API & Library
OAuth
OAuth is about authorization and not authentication. Authorization is
asking for permission to do stuff.when a website wants to use the services
of another—such as Bitly posting to your Twitter stream—instead of asking
you to share your password, they should use a protocol called OAuth instead.
OAuth doesn’t share password data but instead uses authorization tokens to
prove an identity between consumers and service providers.
OAuth is an authorization protocol that allows you to approve one application interacting with another on your behalf without giving away your password.
OAuth is an open-standard authorization protocol or framework that provides applications the ability for “secure designated access.
______________
Oauth2.0 is a security standard in which we Give permission to access our data of 1 application to another.Instead of giving my username & password we give the app a key which gives that app the permission to access our data or do things on our behalf from our another application.
OAuth is an authorization protocol that allows you to approve one application interacting with another on your behalf without giving away your password.
OAuth is an open-standard authorization protocol or framework that provides applications the ability for “secure designated access.
______________
Oauth2.0 is a security standard in which we Give permission to access our data of 1 application to another.Instead of giving my username & password we give the app a key which gives that app the permission to access our data or do things on our behalf from our another application.
SAML vs. OAuth
SAML (Security Assertion Markup Language) is an alternative federated
authentication standard that many enterprises use for Single-Sign On (SSO).
SAML enables enterprises to monitor who has access to corporate resources. SAML uses XML to pass messages, and OAuth uses JSON. OAuth provides a simpler mobile experience, while SAML is geared towards enterprise security.
That last point is a key differentiator:
OAuth uses API calls extensively, which is why mobile applications, modern web applications, game consoles, and Internet of Things (IoT) devices find OAuth a better experience for the user. SAML, on the other hand, drops a session cookie in a browser .SAML much tougher than OAuth. Banks haven't adopted OAuth yet
SAML enables enterprises to monitor who has access to corporate resources. SAML uses XML to pass messages, and OAuth uses JSON. OAuth provides a simpler mobile experience, while SAML is geared towards enterprise security.
That last point is a key differentiator:
OAuth uses API calls extensively, which is why mobile applications, modern web applications, game consoles, and Internet of Things (IoT) devices find OAuth a better experience for the user. SAML, on the other hand, drops a session cookie in a browser .SAML much tougher than OAuth. Banks haven't adopted OAuth yet
SAML Vs Open Id connect
OpenID Connect is built on the OAuth 2.0 protocol and uses an additional JSON Web Token (JWT),
called an ID token. It is specifically focused on user authentication and is widely used to
enable user logins on consumer websites and mobile apps.
Both OIDC & SAML allows single sign on ie... without having to log in or share their sign-in information on accessing different websites/apps. But the difference lies
SAML - it enables you to log into your corporate intranet or IdP and then access numerous additional services, such as Salesforce etc, without having to re-enter your credentials.
OIDC - used your Google to sign in to applications like YouTube, or Facebook to log into an online shopping cart.
Both OIDC & SAML allows single sign on ie... without having to log in or share their sign-in information on accessing different websites/apps. But the difference lies
SAML - it enables you to log into your corporate intranet or IdP and then access numerous additional services, such as Salesforce etc, without having to re-enter your credentials.
OIDC - used your Google to sign in to applications like YouTube, or Facebook to log into an online shopping cart.
OAuth2.0 Vs OIDC
OAuth Grants access to your API. used for Authorization
OIDC allows Logging the user in . use for authentication.
SAML supports both user authentication and authorization while OAuth is only for authorization.
If the business priority is confirming user identity, SAML is the only choice.
If the business priority is securely and easily managing user privileges, OAuth may be the better choice.
OIDC allows Logging the user in . use for authentication.
SAML supports both user authentication and authorization while OAuth is only for authorization.
If the business priority is confirming user identity, SAML is the only choice.
If the business priority is securely and easily managing user privileges, OAuth may be the better choice.
Tomcat Vs Jetty
Tomcat Vs Jetty -> They r web server & servlet container.
Jetty came before tomcat.Jetty quite faster in processing than tomcat.
