University of Palestine Student Name: Majed Abusalama Student Number: 220060064 Teacher responsible : Yasmin Albobo College: IT
Apr 22, 2015
University of Palestine
Student Name: Majed AbusalamaStudent Number: 220060064Teacher responsible : Yasmin AlboboCollege: IT
Revised v4Presenter
Google Apps APIsRyan Boyd @ryguyrg (Google)withMarcos Farias @MarcosFariasBr (Just Digital)
Agenda•Overview
•Building in the Cloud•Data APIs
oApplication APIsoManagement APIs
•Authentication & Users•Just Digital's SSO solution
•HostingoApps Script
•Secure Data Connector•Gadgets
•Q & A
Google Apps: Tools for Today's User
GMail Huge inbox with search: keep and find everything.
Talk Business class IM and VC as easy as email.
Groups Let users easily create and work in teams.
Calendar Make sharing calendars and schedules easy.
Docs Makes collaborating as easy as creating
Sites Allow users to manage their own sites.
Video Unlock the power of video within your business.
Postini Security and compliance solutions.
The Web is the Enterprise Platform
Lots of Customers, Growing Fast
2008 2009 2010
Over 30M active users
Over 3M businesses
More than 3,000 new businesses signup every day
Building in the Cloud
Apps from Google
Google Apps
Apps from Google
Google AppsApps Marketplace
3rd Party Apps
Building in the Cloud
Apps from Google Custom Apps
Platform ServicesGoogle AppsApps Marketplace
3rd Party Apps
Building in the Cloud
Apps from Google Custom Apps
Administration
Enterprise Firewall
Platform ServicesGoogle AppsApps Marketplace
3rd Party Apps
Building in the Cloud
Data APIs Overview
Data Access APIs allow developers to integrate authenticated Google user data in their apps, using secure, standardized protocols.
Data APIs Overview
Standards-based
•Atom Publishing Protocol (AtomPub)oHTTPoREST
oAtom data format•OAuth Authorization
Authorization with OAuth
Consumer Business
Individual User is Resource Owner
Use 3-legged OAuth
Company Admin is Resource Owner
Use 2-legged OAuth
Available Libraries
•Java•.NET
•Objective-C•PHP via Zend_Gdata
•Python
Recent Developments
•Partial Response•Partial Updates (using HTTP PATCH)
•JSON-C
Application APIs
Many Integration Points
Calendar Contacts
Documents List Sites Spreadsheets
Gmail
Google Calendar
Calendars, Calendar Events, Access Control Lists•Create (POST)•Retrieve (GET)
•Update (PUT)•Delete (DELETE)
Google Calendar - Creating an Event
<atom:entry xmlns:atom='http://www.w3.org/2005/Atom'xmlns:gd='http://schemas.google.com/g/2005'>
<atom:title type='text'> Tennis with Beth</atom:title>
<atom:content type='text'> Meet for a quick lesson.</atom:content>
<gd:where valueString='Rolling Lawn Courts'></gd:where><gd:when startTime='2006-04-17T15:00:00.000Z' endTime='2006-04-17T17:00:00.000Z'></gd:when></atom:entry>
Google Calendar - Creating an Event
POST /calendar/feeds/default/private/fullHost: www.google.comContent-Length: 380Content-Type: application/atom+xml
<atom:entry xmlns:atom='http://www.w3.org/2005/Atom'xmlns:gd='http://schemas.google.com/g/2005'><atom:title type='text'>Tennis with Beth</atom:title><atom:content type='text'>Meet for a quick lesson.</atom:content><gd:where valueString='Rolling Lawn Courts'></gd:where><gd:when startTime='2006-04-17T15:00:00.000Z'endTime='2006-04-17T17:00:00.000Z'></gd:when></atom:entry>
Google Calendar - Partial Update
PATCH /calendar/feeds/default/private/full/eventIDHost: www.google.comContent-Length: 380Content-Type: application/atom+xml
<atom:entry xmlns:atom='http://www.w3.org/2005/Atom'xmlns:gd='http://schemas.google.com/g/2005'gd:fields='atom:title'>
<atom:title type='text'> Tennis with Beth and Kate</atom:title></atom:entry>
Gmail - Retrieving Email
[connection begins] C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA XLIST CHILDREN XYZZY SASL-IR AUTH=XOAUTH S: C01 OK CompletedC: A01 AUTHENTICATE XOAUTH R0VUIGh0dHBzOi8vbWFpbC5nb29nbGUuY29tL21haWwvYi9zb21ldXNS: A01 OK Success
IMAP + OAuth
Gmail - Sending Email
[connection begins] S: 220 mx.google.com ESMTP 12sm2095603fks.9 C: EHLO sender.example.com S: 250-mx.google.com at your service, [172.31.135.47] S: 250-SIZE 35651584 S: 250-8BITMIME S: 250-AUTH LOGIN PLAIN XOAUTH S: 250-ENHANCEDSTATUSCODES S: 250 PIPELINING C: AUTH XOAUTH R0VUIGh0dHBzOi8vbWFpbC5nb29nbGUuY29tL21ha WwvYi9zb21ldXNlckBleGFtcGxlLmNvbS9zbXRwLyBvYXV0aF9jb25zdS: 235 2.7.0 Accepted
SMTP + OAuth
Management APIs
Many Integration Points•Provisioning
•Calendar Resources•E-mail migration
•E-mail settings•Reporting
•Audit
Examples: E-mail Settingsimport gdata.apps.emailsettings.client...client = gdata.apps.emailsettings.client.EmailSettingsClient( domain='yourdomain')
... auth ...
