Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Reverse Engineering APIs

mikz
May 30, 2014
Technology
1
500

Reverse Engineering APIs

Hacking Sonos and Bicing APIs with APItools.
ApiDays

mikz

May 30, 2014
Tweet

Other Decks in Technology

See All in Technology
Postman v10リリース後を振り返る
nagix
0
170
ユーザーストーリーのレビューを自動化したみたの
bun913
1
410
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
750
Oracle Cloud Infrastructure:2024年4月度サービス・アップデート
oracle4engineer
PRO
1
190
非同期推論システムによるコスト削減と信頼性向上
koki_nishihara
0
100
マルチアカウント環境への発見的統制の導入
ch1aki
1
1.3k
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
120
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
110
2024/4/26 コンピュータ歴史博物館解説告知
toshi_atsumi
0
220
SPI原点回帰論:事業課題とFour Keysの結節点を見出す実践的ソフトウェアプロセス改善 / DevOpsDays Tokyo 2024
visional_engineering_and_design
4
1.9k
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
490
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
5
210

Featured

See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
40
4.4k
Producing Creativity
orderedlist
PRO
337
39k
Typedesign – Prime Four
hannesfritz
36
2.1k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
What's new in Ruby 2.0
geeforr
337
31k
Design by the Numbers
sachag
274
18k
Become a Pro
speakerdeck
PRO
11
4.5k
Debugging Ruby Performance
tmm1
70
11k
Optimising Largest Contentful Paint
csswizardry
8
2.3k
Adopting Sorbet at Scale
ufuk
68
8.6k
A better future with KSS
kneath
231
16k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.6k

Transcript

  1. Reverse Engineering APIs Raimon Grau & Michal Cichra 3scale

  2. Inspecting APIs github.com/kidd & github.com/mikz 3scale

  3. Debugging APIs [email protected] & [email protected] 3scale

  4. APIs Everywhere

  5. Get in touch! [email protected] Cases of study • ‘Hidden’ API:

    Sonos • Combining APIs: Bicing on steroids

  6. Get in touch! [email protected] Sonos

  7. Get in touch! [email protected] Sonos

  8. Get in touch! [email protected] Sonos

  9. Get in touch! [email protected] Sonos

  10. Get in touch! [email protected] Sonos

  11. Demotime!

  12. Yay! :) or nay :(

  13. Get in touch! [email protected] What else you could do? •

    Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue

  14. Get in touch! [email protected] Case 2: Api aggregation Bicing +

    Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0

  15. Get in touch! [email protected] Improvements • Reduce transfer size •

    Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface

  16. Get in touch! [email protected] Api Aggregation Mobile app Middleware Web

    APIs requests responses

  17. Get in touch! [email protected] Api Aggregation Mobile app Middleware Web

    APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html

  18. Demotime!

  19. Get in touch! [email protected] How we improved? Size Savings Response

    time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s

  20. Get in touch! [email protected] What APIs to combine? Hue +

    Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually

  21. Get in touch! [email protected] What do we get from it?

    • As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.

  22. Get in touch! [email protected] Special Treat Primavera Sound Festival 2014

    fake apps on Google Play Store real iOS app with a twist

  23. Thank You and Happy Hacking! www.apitools.com @apitools - [email protected] [email protected]

    / [email protected]