<h1>Table of Contents<span class="tocSkip"></span></h1>
<div class="toc"><ul class="toc-item"><li><span><a href="#APIs-(Application-Programming-Interfaces)" data-toc-modified-id="APIs-(Application-Programming-Interfaces)-1"><span class="toc-item-num">1&nbsp;&nbsp;</span>APIs (Application Programming Interfaces)</a></span><ul class="toc-item"><li><span><a href="#Think-Communication" data-toc-modified-id="Think-Communication-1.1"><span class="toc-item-num">1.1&nbsp;&nbsp;</span>Think Communication</a></span></li><li><span><a href="#Parts-on-an-API" data-toc-modified-id="Parts-on-an-API-1.2"><span class="toc-item-num">1.2&nbsp;&nbsp;</span>Parts on an API</a></span></li><li><span><a href="#API-Types" data-toc-modified-id="API-Types-1.3"><span class="toc-item-num">1.3&nbsp;&nbsp;</span>API Types</a></span><ul class="toc-item"><li><span><a href="#Web" data-toc-modified-id="Web-1.3.1"><span class="toc-item-num">1.3.1&nbsp;&nbsp;</span>Web</a></span></li><li><span><a href="#Databases" data-toc-modified-id="Databases-1.3.2"><span class="toc-item-num">1.3.2&nbsp;&nbsp;</span>Databases</a></span></li><li><span><a href="#Operating-Systems" data-toc-modified-id="Operating-Systems-1.3.3"><span class="toc-item-num">1.3.3&nbsp;&nbsp;</span>Operating Systems</a></span></li><li><span><a href="#Hardware" data-toc-modified-id="Hardware-1.3.4"><span class="toc-item-num">1.3.4&nbsp;&nbsp;</span>Hardware</a></span></li></ul></li></ul></li><li><span><a href="#Client-Server-Model" data-toc-modified-id="Client-Server-Model-2"><span class="toc-item-num">2&nbsp;&nbsp;</span>Client Server Model</a></span><ul class="toc-item"><li><span><a href="#Client" data-toc-modified-id="Client-2.1"><span class="toc-item-num">2.1&nbsp;&nbsp;</span>Client</a></span></li><li><span><a href="#Server" data-toc-modified-id="Server-2.2"><span class="toc-item-num">2.2&nbsp;&nbsp;</span>Server</a></span></li><li><span><a href="#Database" data-toc-modified-id="Database-2.3"><span class="toc-item-num">2.3&nbsp;&nbsp;</span>Database</a></span></li></ul></li><li><span><a href="#HTTP-Requests" data-toc-modified-id="HTTP-Requests-3"><span class="toc-item-num">3&nbsp;&nbsp;</span>HTTP Requests</a></span><ul class="toc-item"><li><span><a href="#Code-Example" data-toc-modified-id="Code-Example-3.1"><span class="toc-item-num">3.1&nbsp;&nbsp;</span>Code Example</a></span><ul class="toc-item"><li><span><a href="#Parts-of-the-response" data-toc-modified-id="Parts-of-the-response-3.1.1"><span class="toc-item-num">3.1.1&nbsp;&nbsp;</span>Parts of the response</a></span></li><li><span><a href="#Passing-Parameters" data-toc-modified-id="Passing-Parameters-3.1.2"><span class="toc-item-num">3.1.2&nbsp;&nbsp;</span>Passing Parameters</a></span></li><li><span><a href="#HTTP-Post" data-toc-modified-id="HTTP-Post-3.1.3"><span class="toc-item-num">3.1.3&nbsp;&nbsp;</span>HTTP Post</a></span></li></ul></li></ul></li><li><span><a href="#OAuth-(Open-Authorization)" data-toc-modified-id="OAuth-(Open-Authorization)-4"><span class="toc-item-num">4&nbsp;&nbsp;</span>OAuth (Open Authorization)</a></span><ul class="toc-item"><li><span><a href="#Why-use-OAuth?" data-toc-modified-id="Why-use-OAuth?-4.1"><span class="toc-item-num">4.1&nbsp;&nbsp;</span>Why use OAuth?</a></span></li></ul></li></ul></div>

