Chatbots (I): Build an app to talk to your phone without coding

A posts series about chatbots starts today with a direction but without a clear destination.

Today we are going to see a really easy way to create an app that allows you (writing like in a chat or speaking) talk to your phone without coding, without a single line of code!

[En castellano]

A lot of you already would had used Google Assistant. It is the “Siri” from Google which you could access on Android phones saying “Ok, Google”.

Nowadays it also works on iOS phones, on Google Home, on smartwatches, on cars, on TVs, …

By the way, Google (attending the developer community program I spoke about two months ago) mailed me about they are gifting me a Google Home thanks an app I built following this method, using only a few hours. Do you want do the same?

When you access the actions console (“actions” is the name given to Google Assistant apps) you can add a new project and Google gives you some options. You can code everything using its API, you can use an advanced platform in which you can code but it gives you a lot of work done (it is named DialogFlow), or you can use templates Google provides.

As you see in the above image, there are 3 different templates:

  1. Trivia. This template allows you create a quiz. You can provide different answers and synonyms for this answers also for each question. It is ready to load contents in English, French, German and Japanese.
  2. Personality Quiz. This template is ready to create personality quizzes. For instance, you can create a quiz like the one used by Cambridge Analytics (the company that had problems with Facebook’s privacy) to get data about millions of Americans and to affect USA elections. For the time being, you can only use this to create English content.
  3. Flash Cards. This is a template that for the moment only allows you create English content. It drives you to build a teaching game to learn about things.

The first step (but with the second that doesn’t allow this option) you have to choose the kind of personality. It means that you are choosing a voice from a woman, a man or a robot. Your election is also affecting to accent, expressions and sound effects that your application is going to use.

It is really important that you copy the Google Sheets template in the second step, the one about content. If you build your sheet from a clear one, it is difficult to achieve all restrictions checked by validations coming.

Using the template you are allowed to change whatever you want to adapt it to your content, but it is really important that in the second sheet (that is ready to set different configuration params) you change the title of your application, in order to avoid conflicts with other apps created before.

Whenever you are done following this wizard (the form that takes you throw a step by step process, for the ones that are not inside the apps design and development world), you only have to follow the Overview one to set how your apps are going to be called, set descriptions, icons, etc. etc.

Done this, you are ready to send your draft to the validation process and whenever it was approved your users will be able to say to their phones “Talk to…” and magic will start.

All in one serverless solutions

There are a lot of platforms and applications that are providing serverless capabilities to our developments, avoiding us of thinking a lot about servers.

You can find services for serverless storage, serverless notifications, mailing, payments, forms, but it could be quite difficult integrate all of them into one single solution. What is the best way to have all possible functionalities in one only place and don’t do a lot of work?

all in one photo

Actually, you are able to use a lot of serverless functionalities from wide platforms like Google Cloud, AWS or Azure. Did you remember that article about Azure Serverless? That platform has a lot of high-level functionalities and services that can allow you don’t think about machines, operating systems, RAM, network, etc. when your app needs to scale. But the problem is almost the same, you have all those functionalities in a single platform but you have to do a lot of work to integrate them into one single solution.

There are some platforms that are ready to start working, providing you a lot of capabilities that are planned to work together. They could not be the best in performance or other facets, but they are really god to prototyping and to start working on your MVP accelerating your development. This is because they just work. Some of those are the following:

  • Firebase: Real-time database, authentication, hosting. A powerful platform for your mobile or web application.
  • Backendless: Real-time database, authentication, hosting.
  • Stamplay: “IFTTT For Back-End Development“.
  • Kinvey: Build your digital business faster with mobile Backend as a Service.
  • Syncano: An all-in-one platform to create real-time apps without a server.
  • Hoodie: Hoodie is a complete backend for your apps: develop your frontend code.
  • Para: Flexible and lightweight backend service for rapid prototyping, based on open source software.
  • Wolkenkit: It is a CQRS and event-sourcing framework for JavaScript and Node.js which fits perfectly with domain-driven design (DDD).

Did you know all of them? Look over them and be ready to run developing your next app, and if they are not complete enough for your needs, look for what you need. The Internet is full of serverless services.

