Brewing Beer with Windows Azure - NDC2013

1. Brewing Beer with Windows Azure Maarten Balliauw @maartenballiauw
2. Who am I? Maarten Balliauw Technical Evangelist, JetBrains AZUG Focus on web ASP.NET MVC, Windows Azure, SignalR, ... MVP Windows Azure & ASPInsider http://blog.maartenballiauw.be @maartenballiauw Shameless self promotion: Pro NuGet - http://amzn.to/pronuget http://www.myget.org
3. Setting expectations
4. Agenda Brewing beer BrewBuddy Windows Azure Websites Service Bus & Access Control Service (ACS) We need an API Q&A
5. Brewing Beer Turn water into beer
6. How it started…
7. How it started… MVP Summit 2011 Wade Wegner talks about his homebrewing hobby MVP Summit 2012 Wade Wegner talks about his homebrewing hobby Let’s do it!
8. The process Get your kettle clean Add & boil ingredients Pour in kettle Add yeast Rinse
9. Brewing = cleaning!
10. The process Wait for fermentation to complete
11. The process Pour into another kettle Rinse Wait another week Bottling time!
12. Difficult part… Wait at least 6 weeks for it to age
13. Maarten… What does this have to do with Windows Azure?
14. BrewBuddy.net Social brewing!
15. BrewBuddy View public recipes Manage your own recipes Manage your own brews Monitor brew fermentation
16. demo BrewBuddy Social brewing at a glance
17. Architecture Public website Windows Azure Web Sites Database SQL Azure database Sensor data processing Windows Azure Worker Role Sensor data Service Bus topic Sensor Whatever…
18. Windows Azure Web Sites Scale fast, fail fast
19. Windows Azure Web Sites  Build with ASP.NET, Node.js or PHP  Deploy in seconds with FTP, Git or TFS  Start for free, scale up as your traffic grows
20. 1 SHARED INSTANCES shared Windows Azure Web Sites
21. 2 SHARED INSTANCES shared Windows Azure Web Sites
22. SHARED INSTANCES 1 RESERVED INSTANCE 0reserved Windows Azure Web Sites
23. 2 RESERVED INSTANCERESERVED INSTANCE reserved Windows Azure Web Sites
24. 2 RESERVED INSTANCE RESERVED INSTANCE reserved Windows Azure Web Sites
25. A perfect ramp-up! Start small Web Sites are cheap Start free Scale from 1 shared instance… …up to 10 reserved instances! Grow big! Hosted Service – PaaS Scale at will
26. demo Windows Azure Web Sites Creating a new web site in seconds
27. Service Bus & Access Control Service Connecting sensors
28. Windows Azure Service Bus 2 features Relay Queues, Topics, Subscriptions
29. Windows Azure Service Bus Relay Client relay
30. Topics and subscriptions Sensor
31. Characteristics Workers can scale independently Workers can fail independently Sensors connect to service bus directly No layer in between Cheaper
32. What about authN / authZ? Access Control Service to the rescue! SB authenticates clients over ACS ACS provides “Send” claim to sensor Claims can be granted/revoked easily
33. demo Access Control Service Claims for authZ on Service Bus
34. Public website Windows Azure Web Sites Database SQL Azure database Sensor data processing Windows Azure Worker Role Sensor management Access Control Service Sensor data Service Bus topic Sensor Whatever… Architecture
35. How do you link a sensor? Every sensor has its sensor ID Add it as an identity to ACS Grant a “Send” claim
36. demo Linking a sensor to a brew Registering a sensor with Access Control Service
37. We need an API
38. Consuming the web 2000-2008: Desktop browser 2008-2012: Mobile browser 2008-2012: iPhone and Android apps 2010-2014: Tablets, tablets, tablets 2014-2016: Your fridge (Internet of Things)
39. Twitter & Facebook By show of hands
40. Make everyone API (as the French say)
41. What is an API? Software-to-Software interface Contract between software and developers Functionalities, constraints (technical / legal) Programming instructions and standards Open services to other software developers (public or private)
42. Expose services to 3rd parties Valuable Flexible Managed Supported Have a plan
43. Reach More Clients
44. ASP.NET Web API Part of ASP.NET MVC 4 Framework to build HTTP Services (REST) Solid features Modern HTTP programming model Content negotiation (e.g. Xml, json, ...) Query composition (OData query support) Model binding and validation (conversion to .NET objects) Routes Filters (e.g. Validation, exception handling, ...) And more!
45. demo Be detailed!Think about RFC 2324 (HTCPCP)
46. demo ASP.NET Web API Let’s craft a quick API
47. A lot of public API’s… “your API consumer isn’t really your user, but an application acting on behalf of a user” (or: API consumer != user)
48. So they do this!
49. In our own API, authN / authZ API access using OAuth2 Access Control Service to the rescue! Client authorized in BrewBuddy.net Access/refresh tokens through ACS
50. What about authN / authZ? Access Control Service Access/Refresh Token API Consumer client_id and client_secret BrewBuddy.net Initial authorization (yes/no) API implementation authorize register delegationaccess/refresh token access API
51. demo Access Control Service for API’s OAuth2 delegation Install-Package WindowsAzure.Acs.Oauth2 -IncludePrerelease
52. Takeaways
53. Keep in mind… Web Sites start cheap / scale fast Combine/grow at will (IaaS, PaaS, SaaS) Service bus for asynchrony and scale Access Control for devices Web API & Access Control
54. Thank you! http://blog.maartenballiauw. be @maartenballiauw http://amzn.to/pronuget

