  Popularity originates in comprehensibility
  • 14. Example of a REST API - Corkbin <nearest lat="50.104571" lon="14.496027" max="2"> <wine hash="w722833d" id="1284919812900_475001_4" recommended="false" timestamp="1284919812900" userId="475001"> <comment>Pink wine :)</comment> <img>wineImage/p1284919812900_475001_4</img> <gps lat="50.129139" lon="14.471089"/> </wine> <wine hash="w14a6cb4" id="1284902438029_125008_8" recommended="true" timestamp="1284902438029" userId="125008"> <comment>Nice wine from France</comment> <img>wineImage/p1284902438029_125008_8</img> <gps lat="45.192108" lon="9.208828"/> </wine> </nearest>
  • 15. Little issue to keep in mind ...  Not all servers support all HTTP methods, when you need them  „Pure RESTful“ needs all HTTP methods to work  Fix your servers and frameworks
  • 16. Which API format to choose?
  • 17. XML vs. JSON – and the winner is ...
  • 18. XML vs. JSON  Choose what fits you best (or just start a flame...)  XML  Older, more robust, chatty format with more adult tools  TouchXML, KissXML, NSXMLParser, ...  JSON  Better suits object serialization abstraction, compact  TouchJSON, JSON Framework
  • 19. Little remark on XML being chatty … <!-- 76 chars //--> <person> <name>Petr</name> <surname>Dvorak</surname> <born>1985</born> </person> <!-- 50 chars //--> <person name=”Petr” surname=”Dvorak” born=”1985”/>
  • 20. Plists  You can use plists as a base format for API
  • 21. Plists (Property List)  You can use plists as a base format for API  What the heck is plist?  Apple's XML based format with a binary variant  Binary variant is default, and very space efficient  Used for object serialization and app properties
  • 22. Plist - Example <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Year Of Birth</key> <integer>1965</integer> <key>Kids Names</key> <array> <string>John</string> <string>Kyra</string> </array> </dict> </plist>
  • 24. What is granularity? „The way you split the complete model stored on the server into individual resources“
  • 25. What is granularity?  Extreme: One huge XML file with all information vs. Many small files  Which direction should you choose?
  • 26. Choose the right one, dummies! :-)
  • 27. Practical testing  One resource should have no more than 80kB  GPRS: ~20-30 seconds to download (users don't die waiting)  3G: ~6-8 seconds (users don't get bored)  Latency is still an issue – try to keep resources as big as possible
  • 29. Basic HTTP authentication  Client-side method  Almost for free on iPhone  Implement authentication challenge callback  … or just add credentials in the URL  Do you really want to consider this method?
  • 30. Basic HTTP authentication -(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge { // you can use [challenge previousFailureCount] here NSURLCredential *newCredential = [NSURLCredential credentialWithUser:USERNAME password:PASSWORD persistence:NSURLCredentialPersistenceForSession]; [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge]; }
  • 31. Form-based authentication  Long story short: You get it for free...
  • 32. Form-based authentication NSURL *url = [NSURL URLWithString:@”https://localhost/login.php”]; NSMutableURLrequest = [NSMutableURLRequest requestWithURL:url]; [request setHTTPMethod:@"POST"]; [request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"]; NSData *postData = [@”login=joshis&password=********” dataUsingEncoding:NSUTF8StringEncoding]; [request setHTTPBody:postData]; [request setValue:[NSString stringWithFormat:@"%d", [postData length]] forHTTPHeaderField:@"Content-Length"]; self.connection = [NSURLConnection connectionWithRequest:request delegate:some_delegate]; [self.connection start];
  • 33. Apparent problem ...  Credentials are stored on device  For the purpose of auto-login  Does not have to be an issue  Mobile device: Usually, it is...  If not on HTTPS, content can be forged  Any solution? Yes – let's dance...
  • 34. OAuth  Authentication protocol  3 subjects – user, consumer, provider  Consumer ~ Application at provider  3 stages – request, authorize, access  On mobile device: OOB (out-of-brand) version
  • 35. Step 1: Request token Asks a request token Consumer Provider Grants request token
  • 36. Step 2: Direct user to provider Points user to providers login page Consumer User re-writes PIN (verifier) in the app
  • 37. Step 3: Access token Asks an access token (uses PIN) Consumer Provider Grants access token
  • 38. OAuth – the good thing  Access tokens are stored on the device, then used in OAuth header (HTTP)  These are not the username and password  And that's what we wanted  Signature prevents content forgery
  • 39. OAuth in an actuall app
  • 40. OAuth – the bad thing  You display a web page for authentication for your app  Either in app – user writes in untrusted context  Or in Safari – workflow is horrible  The best security is achieved only in trusted browser
  • 41. XAuth  XAuth is still OAuth  Credentials processed on client during the dance  Username and password are exchanged for the access tokens
  • 42. OAuth/XAuth – implementation  It is a heck of a lot of work to implement OAuth/XAuth on the iPhone for the first time  If you don't/can't use libraries  It is definitely worth it, if you have the patience  Users' passwords and communication are safe  Web-service implementors: Do OAuth/XAuth!
  • 44. Caching  Better feel for user  Less data transferred  Technologies  PLists  SQLite database + nice wrappers (fmdb, TouchSQL, ...)
  • 45. Cache validation Asking the server if the resource you have is up to date.
  • 46. ETag  Every resource has a “tag” associated with it on “CREATE” operation on server (HTTP POST)  Tag is updated on “UPDATE” operation on server (HTTP PUT)  ETag is sent in HTTP header with resource
  • 47. ETag  Client caches the ETag with the resource  Client sends a “If-none-match” header with eTag when asking for a resource  If the resource is not modified, client receives a response “304 – Not Modified” from server and cancels the connection
  • 49. Error handling  HTTP responses often ignored on the server side  Always returns 200 + XML with <error> elements …  Wrong for a mobile clients  Download just to find out error occurred
  • 50. Error handling - (void) connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response { int code = [((NSHTTPURLResponse*)response) statusCode]; if (code == 200) { // OK, alt. (code / 100 != 2) } else if (code == 418) { // I'm a teapot [self iMaTeaPot]; } else { // assume error here, switch depending on the response code [self handleError:code]; [connection cancel]; self.connection = nil; } }
  • 52. Little appeal Machines are people too...
  • 53. Little appeal  Making public data hard to process by machines does not help anyone  And it does not stop anyone  Registration at least enforces some policy
  • 54. Real-world „web-services“  vs. YAML API after registration  10 API queries per 1 ad query  Enforcable  app does not follow rule → BAN
  • 55. Romanian hydrometeorological institute  vs. Paid XML/CSV exports  Rational pricing  Now: ~ 10k EUR/year
  • 56. The key message Well, iPhone might not last forever. Web-services written for it will.