Get to the point with Solidity

As I explained in my previous post about coding for Ethereum, there are a lot of ways to learn Solidity. However, most of them are really humdrum if you already know how to code, almost if you know javascript. So, let’s get to the point with Solidity looking the simplest structures you need to start coding.

ethereum photo

Solidity is based on javascript, but it also owns structures from other functional languages like Haskell and from object-oriented languages like Java. To do Dapps you need more than knowing the language because you need to know about patterns, security, how to compile and publish, and what actions cost more gas than others. Also, Solidity owns more reserved words than the explained below and more complex structures like inserting assembly inline, but with a little base of javascript and reading the following script (just 242 lines) you will be ready to start the backend of your very own distributed application over the Ethereum Virtual Machine.

pragma solidity ^0.4.19; //Version of the compiler

import "./otherContractsFile.sol";

contract ContractName { //Declaration of the basic unit of code
   /***Variables and funtions***/
   bool boolVariable;
   uint unsignedIntVariable;
   int intVariable;
   int intVariableWithValue = 10;
   uint16 unsigned16BitInt;
   uint256 unsignedIntVariable2;
   ufixed unsignedFixedVariable;
   fixed128x19 fixedVariableWith128bitsAnd19DecimalPoints;
   string stringVariable = "It can store any UTF-8 encoded string";
   address addressVariable; //addresses are used to store user accounts and contracts identifiers
   var aVariable = intVariableWithValue; //aVariable is defined as an int variable
   uint constant lustrum = 5 years;

   /*State variables are permanently stored in the EVM
    *between external function calls for this contract. 
   uint stateVariable;

   function doSomething(uint uintParam) {
      /*Variables declared inside functions
       *are stored in memory and they are reset 
       *between different calls to the function.
      uint functionVariable;
      stateVariable = stateVariable + functionVariable;
      /*functionVariable = 1
       *stateVariable = 1 the first time this function is executed,
       *2 the second time this functions is executed, 3 the third, ...

   /***Collections and your own types***/
   uint[2] fixedArray;
   uint[] dynamicArray;
   mapping (address => uint) mapFromAddressToUint;

   enum EnumType {

   struct StructType {
      uint uintField;
      string stringField;
   StructType structVariable;
   StructType structVariableWithValue = StructType(10, "something");
   StructType[] structArray;

   function manageStructArrayByValue() {
      /*This variable is asigned by value (a copy is done)*/
      StructType memory myStruct = structArray[0]; 
      myStruct.uintField = 10; //structArray[0].uintField = 0;

   function manageStructArrayByReference() {
      /*This variable is asigned by reference (a pointer is created)*/
      StructType storage myStruct = structArray[0]; 
      myStruct.uintField = 10; //structArray[0].uintField = 10;

   uint[] public publicArray; //A public array is read-only publicly accessible by other contracts
   mapping (uint => string) public publicMap;

   function workWithArrays() private {
      uint[] myArray;
      myArray.push(1); //myArray = [1]
      myArray.push(2); //myArray = [1,2]
      uint newLenth = myArray.push(1); //newLenth = 3, myArray = [1,2,1] 

   /*Functions are public by default, so you need to set them private
    *in order to keep your contract secure. In other case, functions
    *can be called (and executed) by other contracts.
   function doSomethingPrivate(uint uintParam) private {
      //some code

   /*Internal functions are functions that can be called from
    *contracts that inherit from this one.
   function doSomethingInternal(uint uintParam) internal {
       //some code

   /*Public functions can be called from anywhere.*/
   function do(uint param) public {
      //some code
      doSomethingPrivate(10); //Can't call to doSomethingExternal

   /*External functions can be called from external contracts
    *but not from inside this contract.
   function doSomethingExternal(uint param) external {
      //some code

   function ContractName() public { //this is a constructor but be carefull using them, they are not executed in some special cases
      //do something

   function return10() returns (uint) {
      return 10;

   function returnMultipleValues() returns (uint value1, uint value2) {
      value1 = 10;
      value2 = 20;

   function returnMultipleValues2() returns (uint, uint) {
      return(10, 20);

   function useMultipleValues() {
      uint value1;
      uint value2;
      (value1, value2) = returnMultipleValues();

      uint value4;
      (,value4) = returnMultpleValues2();

