Je Partage #1 - 2013
Présentation sur le fonctionnement des Google APIs et les technologies Google les plus incontournables et les plus utiles dans le domaine de développement.
Par : DILMI Fethi (af_dilmi@esi.dz)
1. Understanding
Google APIs
Building application that uses Google APIs
Fethi DILMI
Active Member at Scientific Club of ESI – CSE
Technical Manager at GDG Algiers
Microsoft Student Partner
3. What's Google APIs
●
Google offers a variety of APIs, mostly web APIs for
web developers and mobile developers.
●
The APIs are based on popular Google consumer
products, including Google Maps, Google Earth,
AdSense, Adwords, Google Apps and YouTube.
4. What's Google APIs
Example:
●
YOU use Google+ from your web browser.
●
Your Android application uses Google+ through
Google+ API.
●
i.e: Google APIs are the tools we need to build
applications that can use Google Products.
6. How Google APIs work behind the scenes ?
●
Most of Google APIs are web-based APIs.
●
This kind of APIs are called RESTFUL APIs (because they
are based on REST architecture).
●
REST is a style of software architecture that is based on
HTTP protocol to retrieve data.
7. How Google APIs work behind the scenes ?
●
Most of Google APIs are web-based APIs.
●
This kind of APIs are called RESTFUL APIs (because they
are based on REST architecture).
●
REST is a style of software architecture that is based on
HTTP protocol to retrieve data.
Simply, in order to use Google APIs , you
only need to make HTTP requests to get
data ☺
8. How Google APIs work behind the scenes ?
Example: “Google Places API”
https://maps.googleapis.com/maps/api/place/nearbysearch/xml?
location=36.825,2.3257&radius=50000&sensor=false&key=AddYourOwnKey
Here
11. Global Structure of an API HTTP request
Each HTTP request is composed of 4 parts:
– API Scope
– Action
– Output format
– Parameters
To understand these parts, we'll take the previous example:
https://maps.googleapis.com/maps/api/place/nearbysearch/xml?
location=36.825,2.3257&radius=50000&sensor=false&key=AddYourOwnKeyHere
12. Global Structure of an API HTTP request
1- API Scope:
●
A scope is the main part of the HTTP request.
●
In our case it's: https://maps.googleapis.com/maps/api/place
●
A scope defines the web address of the API.
●
For example, the scope of Google Latitude API is:
https://www.googleapis.com/latitude/
NB: Some API Scopes defines an API version, just like
the Latitude API
13. Global Structure of an API HTTP request
2- Output formats:
●
There are 2 possible output formats for an API request.
– JSON
– XML
●
In the previous example, we could get the same results in
JSON format:
https://maps.googleapis.com/maps/api/place/nearbysearch/json ?
location=36.825,2.3257&radius=50000&sensor=false&key=AddYourOwnKeyHere
14. Global Structure of an API HTTP request
3- ACTION:
●
Each Google web API gives you a set of possibilities
called ACTIONS.
●
In our example, we specified for the Google Places API
the action “nearbysearch” to search places in a radius
of 50Km.
●
We could also search a place's detail.
15. Global Structure of an API HTTP request
4- Parameters:
●
Each action has a set of parameters.
●
Action Parameters let you customize the results you
want to get.
●
In our example, we could add the parameter
“type=food” to search only for restaurants.
17. Types of Google web APIs
●
There are 2 kinds of Google web APIs:
– Public APIs.
– Private APIs.
18. Types of Google web APIs
1- Public APIs
●
Interact with public content: Google Maps API, Google
Places API ..
●
Need an authentication key to be able to retrieve data.
19. Types of Google web APIs
2- Private APIs
●
Interact with user private date: Google+ API, Google
Latitude API, Google Drive SDK ..
●
Need an authorization process before accessing to user
data.
21. Authentication
●
Public APIs use authentication key to identify your application.
●
This means, in our previous example we would not be able to
make a search using Google Places API without specifying an
authentication key.
●
Each device type has a different kind of key:
– Android application authentication key.
– Web application authentication key.
– Web Service authentication key
– ..
23. Authentication
●
Identify from which device your application is making API request:
i.e: You can't make an API request from a web browser using an
Android application authentication key.
●
Limit the quota of requests per day: Each API has a limited number
of requests per day. Since your application makes request using an
authentication key, Google Servers will be able to stop your
application when it exceeds its daily quota.
●
Limit the number of requests per second for a single user: Your
application may be used by millions of people at the same time, and
since we're talking about a daily quota, we have to limit the number of
requests/second for a single user.
24. Authentication
●
Identify from which device your application is making API request:
i.e: You can't make an API request from a web browser using an
Android application authentication key.
●
Limit the quota of requests per day: Each API has a limited number
of requests per day. Since your application makes request using an
authentication key, Google Servers will be able to stop your
application when it exceeds its daily quota.
●
Limit the number of requests per second for a single user: Your
application may be used by millions of people at the same time, and
since we're talking about a daily quota, we have to limit the number of
requests/second for a single user.
25. Authentication
●
Identify from which device your application is making API request:
i.e: You can't make an API request from a web browser using an
Android application authentication key.
●
Limit the quota of requests per day: Each API has a limited number
of requests per day. Since your application makes request using an
authentication key, Google Servers will be able to stop your
application when it exceeds its daily quota.
