INF397 Full Stack Technologies View Schedule Print

Using APIs

Using 3rd party services

  • Getting access
  • Making requests
  • Web Hooks

Open APIs

  • Data is publicly available
  • No authentication or authorization needed
  • Example: GitHub's Public API

Protected APIs

  • Must register (pay) to access data
  • No end-user login or data available
  • Example: Numbeo, Google Maps (basic)

User resource APIs

  • Must register your application with provider
  • End-user login and data is available through scopes
  • Example: Google, Facebook, Spotify, etc

OAuth 2

  • Authentication
  • Authorization
  • No user password sharing
  • Users can revoke access

OAuth 2 concepts

  • Users, Client, Provider
  • App Id, App Secret & Redirect Uri
  • User Id, User Tokens & Scopes

OAuth 2: Register your Application

  1. Create a developer account with a provider
  2. Submit an application name and callback url
  3. Receive application id and secret

OAuth 2: Register your Application

OAuth 2: Authorization Workflow

  1. App sends the provider its app id and callback url
  2. Provider redirects user to login & grant access
  3. Provider redirects back to your application with access-token

OAuth 2: Workflow Illustrated

OAuth 2: Authorization Workflow

OAuth 2: Making requests

  • Request user resources with access-token
  • Be careful for quotas & rate limits
  • Access-token MUST be kept securely

OAuth 2: Making requests

Security concerns using/exposing APIs

  • injection
  • phishing
  • request forgery
  • denial of service
  • sensitive data leak


Course Schedule:

week 1 03.02.2017 History of the web Fullstack Principles Development Processes Agile Processes DevOps Basics Git
week 2 10.02.2017 Frontend Overview Backend Overview Network Overview Testing JavaScript Overview JavaScript Tooling
week 3 17.02.2017 Web Architectures RESTful principles SOLID principles Web Components Continuous Integration
week 4 24.02.2017 Databases basics Using APIs Deployment Automation Monitoring In-class project consultations
week 5 17.03.2017 Project presentations
Final Test
Course Retrospective and Q&A