# APIs (Application Programming Interfaces)

Typical way of getting data (usually JSON or XML)

![](images/js_plus_python.png)

## Think Communication

Application to another application:
* Send request (with some info/data)
* Get response
    + data
    + service


Examples include:

- Financial transactions
- Posting to Twitter
- Controlling IOT

Always a software-to-software interaction

## Parts on an API

* **Access Permissions**
    + User allowed to ask?
* **API Call/Request**
    + Code used to make API call to implement complicated tasks/features
    + *Methods*: what questions can we ask?
    + *Parameters*: more info to be sent
* **Repsonse**
    + Result of request

> Note that most modern APIs will use JSON but be sure you know what is being used!

![](images/json_api_gives_xml_errors.jpeg)

## API Types

### Web

Interface can work at both server or client end

Examples:
* [Twitter REST API](https://developer.twitter.com/en/docs.html)
* [Amazon S3 REST API](https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html)

### Databases

* Pass back data in specific format
* Generalizable

### Operating Systems

### Hardware

# Client Server Model

Distributed architecture:
1. Servers: provide a service
    - Usually physically separate from clinet
2. Clients: request a service
    - hardware or software

![Client, Server, Data diagram](images/client_server_illustration.png)

## Client

**Web Example**

Defines what user sees, so it must:
  + Define the page visuals
  + Methods for responding to user interactions

## Server

**Web Example**

Listens to requests (through HTTP):
1. Authenticates client/user
2. Looks at requests
3. Performs actions/processes needed
4. Sends response to client (possibly with more data)

## Database

Can be called from the server to get data for the client

# HTTP Requests

Specific formatting to make a proper request.

Libraries `urllib` & `urllib2` can be complicated ðŸ˜•

## Code Example

We can use `requests` library to get web page form data, files, and parameters more easily.

In [None]:
import requests

In [None]:
# Getting the response from our request 
resp = requests.get('https://www.google.com')

In [None]:
type(resp)

In [None]:
print(f'Response Code: {resp.status_code}')
print(f'Is it OK? {resp.status_code == requests.codes.ok}')

### Parts of the response

In [None]:
# Full HTML doc
print(resp.text)

In [None]:
display(resp.headers)
# Convert to a dicitonary from `requests.structures.CaseInsensitiveDict`
headers = dict(resp.headers)

In [None]:
print(headers['Date'])   # Date the response was sent
print(headers['Server']) # Server type (google web service - GWS)

### Passing Parameters

In [None]:
credentials = {'user_name': 'luigi', 'password': 'i<3peach'}  
r = requests.get('http://httpbin.org/get', params=credentials)

# Note we can only do this since the r.text() is JSON format
results = r.json()
# Don't want my IP floating around ðŸ˜‰
results['origin'] = None

print(r.url)  
display(results)


### HTTP Post

Allows multiples be sent at once 

In [None]:
# Example won't run without example files
url = 'http://httpbin.org/post'  
file_list = [  
    ('image', ('fi.png', open('fi.png', 'rb'), 'image/png')),
    ('image', ('fi2.jpeg', open('fi2.jpeg', 'rb'), 'image/png'))
]

r = requests.post(url, files=file_list)  
print(r.text)

# OAuth (Open Authorization)

Avoid abuse by limiting.

Usually we can use personal access tokens (typical for development).
But with large number of authentication, OAuth is most common

1. Get credentials & authorize application (before OAuth)
2. **Authorize** permissions requested
3. **Redirect** use back w/ authorization code
4. **Aquisition** user "recieves" access token

Check out curriculum for full details

![OAuth diagram of server and client](images/oauth_diagram.png)

## Why use OAuth?

Alternative is essentially a username & password (API key & secret)

Allows access without user password:
**Authentication** separated from **Authorization**