●
Limit the number of requests per second for a single user: Your
application may be used by millions of people at the same time, and
since we're talking about a daily quota, we have to limit the number of
requests/second for a single user.
27. Authorization:
●
Private APIs try to fetch user data.
●
This cannot be done without the permission of the user.
●
So we need a tool to demand permissions from the user
in order to perform action on his/her private data.
28. Authorization:
●
Private APIs try to fetch user data.
●
This cannot be done without the permission of the user.
●
So we need a tool to demand permissions from the user
in order to perform action on his/her private data.
THIS TOOL IS CALLED “OAuth2.0”
44. How to create Authentication and
Authorization keys ?
45. How to create Authentication and
Authorization keys ?
●
To get authentication/authorization keys, you have to
register your application.
●
Registering your application is signing its name, type,
package, and extra info.
46. How to create Authentication and
Authorization keys ?
●
To get authentication/authorization keys, you have to
register your application.
●
Registering your application is signing its name, type,
package, and extra info.
Please focus on the following steps ☺
47. How to create Authentication and
Authorization keys ?
●
Connect to your Google account.
●
Go to: https://code.google.com/apis/console/
●
Click on “Create Project”
48. How to create Authentication and
Authorization keys ?
●
Now there is a list of all Google APIs, choose for example the
"Google Places API", and check it up:
●
Register your organization like shown in the image and click submit:
49. How to create Authentication and
Authorization keys ?
● Agree & Accept
50. How to create Authentication and
Authorization keys ?
●
You can now notice that the Google Places API is activated:
●
Click on "Overview", then click on "Register" in order to register
your project:
51. How to create Authentication and
Authorization keys ?
●
Type a unique project ID
52. How to create Authentication and
Authorization keys ?
●
You've created automatically an authentication key for browser
applications
53. How to create Authentication and
Authorization keys ?
●
You can click on:
– Create New Server Key: To create an authentication key for
a server application
– Create New Server Key: To create an authentication key for
an Android application.
●
You can create many authentication keys for the same
application type (example: 3 authentication keys for
Android Applications)
54. How to create Authentication and
Authorization keys ?
●
And Now ..
How To Create
Authorization Keys ?
55. How to create Authentication and
Authorization keys ?
●
Click on “Create an OAuth 2.0 Client ID”. This dialog will show up:
56. How to create Authentication and
Authorization keys ?
●
Click on “Create an OAuth 2.0 Client ID”. This dialog will show up:
57. How to create Authentication and
Authorization keys ?
Now please focus with me, it's so important ! In the
following dialog, you'll be asked to specify your
application type !!
58. How to create Authentication and
Authorization keys ?
1- Web Applications:
●
If you choose this type of application, you'll be asked to
specify your application URL. Than Google will generate
a redirect URI according to what you've entered.
59. How to create Authentication and
Authorization keys ?
2- Server Applications:
●
Applications of this type run on server.
●
They're a little bit different, so I invite you to read this
article to understand more:
https://developers.google.com/accounts/docs/OAuth2#
serviceaccount
60. How to create Authentication and
Authorization keys ?
3- Installed Applications:
●
This could be:
– Android application: You'll have to specify you're application
package (it must be unique)
– iOS application.
– Chrome extension.
– A Desktop application .
– etc...
61. How to create Authentication and
Authorization keys ?
●
I'll take the example of a Desktop Application
62. How to create Authentication and
Authorization keys ?
●
When you click “Create Client ID”, this dialog will show up:
63. How to create Authentication and
Authorization keys ?
●
You can create many authorization keys for many
projects.
●
We'll see how to use the “Client ID” and the “Client
Secret” to make authorized API calls.
65. Google APIs Client Libraries
●
It's not easy to construct manually authorized HTTP
requests.
●
It's much harder to parse the XML/JSON results in order
to extract information.
66. Google APIs Client Libraries
●
Google created some libraries to do those tasks for you:
It's Google API Client Libraries.
●
Google API Client Libraries are available in many
languages (e.g: PHP, Python, C# and .NET, Java ..)
●
In this Demo, we'll be using the Google API Client for
Python.
67. Let's Start !!
Now that we know what OAuth 2.0 looks like. How does it work in the
Google API Client for Python?
74. Step By Step
FLOW = OAuth2WebServerFlow(
client_id='<CLIENT ID HERE>',
client_secret='<CLIENT SECRET HERE>',
redirect_uri='https://.../oauth2callback',
scope='https://.../tasks',
user_agent='my-sample/1.0')
First, create a Flow.
75. Step By Step
FLOW = OAuth2WebServerFlow(
client_id='<CLIENT ID HERE>',
client_secret='<CLIENT SECRET HERE>',
redirect_uri='https://.../oauth2callback',
scope='https://.../tasks',
user_agent='my-sample/1.0')
Fill your Client ID, Client Secret and redirect URI
76. Step By Step
authorize_url = FLOW.step1_get_authorize_url()
self.redirect(authorize_url)
We request and authorization URL
82. References
●
“OAuth 2.0 and the Google API Client for Python”.
●
“Understanding Google APIs” :
http://fethidilmi.blogspot.com
●
Google Developers portal:
http://developers.google.com