Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Practical Network for Android Developers

Practical Network for Android Developers

In this talk we are gonna be talking about the Network data layer with a different vision that usually is addressed, cause networking on Android is difficult to work with, with multiples carriers, streaming different and rich contents, and all of this should arrive at our users without missing a single detail.

We will cover the next couple of topics:

Part 1 — HTTP and Network Layer
Part 2 — TLS, Certificates, and Pinning
Part 3 — Authenticators and Interceptors
Part 4 — Performance, Redundancy, and Concurrency
Part 5 — Testing and Integration

Dinorah Tovar

March 31, 2021
Tweet

More Decks by Dinorah Tovar

Other Decks in Technology

Transcript

  1. Practical Network for Android Developers Dinorah Tova r Google Developer

    Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar
  2. Network means a lot of things @ddinorahtovar 
 Data Layer

    Network 
 Presentation Layer UI Models Entities Domain Layer
  3. Network means a lot of things @ddinorahtovar •Request — Make

    an HTTP request to an URL •Response — Will return an error or success •Data that can be parsed — Parsing of a String as response to a Data Class
  4. Network Errors are for surviving @ddinorahtovar •1xx — Everything is

    cool, just wait a little bit •2xx — Everything is fine, fully successful •3xx —The response is somewhere else
  5. Network Errors are for surviving @ddinorahtovar •4xx— The request by

    the client is poorly fulfilled, so this is an error from the mobile side •5xx — The server failed to fulfill a correct request, so this is an error from the backend side
  6. Http Methods @ddinorahtovar GET PATCH DELETE POST PUT •GET —

    Push data from server •POST — Create new resources •PUT — Update resources •PATCH — Update specific resources •DELETE — Delete resources
  7. Cache @ddinorahtovar •Database Catching — Database provide an impactful factor

    of your app performance. •CDN — Global network of edge locations to deliver a cached copy of your APIs content •DNS — Every domain request made on the internet essentially queries DNS cache servers in order to resolve the IP address
  8. Cache policies @ddinorahtovar •Designed for non suffering and be aware

    that not everything change in a second •File allocation •max-age [Max time available] •Size space
  9. Transport Layer Security (TLS) @ddinorahtovar •Transport Layer Security (TLS) is

    the successor protocol to SSL. TLS is an improved version of SSL. •Depends on HTTP and the multiple flavors available
  10. TSL depends of HTTPs @ddinorahtovar Version Content Http/1.1 
 with

    TLS Http/2 
 with TLS TLS streams, TCP streams & Packages Frames division UDP packages + QUIC streams Http/3 
 with TLS
  11. TSL depends of HTTPs @ddinorahtovar HTTP/1.1 
 TCP streams and

    packets HTTP/2 
 Frames division HTTP/3 
 QUIC streams
  12. TSL @ddinorahtovar •Using HTTPS in our servers is enough? •Want

    to be safe? Then, lets talk about encryption •Short Answer: No
  13. Certificates @ddinorahtovar •In a typical SSL usage scenario, a server

    is configured with a certificate containing a public key as well as a matching private key. As part of the handshake between an SSL client and server, the server proves it has the private key by signing its certificate with public-key cryptography
  14. Loggin interceptors @ddinorahtovar •They give us information about the Headers

    or Body levels of the request and response •Only Debug •They can leak information
  15. Network interceptors @ddinorahtovar •They give us the chance to modify

    request and responses •Can be used in production •Amazing for handling errors like 401!
  16. Network interceptors @ddinorahtovar •Do we need it like that? •Let’s

    do it in a cool way -> •Short Answer: well, maybe no
  17. Authenticator @ddinorahtovar •Returns a request that includes a credential to

    satisfy an authentication •Authenticate by returning a follow-up request that includes an authorization
  18. Authenticator @ddinorahtovar Your App Authenticator Your server 401 Try to

    access Refresh Refresh Normal request Normal request
  19. MockWebServer @ddinorahtovar •Let you manipulate the responses and let you

    verify request were made as expected •Testing of: •Request/Response •Body’s responses •Header’s
  20. Practical Network for Android Developers Dinorah Tova r Google Developer

    Expert
 Platform Mobile Engineer
 @ konfío.mx @ddinorahtovar @ddinorahtovar