Brief information: I am working on a quiz application for Android. The database is on Firebase and the users login via anonymously. When the user opened the application, it will be automatically signed-in.
My question is about firebase. I could not build the intelligence for firebase requests.
When the application is opened;
1) signInAnonymously (which firebase function) should be called first.
2) Then i check that the signed user has a saved point or not on firebase database.
3) If the user does not have point, it is generated.
4) Then i send a request to get the point of user.
In all steps, i send a request to firebase via async firebase methods. The sequence is important because the output of any step can be an input for the next step.
I handle this via callback. But i do not know that it is the best way.
screenshots of callbacks for these steps
Can you give me advice for these? If i do not use callbacks, problems are occured because of asynchronous firebase methods. The reason of that i open this issue is undetermined problems. I can learn and build any other algorithm to make it better. Thank you.
It looks like you are using nested callbacks and I am not a Java programmer, but you may want to take it easy on yourself and not go that route.
If my signing in anonymously you mean a One-Time-Password authentication flow such as just providing a phone number, that would definitely be a good approach.
You can use Google Cloud Functions, but the functions would have to be written in Nodejs, Python or Go.
Either way take a look at this flow below:
User requests OTP
Acknowledge the request
Generate code, save the code on backend (GCF)
Text user the code
User sends you the correct code
Compare codes on the server
Send user some kind of token or as you say a "point" to identify them.
I do believe Java does have support for JSON Web Tokens.
So after your setup GCF project, you are going to get some folder and files like so:
.firebaserc: a hidden file that helps you quickly switch between projects with firebase use.
firebase.json: describes properties for your project.
functions/: this folder contains all the code for your functions.
functions/package.json: an NPM package file describing your Cloud Functions.
functions/index.js: the main source for your Cloud Functions code.
functions/node_modules/: the folder where all your NPM dependencies are installed.
You want to import the needed modules and initialize the app:
const admin = require("firebase-admin");
const functions = require("firebase-functions");
const serviceAccount = require("./service_account.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://my-project.firebaseio.com"
});
That service_account.json is something you need to create, its not a library.
It will have a bunch of private and public keys that you get from your Firebase console. Ensure you also place that file inside your .gitignore files as well.
So I am skipping some crucial details here that you will have to figure out so as to get to your main question.
First, you need the idea of a user, so you need to create a user inside GCF so that in itself is going to be a function and as you mentioned Firebase is asynchronous so it would look something like this:
const admin = require("firebase-admin");
module.exports = function(req, res) {
// Verify the user provided a phone
if (!req.body.phone) {
return res.status(422).send({ error: "Bad Input" });
}
// Format the phone number to remove dashes and parens
const phone = String(req.body.phone).replace(/[^\d]/g, "");
// Create a new user account using that phone number
admin
.auth()
.createUser({ uid: phone })
.then(user => res.send(user))
.catch(err => res.status(422).send({ error: err }));
// Respond to user request saying account was made
};
So the code above I grabbed from a previous project of mine, except the whole thing was in JavaScript. For you this part will be in JavaScript or Nodejs specifically as well since again, Nodejs, Go or Python are the only languages supported by GCF.
So the comments are self-explanatory but I feel compelled to explain that the first thing I had to resolve is how to pass in information to this function in a request.
To do that I had to reference the req.body object as you see above. req.body contains all the different data that was passed to this function when the user called it. I was not sure if you knew that. So before you go and copy paste what I have above, do a res.send(req.body);. So nothing else inside that module.exports = function(req, res) {} except res.send(req.body);, so you can get a good sense of how this all works.
For every function you create you need to run a firebase deploy name-of-project.
After you feel you have a handle on this and its all working successfully, you can create your Android Studio project and add the database dependency like so:
compile 'com.google.firebase:firebase-database:10.2.1'
And then you will probably want to create your User model, maybe like this:
public class User {
public String phone;
public User() {
// Default constructor required for calls to DataSnapshot.getValue(User.class)
}
public User(String phone) {
this.phone = phone;
}
}
And so on, anyway I hope that kind of gives you a good enough idea that it gets you going. Best of luck. I know I failed to take time out to explain that the regex in my code is to sanitize the phone number and probably some other stuff. So again, don't just copy paste what I offered, study it.
