Slide 1

Slide 1 text

THERE’S AN API FOR THAT! Mariatta Python Core Developer https://mariatta.ca fosstodon.org/@mariatta

Slide 2

Slide 2 text

What even is a bot? Mariatta fosstodon.org/@mariatta

Slide 3

Slide 3 text

GitHub Bot Mariatta fosstodon.org/@mariatta

Slide 4

Slide 4 text

Gitter Bot Mariatta fosstodon.org/@mariatta

Slide 5

Slide 5 text

Bot == ? Mariatta fosstodon.org/@mariatta

Slide 6

Slide 6 text

Bot == Web app Mariatta fosstodon.org/@mariatta

Slide 7

Slide 7 text

Bot == Web app == Automation Mariatta fosstodon.org/@mariatta

Slide 8

Slide 8 text

Your Web App Mariatta fosstodon.org/@mariatta Third Party The internet

Slide 9

Slide 9 text

Your Web App Mariatta fosstodon.org/@mariatta Third Party The internet API

Slide 10

Slide 10 text

Your Web App Mariatta fosstodon.org/@mariatta Third Party API

Slide 11

Slide 11 text

Webhooks Third Party Mariatta fosstodon.org/@mariatta Your Web App (incoming API calls)

Slide 12

Slide 12 text

Webhooks Third Party Mariatta fosstodon.org/@mariatta Your Web App API

Slide 13

Slide 13 text

Working with APIs Mariatta fosstodon.org/@mariatta

Slide 14

Slide 14 text

Also called Developer Docs Start with Tutorials if you are new API endpoints are listed under Resources Read the Documentation Mariatta fosstodon.org/@mariatta

Slide 15

Slide 15 text

Also called Developer Docs Start with Tutorials if you are new API endpoints are listed under Resources Read the Documentation Mariatta fosstodon.org/@mariatta

Slide 16

Slide 16 text

# Don’t do this TOKEN = “my token” # Do this TOKEN = os.environ[”TOKEN”] API keys or OAuth2 Keep your credentials secret!! Don’t store as plain text Don’t commit to your codebase Use environment variables Authentication Mariatta fosstodon.org/@mariatta

Slide 17

Slide 17 text

Helper library for working with third-party APIs Also called toolkit or SDKs or wrappers Abstraction and simplification Hides details of request authorization, headers, signature verification Write code in your favorite language (e.g. Python) No client library? Write your own Use Swagger Client if they have OpenAPI Use Client Libraries Mariatta fosstodon.org/@mariatta

Slide 18

Slide 18 text

Use your favorite web framework Django REST framework, Flask, FastAPI, aiohttp, etc Always verify incoming requests Use webhook secret Pass a specific request header The client library should handle this. If not, file a feature request! Webhooks Mariatta fosstodon.org/@mariatta

Slide 19

Slide 19 text

GitHub APIs Mariatta fosstodon.org/@mariatta

Slide 20

Slide 20 text

Dev Docs: https://docs.github.com/en/developers Authenticate using Personal Access Token, or OAuth2 Official client libraries: in Ruby, .NET, JavaScript Third Party Python library: https://gidgethub.readthedocs.io My GitHub App tutorial: https://github-app-tutorial.readthedocs.io >>> python3 -m pip install gidgethub GitHub APIs Mariatta fosstodon.org/@mariatta

Slide 21

Slide 21 text

API for opening an issue response = await gh.post( f'/repos/{owner}/{repo}/issues', data={ 'title': 'Found a bug!', 'body': 'Use more emoji!', } ) GitHub APIs with gidgethub Mariatta fosstodon.org/@mariatta

Slide 22

Slide 22 text

Webhook event handler @router.register("issue", action="opened") async def issue_opened(event, gh, *args, **kwargs): ... response = await gh.post( f"{issue_url}/comments", data={"body": msg}, oauth_token=installation_access_token["token"], ) GitHub APIs with gidgethub Mariatta fosstodon.org/@mariatta

Slide 23

Slide 23 text

Vacation Aquarium-Cam /Potato-Cam Mariatta fosstodon.org/@mariatta

Slide 24

Slide 24 text

Mariatta fosstodon.org/@mariatta Flickr API Upload photos of aquarium/ potato garden using Flickr API https://github.com/Mariatta/raspberry_pi_webcam_py Source Code https://www.flickr.com/photos/134275259@N03/ Flickr Album

Slide 25

Slide 25 text

Mariatta fosstodon.org/@mariatta mariatta.ca Thank you