Android Lessons YouWon’t Learn in School   Michael Galpin, Bump Technologies
About Me•   Apps    •   Bump, eBay Mobile•   Android in Practice•   Social    •   @michaelg    •   +Michael Galpin
Agenda•   Architecture, now and    then•   Security•   Misc    •   Logging    •   Hybrids    •   SDKs    •   Testing
Architecture?You have it    ... even if you’ve never         thought about it So maybe you should think         about it.
TheCloud
TheCloud
The         Cloud•Transport
The         Cloud•Transport•Format
HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
FormatXML            JSON
XML• SAX • android.sax• DOM• XmlPullParser
JS  O   N      !
Don’t forget to zip
New World Architecture
Sockets• TCP • WebSockets• UDP
No blocking allowed• Netty, Mina (Java)• Twisted, Diesel (Python)• EventMachine (Ruby)• Node.js (JavaScript)• Nitrogen (Er...
Harder, Better, Faster, Stronger
Optimized Formats• Protocol Buffers• Thrift• MessagePack• Fast Infoset• BSON
The Web Model• Login page (HTTPS)• HTTP Cookie • Expiry
Mobile Logins
Logging In• Full Native • Requires “Login API”                          User Experience• Embedded Web Browser             ...
Tokens• Obtained from API or OAuth flow • Equivalent to username + password• Storage• Expiry
Defending Your Servers• Need per-user throttles • Can’t count on IP addresses• Expect many legit login failures• Anything ...
Logging
What to log• User Actions • Key to A/B Testing• Crashes & Exceptions
Logging User Actions• Log a lot ... but don’t saturate your  network connection• Batch logs together • But don’t block UI ...
Crash Logs• Create your own         UncaughtExceptionHandler •   Thread.setDefaultUncaughtExceptionHandler • Log crash on....
Even More Crash LogsProcess process =    Runtime.getRuntime().exec(String.format("logcat -t %d", 100));InputStream stream ...
Android Hybrids       App                              Web Page                         InterfaceEasy to expose “native” f...
WebView webView = (WebView) findViewById(R.id.web_view);WebSettings settings = webView.getSettings();settings.setJavaScrip...
Why hybrid• Specialized scenarios (OAuth)• Server driven UI • Testing, experimentation• Leverage web development skills• C...
Mobile SDKIf you build it, they will come?
Public Web Services         (APIs)• Derive value from 3rd party access• Legacy services • Designed for servers and PCs• Lo...
An SDK should...• Provide local APIs to: • Handle network communication • Handle serialization of requests • Handle deseri...
The Java™ Way• Generate code (bindings) for requests,  responses, error objects• Provide runtime library for serialization...
Testing
FAQs• Which devices?• How many devices?• How do you get access to devices?
I tested the app on my phone             ...while eating a pound of bacon.
Numbers Game*Maybe consider: Carriers (CDMA/GSM)
How to get devices• Buy! • Don’t forget international• Device labs• “Mechanical turk” services
Questions?
Android lessons you won't learn in school
Android lessons you won't learn in school
Android lessons you won't learn in school
Android lessons you won't learn in school
Android lessons you won't learn in school
Android lessons you won't learn in school
Upcoming SlideShare
Loading in...5
×

Android lessons you won't learn in school

1,688

Published on

This is a talk about some of the higher level topics that you need to think when design an Android app. These include architecture, security, hybrid apps, SDKs, logging, and testing.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,688
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
33
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • MG\n
  • \n
  • \n
  • \n
  • Android lessons you won't learn in school