Editor's Notes

Maarten

Don’t show everythingyet. Just log in, show themaround the recipes, brewsand public recipes. Feel free to show the monitoring but no needto display the linking of sensors.

Show Windows Azure Web SitesShow scaling / reservedinstances

Show peoplearound the ACS porta. Show identities, claims andrulegroups.

Link a sensor to a brew. Show the effect on ACS. Show the code.

A couple of years ago, having a web-based application was enough. Users would navigate to it using their computer’s browser, do their dance and log out again. Nowadays, a web-based application isn’t enough anymore. People have smartphones, tablets and maybe even a refrigerator with Internet access on which applications can run. Applications or “apps”. We’re moving from the web towards apps.

A great example of an API is Twitter. They have a massive data store containing tweets and data related to that. They have user profiles. And a web site. And an API. Are you using www.twitter.com to post tweets? I am using the website, maybe once a year. All other tweets come either from my Windows Phone 7’s Twitter application or through www.hootsuite.com, a third-party Twitter client which provides added value in the form of statistics and scheduling. Both the app on my phone as well as the third-party service are using the Twitter API. By exposing an API, Twitter has created a rich ecosystem which drives their real value: data.

If you want to expose your data and services to external third-parties, you may want to think about building an API. Having an API gives you a giant advantage on the Internet nowadays. Having an API will allow your web application to reach more users. App developers will jump onto your API and build their app around it. Other websites or apps will integrate with your services by consuming your API. The only thing you have to do is expose a valuable, managed and supported API and get people to know it. Apps will come. Integration will come.

The mainidea of API’s is tobroadenyourreach. Youcan’tcreateappsthatcanbeused on every fridge out there, it’s way toocostly. But ifyou have a valuable service which is supported, peoplewillbuildappsaround it. Andifitmakes sense toanyonetocreate a fridge app on top of your API, itwill happen.

Be detailed! Usegood status code responses. 201 CREATED is probablybetterthanjust 200 OK whencreating a new entity.+ demo Fiddleragainst HTCPCP deployment out there

Link a sensor to a brew. Show the effect on ACS. Show the code.

I want you to remember one sentence: “your API user isn’t really your user, but an application acting on behalf of a user”. It has implications. It means you are “delegating” access to an API to a consuming application.

As anexample, take lanyrd.com. They keep track of conferences you’llbespeaking at and conferences thepeopleyou follow on Twitter are speaking at. To get that data, theyneed access to the list of peopleyou follow on Twitter. Here’swhathappens:You want to log in on Lanyrd, theyredirectyoutoTwitter’s login page. Notice the token in the address bar: itidentifies the callingapplicationtoTwitter.You log in on Twitterandgive consent with a limited scope: Lanyrdwillbeabletoseeyourtimelineand get the list of peopleyou follow. The scope is limitedtothat: Lanyrdcan’ttweet on mybehalf. Theycan’tfavoritetweets. Or sendmessages. Or do anythingelse.Twitterredirects me back toLanyrd, posting back a “refresh” tokenWhatyoudon’tsee:Lanyrdusesthat token torequestan “access token” fromTwitter.Twitter checks the validity of the incoming token and checks the origin, to make sure no otherapplication but Lanyrdcomes in withthat token.Whenvalid, Twitter returns an access token toLanyrd, containing:An access keyA new refresh tokenThe allowed scopeValiditydurationA signature- When the token expires, Lanyrduses the new refresh token to go throughthisprocessagain.

Show peoplearound the ACS porta. Show identities, claims andrulegroups.

Brewing Beer with Windows Azure - NDC2013

You are reading a preview.

Brewing Beer with Windows Azure - NDC2013

More Related Content

Viewers also liked

Similar to Brewing Beer with Windows Azure - NDC2013

More from Maarten Balliauw

Featured

Related Books

Related Audiobooks