   /*function throwsAnError(int a) private returns (int8) {
    *   return a + 1;

   function addAndConvert(int a) private returns (int8) {
      return int8(a) + 1; //uses the 8 less significant bits of a

   function addAndConvertIfIsInt8(uint a) private returns (uint8) {
      require(a <= 2 ** 8); //Throws an error if false
      return uint8(a) + 1;

   event sthOccurred(uint param);

   function throwEvent() private {

   //"view" can be used to identify functions that are not changing any data
   function returnInt() public view returns (int) {
      return intVariable;

   //"pure" can be used to identify functions that do not access any data in the contract
   function add(int a, int b) public pure returns (int) {
      return a + b;

   //"payable" is needed in order to receive Ether with a call
   function aFunctionThatCost() public payable {
      //this contract will own the ether sended at the end of the execution

   modifier myModifier() {
      //some code to be executed before the function
      _; //this is a placeholder that indicates the point where the code of the function will be executed
      //some code to be executed after the function

   function functionWithModifier() public myModifier {
      //some code to be executed in the place where the placeholder is set inside modifier's code

   function otherFunctionsAndValues() private {
      keccak256("qwerty"); //returns a 256-bit hexadecimal with a SHA3 hash of the param
      //"qwerty" == "QWERTY"; Solidity can't compare strings. Instead you can do
      keccak256("qwerty") != keccak256("QWERTY");

      uint currentUnixTimestamp = now;
      1 minutes == 60;
      1 hours == 3600;
      //you also have available "days", "weeks" and "years" units

      address currentBlocMiner = block.coinbase;
      uint currentBlockDifficulty = block.difficulty;
      uint currentBlockGasLimit = block.gaslimit;
      uint currentBlockNumber = block.number; 
      uint currentBlockUnixTimestamp = block.timestamp;
      bytes32 theHash = block.blockhash(block.number); //only works for 256 most recent blocks excluding current
      bytes completeCallData =;
      uint remainingGas = msg.gas;
      address callerWhoInitiatesThisExecution = msg.sender;
      bytes4 firstFourBytesOfMsgData = msg.sig;
      uint numberOfWei = msg.value;
      uint gasPriceOfTheTransaction = tx.gasprice;
      uint senderOfTheTransaction = tx.origin;

      assert(1==2); //like require but for internal errors
      revert(); //abort and revert changes


/***Inheritance and rehusability***/
contract A {
   function aFunction {}

contract B is A {
   function bFunction {

/*If you want to use an external contract, you need to define an
 *interface with the definition of the methods that you want to
contract InterfaceOfExternalContract {
   function functionExternalDefinition(uint param) external return (uint);

   function functionPublicDefinition(uint param) public return (uint);

contract ContractWichUsesTheExternalContract {
   address externalContractAddress = 0x...;
   InterfaceOfExternalContract externalContract = InterfaceOfExternalContract(externalContractAddress);

   function aFunction() {
      uint value = externalContract.functionExternalDefinition(1);

And now, what are you starting to code?

Facebook is listening to you, what can you do to avoid this?

Nowadays, a lot of people is talking about a “conspiracy” that Facebook is denying constantly. Is Facebook listening to us? What can we do to avoid this? Let’s see what are the questions and the answers:

What is people saying?

People say that Facebook apps installed on our mobiles are recording our conversations, analyzing what we say and using this to target their ads.

What is the response from Facebook?

Facebook denies all of those accusations.

Is it technically possible?

Well, record all conversations and send them requires a lot of bandwidth. We are not talking about Echelon, neither recordings made by Google Now assistant. We are talking about all the conversations you maintain all the time, all the dialogues from the TV shows you are seeing and conversations from people near you.

What is the bandwidth you bought from your provider? 1Gb? 3Gb? 10Gb? It doesn’t matter. It is not enough to listen Spotify constantly, so it is not enough to send recordings with your full conversations.

Some people are saying that they record the conversations, analyze those using your mobile phone resources and get keywords that they can send to Facebook servers.

This theory is better but battery consumption… I don’t know.

Does it really matter?

Facebook has all your written conversations, it is the owner of Facebook, Messenger, WhatsApp, Instagram, … It also owns your photos, videos, relations, … Facebook knows who is the first person who you talk every day, also knows what websites you visit and also the visits from your mom or your grandpa.

Facebook is not the only one who knows. Did you visit the link about Google records above? It’s the tip of the iceberg.

So it doesn’t matter if Facebook is listening and recording you. They know everything about you. All great companies know everything about you, so it doesn’t matter.

The only way you can follow to avoid this is become offline, at least offline from their apps and services. Are you prepared to be disconnected from your friends and family? If not, you can’t be safe.


Gmail Add-ons: How-to be on all desktops and mobiles with a simple app

Some weeks ago, Google opened the possibility of create Gmail add-ons for all developers. Let’s see what are the possibilities and how to create and distribute our own Gmail add-on.

This is not a very hard and abstract post, add-ons are something easy, so I hope my explanation to be simple too. It is based on an add-on created by myself that allows any user adding an email to Google Tasks (probably it is more useful than the add-on for MSN Messenger that I created years ago which read received messages with “real” voice). It is a functionality that has been always present on Gmail web client but that is not available on mobile clients.

In order to create a Gmail add-on you need to create a new Google Apps Script project. After that you can add as much scripts as you want to create an interface using Cards and the functionality to interact with other services, APIs and so.

For instance, in our example the functionality is very basic:

function getContextualAddOn(e) {
  var message = getMessage(e);
  var subject = message.getSubject();
  var permaLink = message.getThread().getPermalink();
  var card = CardService.newCardBuilder();
                 .setTitle('Save as task'));
  var section = CardService.newCardSection();
  var button = prepareSend(permaLink);
  return [];

function getMessage(e){
  var accessToken = e.messageMetadata.accessToken;
  var messageId = e.messageMetadata.messageId;
  return GmailApp.getMessageById(messageId);

function prepareSend(permaLink){
   var action = CardService.newAction()
  .setParameters({permaLink: permaLink});
  return CardService.newTextButton()

function saveTask(e){
  var res = e['formInput'];
  var task = Tasks.newTask();
  task.title = res["title"];
  task.notes = e['parameters'].permaLink;
  if(res["due-date"] &amp;&amp; res["due-date"] != "")
    task.due = res["due-date"] + "T00:00:00Z"
  task = Tasks.Tasks.insert(task, res["list"]);

function prepareList() {
  var response = Tasks.Tasklists.list();
  var taskLists = response.items;
  var dropdown = CardService.newSelectionInput()

  if (taskLists &amp;&amp; taskLists.length &gt; 0) {
    Logger.log('Task lists:');
    for (var i = 0; i &lt; taskLists.length; i++) {
      var taskList = taskLists[i];
      Logger.log('%s (%s)', taskList.title,;
      dropdown.addItem(taskList.title,, i==0);
  } else {
    Logger.log('No task lists found.');
  return dropdown;

function prepareTitle(subject){
  return CardService.newTextInput()

function prepareDueDate(){
  var d = new Date();
  var dd = new Date(d.setDate(d.getDate() + ( 7 - d.getDay()) % 7));
  return CardService.newTextInput()
                    .setTitle("Due date")
                    .setValue(dd.getYear() + "-" + (dd.getMonth() + 1) + "-" + dd.getDate())

function prepareSign(){
  var button = CardService.newTextButton()
  return CardService.newKeyValue()
     .setContent("Developed and maintained by")

You also have to change script’s manifest. To do this you need to access to the menu “View>Show manifest file”. Now you can modify it as you want, following our example you have to replace the content with following lines:

  "timeZone": "GMT",
  "dependencies": {
    "enabledAdvancedServices": [{
      "userSymbol": "Tasks",
      "serviceId": "tasks",
      "version": "v1"
  "oauthScopes": ["", "", ""],
  "gmail": {
    "name": "Save as task",
    "logoUrl": "",
    "contextualTriggers": [{
      "unconditional": {
      "onTriggerFunction": "getContextualAddOn"
    "primaryColor": "#000000",
    "secondaryColor": "#888888",
    "version": "TRUSTED_TESTER_V2",
    "openLinkUrlPrefixes": [

As soon as you save all changes you are ready to publish your add-on. Unfortunately the Gmail add-ons store is not publicly available yet. However, you can get the ID of your add-on and distribute it to your company co-workers in order to allow them install your add on in their gmail accounts. See images below:

Gmail Add-on ID
Gmail Add-on ID
Add-ons in Gmail settings
Add-ons in Gmail settings

I know that it’s frustrating not being able to publish an add-on to all gmail users around the world yet. Anyway, I already have two cool ideas to implement as soon as I was able to distribute it at least to my friends. Something to draw an ordered tree of a conversation thread and an add-on to respond an e-mail with a video in an easy way. And you? What ideas are coming to your head?

How to implement a distributed OAuth 2.0 system

Some months ago (more than a year), I was playing with the WordPress REST API. I did an analysis about how to implement a distributed OAuth 2.0 system as an attempt to collaborate with the community. I wrote it as a comment over a discussion post, but I am going to replicate that here in order to save it with my other ideas and works.

  • is the site of the app
  • is the WP site of the developer in which I defined the app as multitenant
  • is the WP site of the user who wants authorize to interact

01- User access to and says “Hey, I want to use this cool app”
02- ask for its server and user writes
03- ask to to identify the user
04- the user writes his credentials in
05- redirects to with a code saying “Yeah, this man is my man”
06- then ask to and says “Hey, I have a user with a code that wants to acces to the resource and I am the (this is my client_id and this my client_secret)”
07- generates a token
08- says to “Hey, I just generated this token that expires in 3600 seconds”
09- says “I would prefer not to work, but you know, it’s ok”
10- sends the response to with the token
11- then using the token, can now ask to to do some stuff

If you look at this diagram

Abstract Protocol Flow
Abstract Protocol Flow

Client =
Resource Owner =
Authorization Server =
Resource Server =

The RFC says:

“The interaction between the authorization server and resource server
is beyond the scope of this specification. The authorization server
may be the same server as the resource server or a separate entity.
A single authorization server may issue access tokens accepted by
multiple resource servers.”

but with some conversation like the one in 8 and 9 it could be resolved.

Big Data talks

I was attending a talk about Big Data past week. The organizer was Ascentic and the speakers were IT workers from Cantabria with high responsibilities in their companies. I think that it is interesting know about different use cases on different sectors.

[Leelo en español en CantabriaTIC]

Celestino Güemes works at Atos Worldgrid and he is a member of its wise committee. He was talking about “new” types of analytic and the issues. He explained us that analytics of historic data is something easy nowadays. However, systems are evolving with predictive analytics and prescriptive analytics, providing to an operator possible actions to take, and what is the recommended one.

He also remarked the use of deep learning and multi-sided market analytic platforms to develop new products and services.

He exposed some interesting and real cases as example of the different types of use of Big Data:

Operational excellence: An oil company uses drilling heads with 120 sensors. They can analyze the data in real time and compare them with the historic  data to know when a head will break avoiding problems.

User experience: They work for a telecommunications provider in the relation between mobile network configuration and use of the clients. For example, they can detect where a user lives or works based on the network elements the user uses. They also can improve the quality of service for a specific VIP user when she is using Youtube during a trip or notify a client with information or an offer when he walk into a street (this is very similar to what I did with my team at GPMESS, my last company).

Bussiness re-invention: A seller of electricity is putting their data with other data sources to look for new possible services and business models. They are exploring things like detect the different machines in a house and offer discounts in new machines when they detect a problem in one of them based on the use of electricity.

Confidence and compliance: he is working in a solution to detect non-technical economic losses (frauds and errors) for electricity companies. These losses represent 1% of the business (3.7M€ per year).

Miguel Sierra is a manager at CIC. He leads a product called IDbox that is a software for Operational Intelligence. It integrates all available information sources, processes that captured signals and offers the tools for analysis to assist in operational decision making. This product is used by companies from different sectors: nuclear plants, electricity companies, private parking companies, water companies, and also high performance sports training.

He was talking about their history and how they became a company with high expertise on Big Data.

He said that the size is important but the frequency is more important. They process 1.5M signals from Iberdrola each second and 80K signals from a nuclear plant each 20 milliseconds (it is almost the same that 4M signals each second).

They help business that are not scalable at first sight providing them ways to become scalable and more profitable companies. He used the example of a clinic that work with professional athletes. They needed a doctor attending a single athlete inside their installations. Now they can provide a service to other clinics and gyms monitoring trainings from a control center operated by a group of doctors. A single doctor can work now with more than 20 athletes that are training at anyplace.

Raul Uría, CEO at Zzircon Business Intelligence. He did a basic presentation thinking in non-technical attendees. He explained what is and for what is the data mining. He showed a complete example with a single product (a slide for kids) talking how data mining helps to know to what users you have to offer this product, and how you should impact them and what message you should use.

I am sure that it was a great explanation for people that are not involved on IT everyday.