    1. 1. Android Lessons YouWon’t Learn in School Michael Galpin, Bump Technologies
    2. 2. About Me• Apps • Bump, eBay Mobile• Android in Practice• Social • @michaelg • +Michael Galpin
    3. 3. Agenda• Architecture, now and then• Security• Misc • Logging • Hybrids • SDKs • Testing
    4. 4. Architecture?You have it ... even if you’ve never thought about it So maybe you should think about it.
    5. 5. TheCloud
    6. 6. TheCloud
    7. 7. The Cloud•Transport
    8. 8. The Cloud•Transport•Format
    9. 9. HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
    10. 10. HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
    11. 11. HTTP• Apache HTTP Client • DefaultHttpClient • AndroidHttpClient• HttpURLConnection • java.net.URL
    12. 12. FormatXML JSON
    13. 13. XML• SAX • android.sax• DOM• XmlPullParser
    14. 14. JS O N !
    15. 15. Don’t forget to zip
    16. 16. New World Architecture
    17. 17. Sockets• TCP • WebSockets• UDP
    18. 18. No blocking allowed• Netty, Mina (Java)• Twisted, Diesel (Python)• EventMachine (Ruby)• Node.js (JavaScript)• Nitrogen (Erlang)
    19. 19. Harder, Better, Faster, Stronger
    20. 20. Optimized Formats• Protocol Buffers• Thrift• MessagePack• Fast Infoset• BSON
    21. 21. The Web Model• Login page (HTTPS)• HTTP Cookie • Expiry
    22. 22. Mobile Logins
    23. 23. Logging In• Full Native • Requires “Login API” User Experience• Embedded Web Browser Security • “OAuth”• External Web Browser
    24. 24. Tokens• Obtained from API or OAuth flow • Equivalent to username + password• Storage• Expiry
    25. 25. Defending Your Servers• Need per-user throttles • Can’t count on IP addresses• Expect many legit login failures• Anything your client can do, evil clients can do too
    26. 26. Logging
    27. 27. What to log• User Actions • Key to A/B Testing• Crashes & Exceptions
    28. 28. Logging User Actions• Log a lot ... but don’t saturate your network connection• Batch logs together • But don’t block UI thread• Send when the user’s not busy
    29. 29. Crash Logs• Create your own UncaughtExceptionHandler • Thread.setDefaultUncaughtExceptionHandler • Log crash on... • next app launch • from background Service
    30. 30. Even More Crash LogsProcess process = Runtime.getRuntime().exec(String.format("logcat -t %d", 100));InputStream stream = process.getInputStream();<uses-permission android:name="android.permission.READ_LOGS" />
    31. 31. Android Hybrids App Web Page InterfaceEasy to expose “native” features to JSCalling JS from native code, more hacky
    32. 32. WebView webView = (WebView) findViewById(R.id.web_view);WebSettings settings = webView.getSettings();settings.setJavaScriptEnabled(true);settings.setDomStorageEnabled(true);settings.setDatabasePath("/data/data/my.package/folder");webView.setWebChromeClient(new WebChromeClient(){ @Override public boolean onConsoleMessage(ConsoleMessage msg){ // pipe this to LogCat }});webView.addJavascriptInterface(new MyInterface(), "zorro");webView.loadUrl("javascript:tarzan.start()");
    33. 33. Why hybrid• Specialized scenarios (OAuth)• Server driven UI • Testing, experimentation• Leverage web development skills• Cross platforms? • UX <===> $$$
    34. 34. Mobile SDKIf you build it, they will come?
    35. 35. Public Web Services (APIs)• Derive value from 3rd party access• Legacy services • Designed for servers and PCs• Lower barrier of use • Enforce usage patterns / security
    36. 36. An SDK should...• Provide local APIs to: • Handle network communication • Handle serialization of requests • Handle deserialization of responses • Deal with security • Provide useful errors
    37. 37. The Java™ Way• Generate code (bindings) for requests, responses, error objects• Provide runtime library for serialization/ deserialization• Lots of code and lots of methods! • Larger APKs • 65536 methods allowed / dex file
    38. 38. Testing
    39. 39. FAQs• Which devices?• How many devices?• How do you get access to devices?
    40. 40. I tested the app on my phone ...while eating a pound of bacon.
    41. 41. Numbers Game*Maybe consider: Carriers (CDMA/GSM)
    42. 42. How to get devices• Buy! • Don’t forget international• Device labs• “Mechanical turk” services
    43. 43. Questions?
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×