Tomcat is open source apache server work for java version 16 while jetty can work from java version 11 -16. Apache tomcat server configuration can be edited by making changes in the xml file.
this s/w is written in java language.(Site - tomcat.apache.org)
Jetty came before tomcat.Jetty quite faster in processing than tomcat.
Tomcat is open source apache server work for java version 16 while jetty can work from java version 11 -16. Apache tomcat server configuration can be edited by making changes in the xml file.
this s/w is written in java language.(Site - tomcat.apache.org)
GSON Vs Jackson
Both Gson and Jackson are good options for serializing/deserializing JSON data,
simple to use and well documented. Advantages of Gson: Simplicity of toJson/fromJson
in the simple cases. For deserialization, do not need access to the Java entities.
But Gson is the faster at deserializing JSONs in compare to Jackson.
For dealing with big json files , jackson is preferred. GSON is faster but Jackson has more complete support than GSON - like
Extensive annotation support If case insensivity is of any importance to you, then use Jackson. Gson does not support case insensitivity for key names, while jackson does.
______________________________________________
Convert String to json object Using GSON Library :
String string = "abcde";
1.You can convert it to a JavaBean if you want using:
Gson gson = new GsonBuilder().setPrettyPrinting().create(); gson.fromJson(string, JavaBean.class);
More Simpler:
String string = "abcde"; // The String which Need To Be Converted
JsonObject convertedObject = new Gson().fromJson(string, JsonObject.class);
2.Using JsonParser :
JsonParser jsonParser = new JsonParser();
JsonObject jo = (JsonObject)jsonParser.parse(json);
Assert.assertNotNull(jo); Assert.assertTrue(jo.get("Success").getAsString());
To do it in a simpler way, consider below:
JsonObject jsonObject = (new JsonParser()).parse(json).getAsJsonObject();
_______________________________________________
Convert Json to String using Jackson:
The methods writeValueAsString and
writeValueAsBytes of ObjectMapper class generate a JSON from a Java object and return the generated JSON as a string or as a byte array:
public class Car {
private String color;
private String type; // standard getters setters }
________
Car car = new Car("yellow", "renault");
String carAsString = objectMapper.writeValueAsString(car);
For dealing with big json files , jackson is preferred. GSON is faster but Jackson has more complete support than GSON - like
Extensive annotation support If case insensivity is of any importance to you, then use Jackson. Gson does not support case insensitivity for key names, while jackson does.
______________________________________________
Convert String to json object Using GSON Library :
String string = "abcde";
1.You can convert it to a JavaBean if you want using:
Gson gson = new GsonBuilder().setPrettyPrinting().create(); gson.fromJson(string, JavaBean.class);
More Simpler:
String string = "abcde"; // The String which Need To Be Converted
JsonObject convertedObject = new Gson().fromJson(string, JsonObject.class);
2.Using JsonParser :
JsonParser jsonParser = new JsonParser();
JsonObject jo = (JsonObject)jsonParser.parse(json);
Assert.assertNotNull(jo); Assert.assertTrue(jo.get("Success").getAsString());
To do it in a simpler way, consider below:
JsonObject jsonObject = (new JsonParser()).parse(json).getAsJsonObject();
_______________________________________________
Convert Json to String using Jackson:
The methods writeValueAsString and
writeValueAsBytes of ObjectMapper class generate a JSON from a Java object and return the generated JSON as a string or as a byte array:
public class Car {
private String color;
private String type; // standard getters setters }
________
Car car = new Car("yellow", "renault");
String carAsString = objectMapper.writeValueAsString(car);
Firebase Vs Rest API
Firebase synced data across all clients in real time & remains available
when our app goes offline .It has a cloud-hosted NoSQL database that lets
you sync between your users in real-time.
Firebase provides 2 types of sata storage mechanism -
1) Realtime Database : It is the oldest data storage technique in firebase and is best suited when the amount of data is small.It stores data in json format .And is generally allows to perform simple query on that data to fetch some records if we want to make some complex query than realtime database is not suitable for that.
2) Firestore : It is the newest database and stores data in the form of collections.It can store high volume of data.and also allows complex query operation to fetch condition based query data from the db. When we have some big database operations to perform like - sorting, transactions than we can achieve them using Firestore.
__________________________________________
We can't connect and authenticate android studio with firebase in 2 ways -
1) Firebase assistant : This option is provided under tools section in the android studio IDE.This is the easy way to connect our android studio app with firebase.
2) Firebase console : This is the way of making connection from firebase portal console.Firebase.com . Here we have to write our application name , the base package of our android studio application. And also we have to add the sha key from our android app from the gradle -> app->task->android -> signing report(double click on it, sha will be generated in the console)
Than we download the config file from the same Firebase portal and add all the required dependencies inside our project/app level grdle file.
_______________________________________________
The Firebase db is a cloud hosted dB in which data is stored in json. It is good when the amount of data is small because it is difficult to fetch condition based data from large db with it.
From huge amount of data we can create our own rest apis that can allow to & fro of datavery easily.
Why not to use firebase as a backend option for storage ->
It stores data in the form of json not sql. So, if I want to fetch some data based on my need like give me only names of the employees with given experience than firebase can't fetch the exact data we need.
Such data r easier to fetch from sql db but not from json data hence we have to make some compromises while using firebase as it is not going to give the same result we r seeking. it is difficult to fetch condition based data from large database if you are using Firebase. So, we have to change our logic to query for the data we want .and In case you need to change the logic to query data, you need to update your app.
While Doing upgrades is very easy if REST API is used It's becomes expensive when our app grows when more number of people visits our app but rest api will save time and money in the long run if such situations r to be met with it.
____________
Should I use REST API or just firebase to make an app like Uber or both?
We use Firebase database for small database holding less amount of data because, it is difficult to fetch condition based data from large database if you are using Firebase . Whereas, when we have a large/complex database and we need to send/receive data to/from there, then we create our own REST APIs and that is way more flexible than using Firebase.
Cons with rest api
We need to host our server somewhere (heroku/AWS/Azure/etc.) and it will cost money also .
but no such adjustment needed ro make incase of Firebase as it has it's own server .
______________________
www.postman.com/downloads/release-notes/
Firebase provides 2 types of sata storage mechanism -
1) Realtime Database : It is the oldest data storage technique in firebase and is best suited when the amount of data is small.It stores data in json format .And is generally allows to perform simple query on that data to fetch some records if we want to make some complex query than realtime database is not suitable for that.
2) Firestore : It is the newest database and stores data in the form of collections.It can store high volume of data.and also allows complex query operation to fetch condition based query data from the db. When we have some big database operations to perform like - sorting, transactions than we can achieve them using Firestore.
__________________________________________
We can't connect and authenticate android studio with firebase in 2 ways -
1) Firebase assistant : This option is provided under tools section in the android studio IDE.This is the easy way to connect our android studio app with firebase.
2) Firebase console : This is the way of making connection from firebase portal console.Firebase.com . Here we have to write our application name , the base package of our android studio application. And also we have to add the sha key from our android app from the gradle -> app->task->android -> signing report(double click on it, sha will be generated in the console)
Than we download the config file from the same Firebase portal and add all the required dependencies inside our project/app level grdle file.
_______________________________________________
The Firebase db is a cloud hosted dB in which data is stored in json. It is good when the amount of data is small because it is difficult to fetch condition based data from large db with it.
From huge amount of data we can create our own rest apis that can allow to & fro of datavery easily.
Why not to use firebase as a backend option for storage ->
It stores data in the form of json not sql. So, if I want to fetch some data based on my need like give me only names of the employees with given experience than firebase can't fetch the exact data we need.
Such data r easier to fetch from sql db but not from json data hence we have to make some compromises while using firebase as it is not going to give the same result we r seeking. it is difficult to fetch condition based data from large database if you are using Firebase. So, we have to change our logic to query for the data we want .and In case you need to change the logic to query data, you need to update your app.
