Practical Network for Android Developers

Slide 1

Slide 1 text

Practical Network for Android Developers Dinorah Tova r Google Developer Expert  Platform Mobile Engineer  @ konfío.mx @ddinorahtovar @ddinorahtovar

Slide 2

Slide 2 text

Network is important!

Slide 3

Slide 3 text

Network means a lot of things @ddinorahtovar   Data Layer Network   Presentation Layer UI Models Entities Domain Layer

Slide 4

Slide 4 text

Network means a lot of things @ddinorahtovar •Concurrency •Clients •Connections (WIFI, Cell) •Http versions and frames

Slide 5

Slide 5 text

Network means a lot of things @ddinorahtovar Request Response Click Origin Server

Slide 6

Slide 6 text

Network means a lot of things @ddinorahtovar •Request — Make an HTTP request to an URL •Response — Will return an error or success •Data that can be parsed — Parsing of a String as response to a Data Class

Slide 7

Slide 7 text

Network means a lot of things @ddinorahtovar Uniform Resource Locator Headers Body

Slide 8

Slide 8 text

Network Errors are for surviving @ddinorahtovar •1xx — Everything is cool, just wait a little bit •2xx — Everything is fine, fully successful •3xx —The response is somewhere else

Slide 9

Slide 9 text

Network Errors are for surviving @ddinorahtovar •4xx— The request by the client is poorly fulfilled, so this is an error from the mobile side •5xx — The server failed to fulfill a correct request, so this is an error from the backend side

Slide 10

Slide 10 text

Http and Network Clients

Slide 11

Slide 11 text

Http Methods @ddinorahtovar GET PATCH DELETE POST PUT

Slide 12

Slide 12 text

Http Methods @ddinorahtovar GET PATCH DELETE POST PUT •GET — Push data from server •POST — Create new resources •PUT — Update resources •PATCH — Update specific resources •DELETE — Delete resources

Slide 13

Slide 13 text

HttpClient @ddinorahtovar •HttpClient are clases to handle Http connection, methods and frames of data

Slide 14

Slide 14 text

Cache @ddinorahtovar •Database Catching — Database provide an impactful factor of your app performance. •CDN — Global network of edge locations to deliver a cached copy of your APIs content •DNS — Every domain request made on the internet essentially queries DNS cache servers in order to resolve the IP address

Slide 15

Slide 15 text

Cache policies @ddinorahtovar •Designed for non suffering and be aware that not everything change in a second •File allocation •max-age [Max time available] •Size space

Slide 16

Slide 16 text

Cache policies @ddinorahtovar •Cache file and policies

Slide 17

Slide 17 text

Cache @ddinorahtovar •To force a full refresh, add the noCache()

Slide 18

Slide 18 text

TSL, Certificates and Pinning

Slide 19

Slide 19 text

Transport Layer Security (TLS) @ddinorahtovar •Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. •Depends on HTTP and the multiple flavors available

Slide 20

Slide 20 text

TSL depends of HTTPs @ddinorahtovar Version Content Http/1.1   with TLS Http/2   with TLS TLS streams, TCP streams & Packages Frames division UDP packages + QUIC streams Http/3   with TLS

Slide 21

Slide 21 text

TSL depends of HTTPs @ddinorahtovar HTTP/1.1   TCP streams and packets HTTP/2   Frames division HTTP/3   QUIC streams

Slide 22

Slide 22 text

TSL @ddinorahtovar •Using HTTPS in our servers is enough? •Want to be safe? Then, lets talk about encryption •Short Answer: No

Slide 23

Slide 23 text

Your App TSL @ddinorahtovar Origin Server Encrypted Certificates TSL/SSL

Slide 24

Slide 24 text

TSL in your HTTP client @ddinorahtovar

Slide 25

Slide 25 text

TSL @ddinorahtovar •What is a cipherSuite? val cipher = Cipher.getInstance("AES/CBC/PKCS5Padding") Schema Model Padding

Slide 26

Slide 26 text

TSL @ddinorahtovar •What is a cipherSuite? .cipherSuites( CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256 ) TLS Bulk encryption Key exchange and signature Message auth

