$30 off During Our Annual Pro Sale. View Details »

Reverse Engineering APIs

mikz
May 30, 2014
Technology
1
490

Reverse Engineering APIs

Hacking Sonos and Bicing APIs with APItools.
ApiDays

mikz

May 30, 2014
Tweet

Other Decks in Technology

See All in Technology
技術コミュニティの中での生成AI(自身の観測範囲での事例について) / 23 Xmas Talk / 20231209
you
PRO
0
1.3k
GoのProtocプラグインを活用した効率的な負荷試験戦略 / Efficient Load Testing Strategies Utilizing the Go Protoc Plugin
biwashi
0
120
継続的なコツコツ技術広報とブランディング磨き込みの過程と課題/engineering-brand
nishiuma
0
120
ECサイト向け決済機能の開発で学んだ外部決済サービスの活用ポイント
k1style
1
220
DMMプラットフォームにおける GKE を利用した プラットフォームエンジニアリングへの 取り組み
pospome
1
200
Autonomous Database サービス・アップデート (FY24)
oracle4engineer
PRO
0
170
エンタープライズSaaSへの挑戦〜顧客の事業を成長させるプロダクトマネジメントとは?〜 / pmconf2023
route06
2
1.1k
AWS re:Invent 2023に参加してきた ~Amazon Inspectorのアップデートを添えて~ / AWS re:Invent 2023 Participation Bulletin with Amazon Inspector Updates
yuj1osm
0
310
VRの世界でLTしていく (LT) - NIFTY Tech Day 2023
niftycorp
0
120
NIKKEI COMPASSの Stripe決済フローと決済高速化の方法/20231205-compass
nikkei_engineer_recruiting
1
230
The future is already here – Mastering the challenges of the coming years
ufried
0
320
SIEMを用いて、セキュリティログ分析の可視化と分析を実現し、PDCAサイクルを回してみた
coconala_engineer
1
240

Featured

See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
52
19k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
185
15k
Why Our Code Smells
bkeepers
PRO
329
56k
Product Roadmaps are Hard
iamctodd
43
9.1k
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.3k
Faster Mobile Websites
deanohume
296
29k
What's in a price? How to price your products and services
michaelherold
236
10k
Web development in the modern age
philhawksworth
201
9.9k
A Modern Web Designer's Workflow
chriscoyier
688
190k
Teambox: Starting and Learning
jrom
125
8.2k
Building Your Own Lightsaber
phodgson
97
5.4k
GitHub's CSS Performance
jonrohan
1021
440k

Transcript

  1. Reverse Engineering APIs
    Raimon Grau & Michal Cichra
    3scale

    View Slide

  2. Inspecting APIs
    github.com/kidd & github.com/mikz
    3scale

    View Slide

  3. Debugging APIs
    [email protected] & [email protected]
    3scale

    View Slide

  4. APIs Everywhere

    View Slide

  5. Get in touch! [email protected]
    Cases of study
    ● ‘Hidden’ API: Sonos
    ● Combining APIs: Bicing on steroids

    View Slide

  6. Get in touch! [email protected]
    Sonos

    View Slide

  7. Get in touch! [email protected]
    Sonos

    View Slide

  8. Get in touch! [email protected]
    Sonos

    View Slide

  9. Get in touch! [email protected]
    Sonos

    View Slide

  10. Get in touch! [email protected]
    Sonos

    View Slide

  11. Demotime!

    View Slide

  12. Yay! :) or nay :(

    View Slide

  13. Get in touch! [email protected]
    What else you could do?
    ● Transfer song from Spotify to the Sonos
    ● Backup playlists
    ● Stream the music to remote locations
    ● Vote the songs added to the queue

    View Slide

  14. Get in touch! [email protected]
    Case 2: Api aggregation
    Bicing + Google Maps
    Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0

    View Slide

  15. Get in touch! [email protected]
    Improvements
    ● Reduce transfer size
    ● Reduce roundtrips
    ● Improve accuracy by getting info
    from multiple sources
    ● Improve API interface

    View Slide

  16. Get in touch! [email protected]
    Api Aggregation
    Mobile
    app
    Middleware
    Web APIs
    requests
    responses

    View Slide

  17. Get in touch! [email protected]
    Api Aggregation
    Mobile
    app
    Middleware
    Web APIs
    requests
    responses
    http://techblog.netflix.com/2013/01/optimizing-netflix-api.html

    View Slide

  18. Demotime!

    View Slide

  19. Get in touch! [email protected]
    How we improved?
    Size Savings Response time
    Original XML 131k ~0.7s
    JSON 80k 39% ~0.7s
    JSON with
    distances
    91k 30% ~0.7s
    nearest 10 5k 96% ~0.8s

    View Slide

  20. Get in touch! [email protected]
    What APIs to combine?
    Hue + Google Calendar
    Google Maps + Foursquare
    Sonos + Last.fm
    Dropbox + Github
    Almost any, actually

    View Slide

  21. Get in touch! [email protected]
    What do we get from it?
    ● As hackers we like to know what’s under the
    hood
    ● Cross API
    ● We can ‘discover’ hidden APIs. :)
    ● It’s fun!
    ● We can improve performance by
    aggregating multiple calls.

    View Slide

  22. Get in touch! [email protected]
    Special Treat
    Primavera Sound Festival 2014
    fake apps on Google Play Store
    real iOS app with a twist

    View Slide

  23. Thank You
    and
    Happy Hacking!
    www.apitools.com
    @apitools - [email protected]
    [email protected] /
    [email protected]

    View Slide