Reverse Engineering APIs

588546210fcf916c39dafebdbb2ddbb5?s=47 mikz
May 30, 2014
Technology
1
400

Reverse Engineering APIs

Hacking Sonos and Bicing APIs with APItools.
ApiDays

588546210fcf916c39dafebdbb2ddbb5?s=128

mikz

May 30, 2014
Tweet

Other Decks in Technology

See All in Technology
5af8e5bd2f24e4ea0cee732c6cc259b3?s=48 haruharuharuby
0
310
9f96c3fd49e6a294e521175f2ad80b71?s=48 usamomokawa
0
180
Ae4ace6ba2b695fd37e4121faef66b43?s=48 katsushun89
0
200
Cbc297b07593321e52c75a9ebcc0f843?s=48 jacopen
5
660
A35557d139d8d53246763a01ec847a3f?s=48 kichiemon
3
180
Cb7edd153cf503f44c727b73647558bf?s=48 tetsuroito
0
1k
34fcd5f1deeb25b1138e9845137feb6e?s=48 kakutani
11
1.2k
9df0566fad9c9ca3bf669917848878fe?s=48 i35_267
3
1.2k
40301c0affdf359eaca771713e22b71a?s=48 harshbothra
0
440
0b238801605070def81a98cfe8061aee?s=48 shonansurvivors
1
190
8120d39cb575881c830287046f06fec8?s=48 daoka
1
2.1k
Ea29e2b19d11b48f867ae71d6a6de5df?s=48 opelab
18
6.6k

Featured

See All Featured
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
252
19k
C620790ae5bf5b50c245b2e0ef95f338?s=48 deanohume
294
27k
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
52
2.7k
E13c31390e0369fcd5972292ce0e7b92?s=48 jnunemaker
PRO
40
4.3k
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
144
19k
812e1705ff0f8bc1bcf18587bde687d5?s=48 62gerente
582
190k
7edec06b5435e0dac07a353b2cc26253?s=48 geeforr
330
29k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
165
6.8k
78b475797a14c84799063c7cd073962f?s=48 holman
287
130k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
220
14k
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
3
340
5f83ef806155b403c3393160ce51f955?s=48 jlugia
215
16k

Transcript

  1. Reverse Engineering APIs Raimon Grau & Michal Cichra 3scale

  2. Inspecting APIs github.com/kidd & github.com/mikz 3scale

  3. Debugging APIs raimon@3scale.net & michal@3scale.net 3scale

  4. APIs Everywhere

  5. Get in touch! hello@apitools.com Cases of study • ‘Hidden’ API:

    Sonos • Combining APIs: Bicing on steroids

  6. Get in touch! hello@apitools.com Sonos

  7. Get in touch! hello@apitools.com Sonos

  8. Get in touch! hello@apitools.com Sonos

  9. Get in touch! hello@apitools.com Sonos

  10. Get in touch! hello@apitools.com Sonos

  11. Demotime!

  12. Yay! :) or nay :(

  13. Get in touch! hello@apitools.com What else you could do? •

    Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue

  14. Get in touch! hello@apitools.com Case 2: Api aggregation Bicing +

    Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0

  15. Get in touch! hello@apitools.com Improvements • Reduce transfer size •

    Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface

  16. Get in touch! hello@apitools.com Api Aggregation Mobile app Middleware Web

    APIs requests responses

  17. Get in touch! hello@apitools.com Api Aggregation Mobile app Middleware Web

    APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html

  18. Demotime!

  19. Get in touch! hello@apitools.com How we improved? Size Savings Response

    time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s

  20. Get in touch! hello@apitools.com What APIs to combine? Hue +

    Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually

  21. Get in touch! hello@apitools.com What do we get from it?

    • As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.

  22. Get in touch! hello@apitools.com Special Treat Primavera Sound Festival 2014

    fake apps on Google Play Store real iOS app with a twist

  23. Thank You and Happy Hacking! www.apitools.com @apitools - hello@apitools.com raimon@3scale.net

    / michal@3scale.net