Practical Network for Android Developers

Transcript

1. Practical Network for Android Developers Dinorah Tova r Google Developer

   Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar

2. Network is important!

3. Network means a lot of things @ddinorahtovar 
 Data Layer

   Network 
 Presentation Layer UI Models Entities Domain Layer

4. Network means a lot of things @ddinorahtovar •Concurrency •Clients •Connections

   (WIFI, Cell) •Http versions and frames

5. Network means a lot of things @ddinorahtovar Request Response Click

   Origin Server

6. Network means a lot of things @ddinorahtovar •Request — Make

   an HTTP request to an URL •Response — Will return an error or success •Data that can be parsed — Parsing of a String as response to a Data Class

7. Network means a lot of things @ddinorahtovar Uniform Resource Locator

   Headers Body

8. Network Errors are for surviving @ddinorahtovar •1xx — Everything is

   cool, just wait a little bit •2xx — Everything is fine, fully successful •3xx —The response is somewhere else

9. Network Errors are for surviving @ddinorahtovar •4xx— The request by

   the client is poorly fulfilled, so this is an error from the mobile side •5xx — The server failed to fulfill a correct request, so this is an error from the backend side

10. Http and Network Clients

11. Http Methods @ddinorahtovar GET PATCH DELETE POST PUT

12. Http Methods @ddinorahtovar GET PATCH DELETE POST PUT •GET —

    Push data from server •POST — Create new resources •PUT — Update resources •PATCH — Update specific resources •DELETE — Delete resources

13. HttpClient @ddinorahtovar •HttpClient are clases to handle Http connection, methods

    and frames of data

14. Cache @ddinorahtovar •Database Catching — Database provide an impactful factor

    of your app performance. •CDN — Global network of edge locations to deliver a cached copy of your APIs content •DNS — Every domain request made on the internet essentially queries DNS cache servers in order to resolve the IP address

15. Cache policies @ddinorahtovar •Designed for non suffering and be aware

    that not everything change in a second •File allocation •max-age [Max time available] •Size space

16. Cache policies @ddinorahtovar •Cache file and policies

17. Cache @ddinorahtovar •To force a full refresh, add the noCache()

18. TSL, Certificates and Pinning

19. Transport Layer Security (TLS) @ddinorahtovar •Transport Layer Security (TLS) is

    the successor protocol to SSL. TLS is an improved version of SSL. •Depends on HTTP and the multiple flavors available

20. TSL depends of HTTPs @ddinorahtovar Version Content Http/1.1 
 with

    TLS Http/2 
 with TLS TLS streams, TCP streams & Packages Frames division UDP packages + QUIC streams Http/3 
 with TLS

21. TSL depends of HTTPs @ddinorahtovar HTTP/1.1 
 TCP streams and

    packets HTTP/2 
 Frames division HTTP/3 
 QUIC streams

22. TSL @ddinorahtovar •Using HTTPS in our servers is enough? •Want

    to be safe? Then, lets talk about encryption •Short Answer: No

23. Your App TSL @ddinorahtovar Origin Server Encrypted Certificates TSL/SSL

24. TSL in your HTTP client @ddinorahtovar

25. TSL @ddinorahtovar •What is a cipherSuite? val cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")

    Schema Model Padding

26. TSL @ddinorahtovar •What is a cipherSuite? .cipherSuites( CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256 )

    TLS Bulk encryption Key exchange and signature Message auth

27. Certificates @ddinorahtovar •In a typical SSL usage scenario, a server

    is configured with a certificate containing a public key as well as a matching private key. As part of the handshake between an SSL client and server, the server proves it has the private key by signing its certificate with public-key cryptography

28. Certificates @ddinorahtovar CER (.CRT ) PFX

29. Certificates @ddinorahtovar

30. Security is important @ddinorahtovar •You can check “Modern security for

    Android developers”

31. Authenticators & Interceptors

32. Interceptors are amazing! @ddinorahtovar Your App OkHttp 
 Core Internet

    Loggin Interceptor Network Interceptor

33. Loggin interceptors @ddinorahtovar •They give us information about the Headers

    or Body levels of the request and response •Only Debug •They can leak information

34. Loggin interceptors @ddinorahtovar

35. Network interceptors @ddinorahtovar •They give us the chance to modify

    request and responses •Can be used in production •Amazing for handling errors like 401!

36. Network interceptor @ddinorahtovar

37. Network interceptors @ddinorahtovar •Do we need it like that? •Let’s

    do it in a cool way -> •Short Answer: well, maybe no

38. Network Interceptor @ddinorahtovar

39. Interceptor.Chain @ddinorahtovar •We need to talk about Interceptor.Chain •Specially about

    RealInterceptorChain

40. Interceptor.Chain @ddinorahtovar •Here is where all the HTTP work happens

41. Network Interceptor @ddinorahtovar

42. Authenticator @ddinorahtovar •Returns a request that includes a credential to

    satisfy an authentication •Authenticate by returning a follow-up request that includes an authorization

43. Authenticator @ddinorahtovar Your App Authenticator Your server 401 Try to

    access Refresh Refresh Normal request Normal request

44. Authenticators @ddinorahtovar

45. A tip for OkHttpClient

46. OkHttpClient and Start up time @ddinorahtovar •Slow the times of

    creating

47. @ddinorahtovar •Dagger Party tricks by Zac Sweers OkHttpClient and Start

    up time

48. Performance

49. Performance! @ddinorahtovar •Depends of many things •Redundancy •Concurrency •OkHttpClient*

50. Concurrency @ddinorahtovar •Is not proper mobile but is important! Fault

    tolerance High Availability

51. Concurrency @ddinorahtovar Pools Threading •Is about three things Coroutines*

52. Threading @ddinorahtovar UI Thread Dispatcher IO 
 Suspendable action

53. Connection Pool @ddinorahtovar CPU operation like Files Databases Network

54. Testing

55. Testing should be simpl @ddinorahtovar Your App MockResponse MockWebServer Intercept

    call Normal request Mocked response Normal request

56. MockWebServer @ddinorahtovar •Let you manipulate the responses and let you

    verify request were made as expected •Testing of: •Request/Response •Body’s responses •Header’s

57. MockWebServer @ddinorahtovar •Simple setup

58. MockWebServer @ddinorahtovar •Adding responses is pretty simple!

59. MockWebServer @ddinorahtovar

60. Practical Network for Android Developers Dinorah Tova r Google Developer

    Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar