Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Practical Network for Android Developers

Practical Network for Android Developers

In this talk we are gonna be talking about the Network data layer with a different vision that usually is addressed, cause networking on Android is difficult to work with, with multiples carriers, streaming different and rich contents, and all of this should arrive at our users without missing a single detail.

We will cover the next couple of topics:

Part 1 — HTTP and Network Layer
Part 2 — TLS, Certificates, and Pinning
Part 3 — Authenticators and Interceptors
Part 4 — Performance, Redundancy, and Concurrency
Part 5 — Testing and Integration

C6e1201f51c1ff186edba69f98476f15?s=128

Dinorah Tovar

March 31, 2021
Tweet

Transcript

  1. Practical Network for Android Developers Dinorah Tova r Google Developer

    Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar
  2. Network is important!

  3. Network means a lot of things @ddinorahtovar 
 Data Layer

    Network 
 Presentation Layer UI Models Entities Domain Layer
  4. Network means a lot of things @ddinorahtovar •Concurrency •Clients •Connections

    (WIFI, Cell) •Http versions and frames
  5. Network means a lot of things @ddinorahtovar Request Response Click

    Origin Server
  6. Network means a lot of things @ddinorahtovar •Request — Make

    an HTTP request to an URL •Response — Will return an error or success •Data that can be parsed — Parsing of a String as response to a Data Class
  7. Network means a lot of things @ddinorahtovar Uniform Resource Locator

    Headers Body
  8. Network Errors are for surviving @ddinorahtovar •1xx — Everything is

    cool, just wait a little bit •2xx — Everything is fine, fully successful •3xx —The response is somewhere else
  9. Network Errors are for surviving @ddinorahtovar •4xx— The request by

    the client is poorly fulfilled, so this is an error from the mobile side •5xx — The server failed to fulfill a correct request, so this is an error from the backend side
  10. Http and Network Clients

  11. Http Methods @ddinorahtovar GET PATCH DELETE POST PUT

  12. Http Methods @ddinorahtovar GET PATCH DELETE POST PUT •GET —

    Push data from server •POST — Create new resources •PUT — Update resources •PATCH — Update specific resources •DELETE — Delete resources
  13. HttpClient @ddinorahtovar •HttpClient are clases to handle Http connection, methods

    and frames of data
  14. Cache @ddinorahtovar •Database Catching — Database provide an impactful factor

    of your app performance. •CDN — Global network of edge locations to deliver a cached copy of your APIs content •DNS — Every domain request made on the internet essentially queries DNS cache servers in order to resolve the IP address
  15. Cache policies @ddinorahtovar •Designed for non suffering and be aware

    that not everything change in a second •File allocation •max-age [Max time available] •Size space
  16. Cache policies @ddinorahtovar •Cache file and policies

  17. Cache @ddinorahtovar •To force a full refresh, add the noCache()

  18. TSL, Certificates and Pinning

  19. Transport Layer Security (TLS) @ddinorahtovar •Transport Layer Security (TLS) is

    the successor protocol to SSL. TLS is an improved version of SSL. •Depends on HTTP and the multiple flavors available
  20. TSL depends of HTTPs @ddinorahtovar Version Content Http/1.1 
 with

    TLS Http/2 
 with TLS TLS streams, TCP streams & Packages Frames division UDP packages + QUIC streams Http/3 
 with TLS
  21. TSL depends of HTTPs @ddinorahtovar HTTP/1.1 
 TCP streams and

    packets HTTP/2 
 Frames division HTTP/3 
 QUIC streams
  22. TSL @ddinorahtovar •Using HTTPS in our servers is enough? •Want

    to be safe? Then, lets talk about encryption •Short Answer: No
  23. Your App TSL @ddinorahtovar Origin Server Encrypted Certificates TSL/SSL

  24. TSL in your HTTP client @ddinorahtovar

  25. TSL @ddinorahtovar •What is a cipherSuite? val cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")

    Schema Model Padding
  26. TSL @ddinorahtovar •What is a cipherSuite? .cipherSuites( CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256 )

    TLS Bulk encryption Key exchange and signature Message auth
  27. Certificates @ddinorahtovar •In a typical SSL usage scenario, a server

    is configured with a certificate containing a public key as well as a matching private key. As part of the handshake between an SSL client and server, the server proves it has the private key by signing its certificate with public-key cryptography
  28. Certificates @ddinorahtovar CER (.CRT ) PFX

  29. Certificates @ddinorahtovar

  30. Security is important @ddinorahtovar •You can check “Modern security for

    Android developers”
  31. Authenticators & Interceptors

  32. Interceptors are amazing! @ddinorahtovar Your App OkHttp 
 Core Internet

    Loggin Interceptor Network Interceptor
  33. Loggin interceptors @ddinorahtovar •They give us information about the Headers

    or Body levels of the request and response •Only Debug •They can leak information
  34. Loggin interceptors @ddinorahtovar

  35. Network interceptors @ddinorahtovar •They give us the chance to modify

    request and responses •Can be used in production •Amazing for handling errors like 401!
  36. Network interceptor @ddinorahtovar

  37. Network interceptors @ddinorahtovar •Do we need it like that? •Let’s

    do it in a cool way -> •Short Answer: well, maybe no
  38. Network Interceptor @ddinorahtovar

  39. Interceptor.Chain @ddinorahtovar •We need to talk about Interceptor.Chain •Specially about

    RealInterceptorChain
  40. Interceptor.Chain @ddinorahtovar •Here is where all the HTTP work happens

  41. Network Interceptor @ddinorahtovar

  42. Authenticator @ddinorahtovar •Returns a request that includes a credential to

    satisfy an authentication •Authenticate by returning a follow-up request that includes an authorization
  43. Authenticator @ddinorahtovar Your App Authenticator Your server 401 Try to

    access Refresh Refresh Normal request Normal request
  44. Authenticators @ddinorahtovar

  45. A tip for OkHttpClient

  46. OkHttpClient and Start up time @ddinorahtovar •Slow the times of

    creating
  47. @ddinorahtovar •Dagger Party tricks by Zac Sweers OkHttpClient and Start

    up time
  48. Performance

  49. Performance! @ddinorahtovar •Depends of many things •Redundancy •Concurrency •OkHttpClient*

  50. Concurrency @ddinorahtovar •Is not proper mobile but is important! Fault

    tolerance High Availability
  51. Concurrency @ddinorahtovar Pools Threading •Is about three things Coroutines*

  52. Threading @ddinorahtovar UI Thread Dispatcher IO 
 Suspendable action

  53. Connection Pool @ddinorahtovar CPU operation like Files Databases Network

  54. Testing

  55. Testing should be simpl @ddinorahtovar Your App MockResponse MockWebServer Intercept

    call Normal request Mocked response Normal request
  56. MockWebServer @ddinorahtovar •Let you manipulate the responses and let you

    verify request were made as expected •Testing of: •Request/Response •Body’s responses •Header’s
  57. MockWebServer @ddinorahtovar •Simple setup

  58. MockWebServer @ddinorahtovar •Adding responses is pretty simple!

  59. MockWebServer @ddinorahtovar

  60. Practical Network for Android Developers Dinorah Tova r Google Developer

    Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar