APIs públicas para tus proyectos

Año nuevo: proyecto nuevo. Estoy seguro de que sois muchos los que estáis empezando un sideproject como propósito para el nuevo año. A la hora de elegir la mejor idea, si no queréis picar un montón de código, os vendrá bien saber que APIs tenéis disponibles para juntarlas, remezclarlas y sacar alguna funcionalidad chula.

API photo
Photo by abraham.williams

Es muy importante saber qué herramientas tienes disponibles, y es un conocimiento que además os puede venir muy bien para enfocar mejor esos momentos de desorden en el que vienen un montón de ideas a la cabeza.

Pero, no corráis a poneros a buscar en Google “API pública”, por favor. Hay maneras de optimizar el tiempo para que todo lo que dediquéis sea de experimentación y absorción de conocimiento. Además, si optáis por la primera opción, es muy posible que os encontréis que cada una está definida y documentada como su padre y su madre han creído oportuno: puede ser una auténtica locura.

Hay gente que ya se ha encargado de juntar un montón de definiciones de APIs públicas, de tal modo que tu las tengas a mano y ordenadas. Además, así puedes acceder a todas de una misma forma y tener la documentación de una forma más estandarizada.

Para cacharrear con ellas puedes hacerlo como prefieras: desde la web; con un sdk para tu plataforma preferida; o incluso desde la línea de comandos. Sin embargo, si me pedís la recomendación más cómoda (aunque por el momento es la que menos APIs tiene disponibles) yo optaría por una colección para el postman, que es una extensión de Chrome que me tiene enamoradito desde hace años.

Ánimo, elegid vuestro sabor preferido y dadle vida a ese nuevo proyecto.

How to implement a distributed OAuth 2.0 system

Some months ago (more than a year), I was playing with the WordPress REST API. I did an analysis about how to implement a distributed OAuth 2.0 system as an attempt to collaborate with the community. I wrote it as a comment over a discussion post, but I am going to replicate that here in order to save it with my other ideas and works.

  • coolapp.com is the site of the app
  • cooldev.com is the WP site of the developer in which I defined the app as multitenant
  • cooluser.wordpress.com is the WP site of the user who wants authorize coolapp.com to interact

01- User access to coolapp.com and says “Hey, I want to use this cool app”
02- coolapp.com ask for its server and user writes cooluser.wordpress.com
03- coolapp.com ask to cooluser.wordpress.com to identify the user
04- the user writes his credentials in cooluser.wordpress.com
05- cooluser.wordpress.com redirects to coolapp.com with a code saying “Yeah, this man is my man”
06- coolapp.com then ask to cooldev.com and says “Hey, I have a user with a code that wants to acces to the resource cooluser.wordpress.com and I am the coolapp.com (this is my client_id and this my client_secret)”
07- cooldev.com generates a token
08- cooldev.com says to cooluser.wordpress.com “Hey, I just generated this token that expires in 3600 seconds”
09- cooluser.wordpress.com says “I would prefer not to work, but you know, it’s ok”
10- cooldev.com sends the response to coolapp.com with the token
11- then coolapp.com using the token, can now ask to cooluser.wordpress.com to do some stuff

If you look at this diagram

Abstract Protocol Flow
Abstract Protocol Flow

Client = coolapp.com
Resource Owner = cooluser.wordpress.com
Authorization Server = cooldev.com
Resource Server = cooluser.wordpress.com

The RFC says:

“The interaction between the authorization server and resource server
is beyond the scope of this specification. The authorization server
may be the same server as the resource server or a separate entity.
A single authorization server may issue access tokens accepted by
multiple resource servers.”

but with some conversation like the one in 8 and 9 it could be resolved.

Reverse Geocoding: Bing Maps REST Services

Provider: Microsoft Corp.
Url: https://msdn.microsoft.com/en-us/library/ff701710.aspx
Provider Client Libraries: Javascript, .Net
Multiple Languages: Yes
Limitations: Developer account: 10,000 transactions within 30 days period

 

Batch processing: 1,000,000 geocode entities non-billable transactions in any 12 month period

 

Windows Apps: 50,000 transactions per day

 

No Windows mobile apps: 125,000 per year

 

Information wizard: https://www.microsoft.com/maps/Licensing/licensing.aspx

 

If Enterprise prices do not need to be considered, base prices can be seen as a component of Azure subscriptions:

https://azure.microsoft.com/en-us/marketplace/partners/bingmaps/mapapis/

Price: Different prices that depends on the use.

 

Example request:

http://dev.virtualearth.net/REST/v1/Locations/47.64054,-122.12934?o=json&key=BingMapsKey

 

Example response:

{
   "authenticationResultCode":"ValidCredentials",
   "brandLogoUri":"http:\/\/dev.virtualearth.net\/Branding\/logo_powered_by.png",
   "copyright":"Copyright © 2011 Microsoft and its suppliers. All rights reserved. This API cannot be accessed and the content and any results may not be used, reproduced or transmitted in any manner without express written permission from Microsoft Corporation.",
   "resourceSets":[
      {
         "estimatedTotal":1,
         "resources":[
            {
               "__type":"Location:http:\/\/schemas.microsoft.com\/search\/local\/ws\/rest\/v1",
               "bbox":[
                  47.636705672917948,
                  -122.137016420622,
                  47.6444311080593,
                  -122.1217297861384
               ],
               "name":"1 Microsoft Way, Redmond, WA 98052",
               "point":{
                  "type":"Point",
                  "coordinates":[
                     47.640568390488625,
                     -122.1293731033802
                  ]
               },
               "address":{
                  "addressLine":"1 Microsoft Way",
                  "adminDistrict":"WA",
                  "adminDistrict2":"King Co.",
                  "countryRegion":"United States",
                  "formattedAddress":"1 Microsoft Way, Redmond, WA 98052",
                  "locality":"Redmond",
                  "postalCode":"98052"
               },
               "confidence":"Medium",
               "entityType":"Address",
               "geocodePoints":[
                  {
                     "type":"Point",
                     "coordinates":[
                        47.640568390488625,
                        -122.1293731033802
                     ],
                     "calculationMethod":"Interpolation",
                     "usageTypes":[
                        "Display",
                        "Route"
                     ]
                  }
               ],
               "matchCodes":[
                  "Good"
               ]
            }
         ]
      }
   ],
   "statusCode":200,
   "statusDescription":"OK",
   "traceId":"99b1256e09044490bce82bbbba1dab7a"
}

 

Reverse Geocoding: Nominatim

Provider: OpenStreetMaps
Url: http://wiki.openstreetmap.org/wiki/Nominatim#Reverse_Geocoding
Provider Client Libraries:
Multiple Languages: Yes
Limitations: 1 request per second (86400 per day)
Price: Free

 

You can use thid party providers or install your own instance

 

Example request:

http://nominatim.openstreetmap.org/reverse?format=xml&lat=52.5487429714954&lon=-1.81602098644987&zoom=18&addressdetails=1

Example response:

<reversegeocode timestamp="Fri, 06 Nov 09 16:33:54 +0000" querystring="...">
   <result place_id="1620612" osm_type="node" osm_id="452010817">
     135, Pilkington Avenue, Wylde Green, City of Birmingham, West Midlands (county), B72, United Kingdom
   </result>
   <addressparts>
     <house_number>135</house_number>
     <road>Pilkington Avenue</road>
     <village>Wylde Green</village>
     <town>Sutton Coldfield</town>
     <city>City of Birmingham</city>
     <county>West Midlands (county)</county>
     <postcode>B72</postcode>
     <country>United Kingdom</country>
     <country_code>gb</country_code>
   </addressparts>
</reversegeocode>

Reverse Geocoding: Google Maps API

Provider: Google Inc.
Url: https://developers.google.com/maps/documentation/geocoding/intro#ReverseGeocoding
Provider Client Libraries: Javascript, Java, Python, Android, iOS
Multiple Languages: Yes
Limitations: 2,500 free requests per day, 10 per second
Price: Free: 2,500 requests per day

 

Pay as you go: $0.50 USD / 1000 additional requests, up to 100,000 daily.

 

Google Maps API for Work: it depends on the purchased quota https://developers.google.com/maps/documentation/business/

Example request:

https://maps.googleapis.com/maps/api/geocode/json?latlng=40.714224,-73.961452&key=APP_SPECIFIC_API_KEY

Example response:

{
	"results" : [
		{
		"address_components" : [
			{
				"long_name" : "277",
				"short_name" : "277",
				"types" : [ "street_number" ]
			},
			{
				"long_name" : "Bedford Avenue",
				"short_name" : "Bedford Ave",
				"types" : [ "route" ]
			},
			{
				"long_name" : "Williamsburg",
				"short_name" : "Williamsburg",
				"types" : [ "neighborhood", "political" ]
			},
			{
				"long_name" : "Brooklyn",
				"short_name" : "Brooklyn",
				"types" : [ "sublocality", "political" ]
			},
			{
				"long_name" : "Kings",
				"short_name" : "Kings",
				"types" : [ "administrative_area_level_2", "political" ]
			},
			{
				"long_name" : "New York",
				"short_name" : "NY",
				"types" : [ "administrative_area_level_1", "political" ]
			},
			{
				"long_name" : "United States",
				"short_name" : "US",
				"types" : [ "country", "political" ]
			},
			{
				"long_name" : "11211",
				"short_name" : "11211",
				"types" : [ "postal_code" ]
			}
		],
		"formatted_address" : "277 Bedford Avenue, Brooklyn, NY 11211, USA",
		"geometry" : {
			"location" : {
				"lat" : 40.714232,
				"lng" : -73.9612889
			},
			"location_type" : "ROOFTOP",
			"viewport" : {
				"northeast" : {
					"lat" : 40.7155809802915,
					"lng" : -73.9599399197085
				},
				"southwest" : {
					"lat" : 40.7128830197085,
					"lng" : -73.96263788029151
				}
			}
		},
		"place_id" : "ChIJd8BlQ2BZwokRAFUEcm_qrcA",
		"types" : [ "street_address" ]
		},
		
		... Additional results[] ...

Autenticación sin SubscriptionKey en el API Manager de Azure

Hoy os contaré, como realizar llamadas autenticadas en el API Manager de Azure sin necesidad de pasar el SubscriptionKey como parte del request.

Seguir leyendo en CantabriaTIC.