Senior Program Manager 3603 Building Web APIs For Mobile Apps Using ASPNET Web API 21 3603 Oh no My mobile app needs a backend service XAML MVVM SOAP REST OData Which framework Hosting ID: 211418
Download Presentation The PPT/PDF document "Daniel Roth" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1Slide2
Daniel RothSenior Program Manager3-603
Building Web APIs For Mobile Apps Using ASP.NET Web API 2.1
3-603Slide3
Oh no!
My mobile app needs a backend service!Slide4
XAML?
MVVM?Slide5
SOAP? REST? OData?Which framework?
Hosting?Security?Consuming?Offline? Notifications? Etc.
The
mysteries
of building backend services for mobile apps
?
?
?
?
?Slide6
How to call a SOAP service from popular mobile platforms?http://
www.bing.com/search?q=how+to+call+a+soap+service+from+ios
SOAP is not mobile friendly
http
://www.codeproject.com/Tips/622376/iOS-Soap-Webservice-Calling-and-Parsing-the-Resp
If you need SOAP then use WCFSlide7
UbiquitousInteroperableScalable
FlexibleMatureSimple
HTTP and mobile – made for each otherSlide8
WCF Web HTTP
WCF Data Services
ASP.NET MVC
The many faces of HTTP frameworks in .NET
ASP.NET
Web
APISlide9
ASP.NET Web API
A framework for creating HTTP services
that can reach a broad range of clients including browsers and mobile devicesSlide10
Why ASP.NET Web API?
First-class modern HTTP programming modelEasily map resources to URIs
and implement
the uniform interface of HTTP
Rich support for formats and HTTP content negotiation
Request validation
Enable hypermedia
with link
generationSeparate out cross cutting concernsHelp page generationFlexible hostingLight-weight, testable, scalesSlide11
ASP.NET Web API 2Attribute routing
Improved testability (IHttpActionResult
,
HttpRequestContext
)
OData: $select, $expand, $value, $batch
Request batching
OWIN integration
Portable Web API clientsWeb API security (CORS, OAuth 2.0, authentication filters, filter overrides)ASP.NET Web API 2.1
Attribute routing improvementsGlobal error handlingHelp page improvementsIgnoreRoute supportBSON formatterBetter async
filtersPortable query building and parsingWhat’s new?Slide12
Get it from NuGet
ASP.NET Web API 2 ships with Visual Studio 2013Install ASP.NET and Web Tools 2013.1 for Visual Studio 2012ASP.NET Web API 2.1
ships
with Visual Studio 2013.2
Requires .NET 4.5 or later
Docs
and samples at
http://www.asp.net/web-api
Includes free Pluralsight courses!See the code at http://aspnetwebstack.codeplex.com
Try out the latest nightly build on MyGet
Getting started with ASP.NET Web API 2.1Slide13
DEMO Your first Web APISlide14
REST: Architectural style for distributed systems
Defined by a set of constraints (client-server, stateless, cacheable, layered, uniform interface)Induced properties: performance, scalability, evolvability, reliability, transparency
Do as the Web does
OData
: Open and standardized HTTP-based protocol
for
interacting with REST-based data services
Solve common Web API problems (query, batching, paging, relationships, metadata, etc.) in an open and standardized way
Rich ecosystem of clients, services and frameworksREST and ODataSlide15
Components for building OData servicesModel builders, formatters, path and query parsers, expression generators, etc.
Use as much or as little as you wantCreate OData services in three easy steps:
Define your model
Add your OData route
Implement your entity
sets
New OData scaffolding in Visual Studio 2013 makes it even easier!
ASP.NET Web API ODataSlide16
DEMO Scaffolding an OData serviceSlide17
Based on new ODataLib support for OData v4.0
Side-by-side with Web API OData v3.0 services
Public nightly builds available on
MyGet
(
System.Web.OData
)
*NEW!* Web API 2.2 for OData v4.0Slide18
Lots of new features
Model aliasingFunctionsEnums
Model q
uery annotations
Attribute
routing
$format
Etags
SingletonsContainmentSee details on http://blogs.msdn.com/b/webdev/
*NEW!* Web API 2.2 for OData v4.0Slide19
Build client logic as portable class libraries
Portable
Phone
Windows
DesktopSlide20
DEMO Portable logic for mobile clientsSlide21
Make it secure . . .