client.UpdateSignature( username='liz', signature="Liz Jones - (+1) 619-555-5555\n" + "Working in Accounts Management, A&Z LTD.")
Authentication & Users
Where are the User Accounts?
Goal: They all work together!
Cloud Apps Google Apps On Premise
How does Apps work with On Premise?
•Accounts must exist in Google Apps•Passwords can be anywhere!
Where are the User Accounts?
On Premise Google Apps
What about the Passwords?
On Premise Google Apps1.OR
2. SAML
What is SAML?
•Company hosts own login page - publicly or behind a firewall
•User goes to login, Google redirects user to company login page
•Google Apps trusts the company to assert the identity of the user
What about 3rd Party Apps?
•Google Apps users can sign in with their existing accounts
•User goes to login, app redirects user to Google Apps login page
•App trusts Google to assert the identity of the user
solução de single sign-on desenvolvida pela
Desafios
•Ambiente de Login Único
•Suporte
•Caso de uso
Caso de Uso - Exemplo
Google Just SSOUsuário
2
3
Browser
6
1 Início
Usuário tenta acessar um serviço hospedado no
Google Apps
Google recebe o pedido de acesso e redireciona o browser para a url da página de Login do Just SSO
O Just SSO analisa a requisição e exibe a página com o formulário de login/senha.
Usuário informa seu login e senha4
O Just SSO verifica a credencial informada e caso seja válida e autorizado pelo Serviço de Diretório, uma resposta autorizando o acesso é enviada para o Google Apps.
7
Google verifica a resposta do Just SSO e redireciona-o ao serviço solicitado.
5
COMO FUNCIONA
Provisioning API - Passo 1
Antes de qualquer coisa, você precisa habilitar a Provisioning API no seu domínio Google Apps.
Provisioning API - Passo 2
Conecte sua aplicação à nuvem:import sample.appsforyourdomain.AppsForYourDomainClient;...AppsForYourDomainClient client = new AppsForYourDomainClient( adminEmail, adminPassword, dominio);
Provisioning API - Exemplos
Obtém o usuário:import com.google.gdata.data.appsforyourdomain.provisioning.UserEntry;
UserEntry usuario = client.retrieveUser("marcos");
Suspendendo o usuárioclient.suspendUser("marcos");
Provisioning API - Exemplos
Criando novo usuário:
client.createUser("newUser", // login/email"Usuário", // Nome"Novo", // Sobrenome"senhaInicial"); // Senha
Solução
Hosting your App
You can Host your App Anywhere!
•Servers on premise in your corporate data center•Cloud servers in Amazon EC2, Azure, etc
•Your servers at a commercial hosting service•Your desktops anywhere
App Engine too!
•Easy to build•Easy to maintain
•Easy to scale
App Engine for Business
•Auth for the Enterprise•Administration for the Enterprise
•Support and SLAs for the Enterprise•SQL, SQL, SQL
•$8/user/month per app
Scripting
Google Apps Script
Apps Script allows you to run your code in the cloud, as server-side executed JavaScript. Send e-mails, create calendar appointments, migrate Google Sites and more-- all accessible from the Google Apps UI.
Secure Data Connector
Secure Data Connector
Secure Data Connector allows your application, hosted on Google infrastructure, to securely access corporate data behind the firewall, without exposing it to the web
Building in the Cloud
Data from CRM app
Data from product catalog
Data from ERP system
Gadgets
Gadgets
Gadgets allow youto embed your application's UI into Gmail, Calendar, Spreadsheets and Sites, using the OpenSocial standard
Gmail Sidebar Gadgets
Gmail Contextual Gadgets
Gmail Contextual Gadgets
Gmail Contextual Gadgets
Summary•Build for yourself or make a living building for
others or selling in the Marketplace•Build anywhere you want
•Integrate with:othe UI of Google Apps
oGoogle Apps DataoGoogle Apps accounts
oData behind your firewall•Write Scripts for easy tasks
Resources
ResourcesGoogle Apps APIs:http://code.google.com/googleapps
Google Apps Developer Blog:http://googleappsdeveloper.blogspot.comMe:http://www.twitter.com/ryguyrghttp://www.google.com/profiles/ryan.boyd