I am developing a mobile app on Android.
I download a lot of information from the backend via REST API.
For example for obtain the information about a contract I use the api the following request:
GET /contracts/01212314.json
It return a json with many fields
{
"conto_contrattuale": "01212314",
"intestatario": "Dennis D'Amico",
"utilizzo": "COTTURA + PROD. ACQUA 7 GG",
"codice_settore_merceologico": "E1",
"settore_merceologico": "ELETTRICITA",
"codice_societa_vendita": "Z016",
"societa_vendita": "Estra Energie S.r.l.",
"fornitura_indirizzo": "Via Palermo",
"fornitura_civico": "20",
"fornitura_precisazione": "Rosso",
"fornitura_cap": "59100",
"fornitura_comune": "Prato"
"rid": false,
"fatt_elettronica": true,
"fatt_email": "andrea.bettarini#devise.it",
"fatture_scadute": 1,
}
But I am only interested to the field : "fornitura_indirizzo"
I can't modify the backend and the API.
So I think to create a new middle backend that fetch the info from the actual backend and exposes a call only for the field "fornitura_indirizzo".
How can I do?
Is it possible on google cloud platform? and is it free?
Thank you for your consideration.
You can put a file on your server that fetches the data en then recreates a partial array and echo that in json.
Example:
$contract = Json_decode("/contracts/xxxx.json", true);
$needed_info = $contract["fornitura_indirizzo"];
Echo json_encode($needed_info);
I can't access to the server and modify. I can only send request.
I apologise if I misunderstand your goals here, but why bother with creating this new back end for your app. You could simply call the existing back end and ignore the unneeded information. Either way, that existing back end has to send all that info somewhere for every request your mobile app performs. You're also adding more latency to the request since it has to go through your back end first.
I can see this being worth it though if your goal is to minimize the data downloaded by the mobile app when it does a request.
I have several actions in my application (ASP.NET MVC) that are not intended to be called by browser clients, but from other external applications of my property, such as the Azure Scheduler and my mobile applications (Android)
For these actions to work as expected, a secret parameter and value must be passed.
public ActionResult SendPendingMessages(string secret = "")
{
if (!secret.Equals("hardcoded_secret"))
return null;
// Real stuff here...
}
The above action is called by my scheduler every 30 minutes and sends scheduled messages.
Other example:
public ActionResult DownloadUndownloadedMessages(string secret = "")
{
if (!secret.Equals("hardcoded_secret"))
return null;
// Real stuff here...
}
The above action is called by my android application.
It fetches unread messages.
From these external applications, I always use HTTPS, so I´m sure the hardcoded password (and the URL itself) is secret.
I don't like what I'm doing here. It gives me a bad feeling.
To name a few problems with this approach:
The hardcoded secret is a long term secret.
If other developer works on these external applications, they will know the secret URL
I don´t like that these actions can be called by just knowing the URL. I want to have something more solid than just hiding the URL.
The question is, finally:
What is the most correct way of achieving this purpose?
If a developer works at, for example, WhatsApp, and he´s fired. Can he call WhatsApp server´s actions with the knowledge he got from seeing the WhatsApp client app?
I think that your best approach is follow the WebAPI path and implements one of the answers the post bellow provides:
How to secure an ASP.NET Web API
I want to create an android application, this application will make RESTful calls to a web service to obtain some data.
I know what the RESTful interface will be, but I don't want the hassle of creating my own implementation. Is there an easy way to create a stub RESTful web service that will return some static data without having to write a full blown WS application to do this?
Mocky.io allows you to create stub endpoints and specify the data they return via public URLs.
Runscope (disclaimer, I'm a founder) allows you to capture a real request once, then replay back the response as needed via Response Playback URLs.
I've found using Sinatra really useful for this sort of thing if you want to test the actual HTTP calling code. You can have a endpoint returning data in seconds. Very little Ruby knowledge required.
require 'sinatra'
require 'json'
get '/Person' do
content_type :json
{ :id => 345, :key2 => 'John Doe' }.to_json
end
Is all you would need to return a simple json object.
One of the approaches (similar to Vinnie's) is to make a local implementation of your webservice. For example, your webservice allows you to log a user in and to get a list of users online.
The webservice interface looks like this:
public interface WebService {
public LoginResponse login(String user, String pass) throws Exception;
public UsersOnlineResponse getOnlineUsers() throws Exception;
}
Then, we implement this interface for remote webservice which will be used in production. Remote implementation makes HTTP calls with help of HTTP client, retrieves response and parses it to an appropriate response object. Here is a fragment of it:
public class RemoteWebService implements WebService {
private AndroidHttpClient client = AndroidHttpClient.newInstance(USER_AGENT);
#Override
public LoginResponse login(String user, String pass) throws Exception {
LoginResponse response = client.execute(
createPostRequest(METHOD_LOGIN, user, pass),
new JsonResponseHandler(LoginResponse.class));
handleResponse(response); // verify response, throw exceptions if needed
return response;
}
}
For testing purposes, when webservice is not available or is being developed, we implement local webservice. Local implementation takes predefined JSON responses from assets folder and parses it to an appropriate response object. It's up to you how to implement webservice behaviour: it can be simple static responses or some random/validation-dependent responses. Here is the part of it:
public class LocalWebService implements WebService {
private Context context;
public LocalWebService(Context context) {
this.context = context;
}
#Override
public LoginResponse login(String user, String pass) throws Exception {
Thread.sleep(DELAY); //emulate network delay
if (validateParams(user, pass)) {
return parseAssetsJson("ws/login.json", LoginResponse.class);
} else {
Response response = parseAssetsJson("ws/status_bad_request.json", Response.class);
throw new WebServiceException(response);
}
}
public <T> T parseAssetsJson(String filename, Class<T> klass) throws IOException {
InputStream is = context.getAssets().open(filename);
return JsonParser.getInstance().fromJson(new InputStreamReader(is), klass);
}
}
Next, we want to switch between implementations painlessly. The usage of both implementations of the webservice is transparent, because we use WebService interface. So, we'll configure the WebService instance on app launch. Application class suits our needs:
public class App extends Application {
public static final boolean USE_LOCAL_WS = false;
private static WebService webService;
public static getWebService() {
return webService;
}
#Override
public void onCreate() {
super.onCreate();
webService = USE_LOCAL_WS ? new LocalWebService(this) : new RemoteWebService();
}
}
I'd suggest checking out WireMock (disclaimer - I wrote it):
http://wiremock.org/
You can run it standalone on your laptop, configure stubbed responses and verify that your app send the requests you expected it.
It's configurable via a fluent Java API or JSON (files or over HTTP).
I ended up writing a mock service tool for a similar purpose: https://github.com/clafonta/Mockey/wiki
A mock service is a great tool for quickly building UIs and validating your client code, but it can become a rabbit hole, so I recommend you use something that is already out there before building your own. Github has plenty of results when you search for 'mock'. Regardless of what you do, here are a few key stumbling blocks that you may encounter.
You end up working with the wrong data/JSON format. For example, your app works great with the mock service, but breaks when hitting the real service because your app consumes a JSON object but the real service returns an Array of JSON objects. To avoid this, you could try using JSON Schema to help highlight invalid JSON models in your mock service.
Your app doesn't make a valid request. Your mock service will typically not care about the incoming request. For example, the real service needs a "customerID" and your app never passes it in. To avoid this, you could build some "required request parameter" validation logic in your mock service.
Testing challenges. Your automated functional testing approach needs to interact with your mock service tool if you want to test things beyond the simple "happy path". For example, you run your test "user A logs-in and sees 0 messages" vs. "user B logs-in and sees 20 messages".
You can try Jadler (http://jadler.net). It's an http stubbing/mocking library I've been working on for some time. It should meet all your requirements I believe.
Just in case someone is still looking at this thread at year >= 2017. There's free tool out there now that let's you create mock soap and rest web services in seconds without the need to install or deploy anything on your box.
amock.io
You can select your http method, response code, response message body, content-type, specify custom endpoint, etc.
It's very useful for returning mock data from remote web services to you app, any kind of app.
Disclaimer, I developed this service, out of necessity and I made it free so others can benefit from the solution.