Slide 27

Slide 27 text

Certificates @ddinorahtovar •In a typical SSL usage scenario, a server is configured with a certificate containing a public key as well as a matching private key. As part of the handshake between an SSL client and server, the server proves it has the private key by signing its certificate with public-key cryptography

Slide 28

Slide 28 text

Certificates @ddinorahtovar CER (.CRT ) PFX

Slide 29

Slide 29 text

Certificates @ddinorahtovar

Slide 30

Slide 30 text

Security is important @ddinorahtovar •You can check “Modern security for Android developers”

Slide 31

Slide 31 text

Authenticators & Interceptors

Slide 32

Slide 32 text

Interceptors are amazing! @ddinorahtovar Your App OkHttp   Core Internet Loggin Interceptor Network Interceptor

Slide 33

Slide 33 text

Loggin interceptors @ddinorahtovar •They give us information about the Headers or Body levels of the request and response •Only Debug •They can leak information

Slide 34

Slide 34 text

Loggin interceptors @ddinorahtovar

Slide 35

Slide 35 text

Network interceptors @ddinorahtovar •They give us the chance to modify request and responses •Can be used in production •Amazing for handling errors like 401!

Slide 36

Slide 36 text

Network interceptor @ddinorahtovar

Slide 37

Slide 37 text

Network interceptors @ddinorahtovar •Do we need it like that? •Let’s do it in a cool way -> •Short Answer: well, maybe no

Slide 38

Slide 38 text

Network Interceptor @ddinorahtovar

Slide 39

Slide 39 text

Interceptor.Chain @ddinorahtovar •We need to talk about Interceptor.Chain •Specially about RealInterceptorChain

Slide 40

Slide 40 text

Interceptor.Chain @ddinorahtovar •Here is where all the HTTP work happens

Slide 41

Slide 41 text

Network Interceptor @ddinorahtovar

Slide 42

Slide 42 text

Authenticator @ddinorahtovar •Returns a request that includes a credential to satisfy an authentication •Authenticate by returning a follow-up request that includes an authorization

Slide 43

Slide 43 text

Authenticator @ddinorahtovar Your App Authenticator Your server 401 Try to access Refresh Refresh Normal request Normal request

Slide 44

Slide 44 text

Authenticators @ddinorahtovar

Slide 45

Slide 45 text

A tip for OkHttpClient

Slide 46

Slide 46 text

OkHttpClient and Start up time @ddinorahtovar •Slow the times of creating

Slide 47

Slide 47 text

@ddinorahtovar •Dagger Party tricks by Zac Sweers OkHttpClient and Start up time

Slide 48

Slide 48 text

Performance

Slide 49

Slide 49 text

Performance! @ddinorahtovar •Depends of many things •Redundancy •Concurrency •OkHttpClient*

Slide 50

Slide 50 text

Concurrency @ddinorahtovar •Is not proper mobile but is important! Fault tolerance High Availability

Slide 51

Slide 51 text

Concurrency @ddinorahtovar Pools Threading •Is about three things Coroutines*

Slide 52

Slide 52 text

Threading @ddinorahtovar UI Thread Dispatcher IO   Suspendable action

Slide 53

Slide 53 text

Connection Pool @ddinorahtovar CPU operation like Files Databases Network

Slide 54

Slide 54 text

Testing

Slide 55

Slide 55 text

Testing should be simpl @ddinorahtovar Your App MockResponse MockWebServer Intercept call Normal request Mocked response Normal request

Slide 56

Slide 56 text

MockWebServer @ddinorahtovar •Let you manipulate the responses and let you verify request were made as expected •Testing of: •Request/Response •Body’s responses •Header’s

Slide 57

Slide 57 text

MockWebServer @ddinorahtovar •Simple setup

Slide 58

Slide 58 text

MockWebServer @ddinorahtovar •Adding responses is pretty simple!

Slide 59

Slide 59 text

MockWebServer @ddinorahtovar

Slide 60

Slide 60 text

Practical Network for Android Developers Dinorah Tova r Google Developer Expert  Platform Mobile Engineer  @ konfío.mx @ddinorahtovar @ddinorahtovar