No pretending!Slide22
Use authorization filters (ex [Authorize])Implement your authorization logic
Derive from AuthorizationFilterAttribute or implement
IAuthorizationFilter
Apply globally, per controller or per action
Prevent unauthorized access to Web APIsSlide23
Authorize requests using OAuth 2.0 Bearer tokens
Pass bearer token in request using standard Authorization header with scheme “Bearer”OAuth
2.0 bearer authentication middleware validates tokens and converts tokens into claims
Must be paired with SSL
!
Make your Web APIs secure with
OAuth
2.0
Protected
Resource
Client
OAuth
Bearer
Authn
×
Authorization: Bearer <token>Slide24
OAuth 2.0 Bearer token support via OWIN
public class
Startup
{
public void
ConfigureAuth
(
IAppBuilder
app)
{
app.UseOAuthBearerAuthentication
(
new
OAuthBearerAuthenticationOptions
());
}
}Slide25
Two options:1. Host your own
Simple built-in authorization server based on Microsoft OWIN ComponentsUse ThinkTecture
AuthorizationServer
for a full featured experience
2. Use an existing one
Windows Azure Active Directory
Active Directory Federation Services in Window Server 2012 R2
Windows Azure Mobile ServicesGet tokens from a trusted authorization server Slide26
Collect the user’s credentials (username/password)
Exchange them for an access token
Use the access token to call your Web API
Simple resource owner credentials flowSlide27
DEMO Mobile apps calling secure Web APIsSlide28
Full Todo sample available at
https://aspnet.codeplex.com/SourceControl/latest#Samples/WebApi/Todo/ReadMe.txt
Slide29
DEMO Secure your Web APIs with Azure ADSlide30
Building Native Client and Mobile Apps using Azure Active Directory for Sign
In (3-598)Building Enterprise and SaaS Web Apps and Web APIs using Azure Active Directory for Sign
In (3-599)
Working with organizational accountsSlide31
A Backend for Your Enterprise Employee in seconds Your Backend Logic via .NET Web API
Turn-key Mobile Backend CapabilitiesSecure data store/query/page with heterogeneous backends
Azure Active Directory
Support occasionally connected apps
Client SDK for
iOS
, Android, Windows,
WinPhone
, Xamarin, PhoneGap, SenchaIntegration With Your On-Premise Enterprise Systems, O365We Manage, Run, and Monitor your backend for
youMicrosoft Azure Mobile Services .NETSlide32
Push Notifications
Store Data in the Cloud
User Authentication
Windows Store
iOS
Android
Xamarin
Sencha
Windows Phone
iOS
Android
HTML 5/JS
SDKs
Node.js Express
.NET Web API
REST API
Facebook
Twitter
Microsoft
Google
Active Directory
SQL
Table Storage
Blob Storage
WNS & MPNS
APNS
GCM
Mongo DB
Notification Hubs
Source Control
Microsoft Azure Mobile
Services
OverviewSlide33
Powerful Mobile Apps with Mobile Services and ASP.NET Web API (3-623, 4/3 @5:30p)
Building Cross-Platform Line of Business Apps with Mobile Services (3-622, 4/4 @12:30p)
Azure Mobile Services .NET at BUILDSlide34
ASP.NET Web API 2.1 makes it easy to build secure Web APIs for your mobile appsShare your client logic and view models across your mobile apps using portable libraries
Host your Web APIs with Azure Mobile Services .NET to get the royal treatment
SummarySlide35
WOW!
ASP.NET
Web API
Rocks!Slide36
Resource
Docs: http://www.asp.net/web-api
Source:
http://www.aspnetwebstack.codeplex.com
Related talks:
3-623
Powerful
Mobile Apps with Mobile Services and ASP.NET Web API3-622 Building Cross-Platform Line of Business Apps with Mobile Services3-598 Building Native Client and Mobile Apps using Azure Active Directory for Sign In
3-599 Building Enterprise and SaaS Web Apps and Web APIs using Azure Active Directory for Sign In3-644 Building a Single Page Application with ASP.NET and AngularJSSlide37
Your Feedback is Important
Fill out an evaluation of this session
and help shape future events.
Scan the QR code
to evaluate
this session on your mobile device.
You’ll also be entered into
a daily prize drawing!Slide38
©
2014
Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.