Beeceptor (disclaimer, I'm the author) shall help you for the exact use-case here. Create an API endpoint, define a mock path and response. Use it in hackathons to build mock APIs in seconds.
Beeceptor is more than a mocking service. It is an HTTP proxy for APIs. For example, if you have a real API, use the real API as ultimate target. Beecetor intercepts traffic and using rules,
when rules are matched, APIs are mocked
when no rule matches, your target endpoint is hit as usual.
With Mocky.io, you shall have different API paths, with Beeceptor your base URL is going to be same all the time.
There's pretty new mock API solution called QuickMocker that allows not only stubbing static data, but also generate fake (faker), random and contextual data using shortcodes. Supports multiple HTTP methods and RegExp URL path which allows to create even one single dummy endpoint that can intercept anything you need. And yeah, it allows to debug any request made to your fake API domain.
Probably the best thing to do is create a mock for the REST web service service while you're developing your application code and then replace it with code to call the actual web service returning "real" data, once your application is written.
I'm currently writing a very similar application to yours which (like you) obtains data from a RESTful web application. In my application, I'm following the MVP pattern recommended by GWT and is also documented by Martin Fowler as the PassiveView pattern.
What you want to do is abstract away the code to make the REST web service call into an interface (the Model). The responsibility of this model class is to provide data to the Presenter/Controller. The Presenter will handle all of your business logic and then pass data up to the view (the view should be pretty dumb as well allowing it to also be mocked out). During testing, you will create a MockModel to implement the model interface and pass test data to the Presenter - without making an actual web service call at all! Then, when you're ready, you will replace this class with the actual web service and start your integration testing.
This approach has the added benefit in that it will be easy to create specific (and repeatable) test cases in your mock model. If you don't have control of the actual web service (and I'm assuming you don't), this can be difficult (or even to impossible) to achieve. The result should be a more robust, better tested application without to need to create any test XML or JSON or creating the web services yourself.
Create some files with dummy responses and put into a folder. Now go to command-line and execute the following:
python -m SimpleHTTPServer
You can now access these files and dummy responses at
http://:8000
I suggest taking a look at FakeRest (https://github.com/marmelab/FakeRest), a client-side only Fake Server using XMLHTTPRequest monkey patching.
Disclaimer: I wrote it.
Atmo could be useful.
Disclaimer: I'm the author of atmo.
You can make use of http://maqueapp.com/ to create the mock web service. Its quick and easy. I heard about it on theflexshow episode 157 (not flexshow!)
I am wondering what is required to setup a server so that you can store data on it, and then have an application send requests to it to store and receive data. More specifically, I am working on an Android application where a user will generate data and then that should be stored on a server so other users can access it. But I do not know how setting up a server to be capable of this works. I have worked on Android applications in the past that sends requests (put, post, get, etc) to a server, but that back end was already set up for me. Any info or resources about setting this up would be great.
There are many, many different ways to accomplish this.
Since you're already working with a Google technology, Android - you could start by creating a Google App Engine project. Following the tutorials you can get started setting up a simple back end solution that will store data for you and you can make requests to it for that data.
Another advantage to this for you is that you don't have to learn how to install software on a server and all the dependencies that arise from that, etc. Simply set up a new account and push-button deploy through Eclipse or command line.
And since you've used Java in Android, you can use JAva for Google App Engine (GAE) too!
Getting started: http://code.google.com/appengine/docs/java/gettingstarted/introduction.html
You can try ready to use BAAS/PAAS services to store your data, e.g. QuickBlox for Android http://quickblox.com/developers/Android, where you can manipulate with your data with few strings
QBLocation location = new QBLocation();
location.setLatitude(35.0);
location.setLongitude(53.0);
location.setStatus("I'm at this place");
String someImportantString = "Dr. Henry Walton Indiana Jones";
QBLocations.createLocation(location, new QBCallbackImpl() {
#Override
public void onComplete(Result result, Object context) {
// retrieve context object inside callback
String passedContextObject = (String) context;
System.out.println(passedContextObject);
// do stuff with result
}
}, someImportantString);
All logic of data exchange with server is encapsulated in framework.