While Doing upgrades is very easy if REST API is used It's becomes expensive when our app grows when more number of people visits our app but rest api will save time and money in the long run if such situations r to be met with it.
____________
Should I use REST API or just firebase to make an app like Uber or both?
We use Firebase database for small database holding less amount of data because, it is difficult to fetch condition based data from large database if you are using Firebase . Whereas, when we have a large/complex database and we need to send/receive data to/from there, then we create our own REST APIs and that is way more flexible than using Firebase.
Cons with rest api
We need to host our server somewhere (heroku/AWS/Azure/etc.) and it will cost money also .
but no such adjustment needed ro make incase of Firebase as it has it's own server .
______________________
www.postman.com/downloads/release-notes/
Azure pipeline vs github actions
Log back framework is a successor of log4j.if we have set the logging level
to trace than normally it won't be visible in the console b'coz by default
logging level is set to info.Hence,need to set for trace level appearance
in the application. Properties - logging.level.root=TRACE
________________________________________
Jenkins vs azure devops
DevOps is union of people, process & products.
Azure pipelines allows us to build ,test, deploy our code or application anywhere we want.
That can also be deployment to any platform ,any cloud.It supports containers and it allows us to easily integrate with containerisation platform like- kubernetes .
We can create pipeline in azure devops using either yaml file or using classic editor.
Azure artifact is created ( in the form of some zip files ) when we create the pipeline.
Azure Artifacts helps us to share maven , python packages from public or private sources with the entire team.It lets to integrate packages with ci/cd pipelines in a more efficient manner.and also lets to keep our packages safe & secure.
Azure Testplan provides us wide variety of manual & automated testing tools.It lets us to test our application on desktop or web application.
________________________________
ARM Tool
'Infrastructure as Code - Simply put this is when you can set up your infrastructure reliably using code. Just like your application code, infrastructure code is stored as part of your source repository and versioned. Anyone in your team can run the code and deploy similar environments.
One way to implement Infrastructure as code for Azure solutions is to use Azure Resource Manager templates.
________________________________________
Jenkins vs azure devops
DevOps is union of people, process & products.
Azure pipelines allows us to build ,test, deploy our code or application anywhere we want.
That can also be deployment to any platform ,any cloud.It supports containers and it allows us to easily integrate with containerisation platform like- kubernetes .
We can create pipeline in azure devops using either yaml file or using classic editor.
Azure artifact is created ( in the form of some zip files ) when we create the pipeline.
Azure Artifacts helps us to share maven , python packages from public or private sources with the entire team.It lets to integrate packages with ci/cd pipelines in a more efficient manner.and also lets to keep our packages safe & secure.
Azure Testplan provides us wide variety of manual & automated testing tools.It lets us to test our application on desktop or web application.
________________________________
ARM Tool
'Infrastructure as Code - Simply put this is when you can set up your infrastructure reliably using code. Just like your application code, infrastructure code is stored as part of your source repository and versioned. Anyone in your team can run the code and deploy similar environments.
One way to implement Infrastructure as code for Azure solutions is to use Azure Resource Manager templates.
Builder class Example
Advantage
Builder design pattern also helps in minimizing the number of parameters in the constructor
and thus there is no need to pass in null for optional parameters to the constructor.
package builder;
class Vehicle {
//required parameter
private String engine;
private int wheel;
//optional parameter
private int airbags;
public String getEngine() {
return this.engine;
}
public int getWheel() {
return this.wheel;
}
public int getAirbags() {
return this.airbags;
}
private Vehicle(VehicleBuilder builder) {
this.engine = builder.engine;
this.wheel = builder.wheel;
this.airbags = builder.airbags;
}
public static class VehicleBuilder {
private String engine;
private int wheel;
private int airbags;
public VehicleBuilder(String engine, int wheel) {
this.engine = engine;
this.wheel = wheel;
}
public VehicleBuilder setAirbags(int airbags) {
this.airbags = airbags;
return this;
}
public Vehicle build() {
return new Vehicle(this);
}
}
}
public class BuilderPatternExample {
public static void main(String[] args) {
Vehicle car = new Vehicle.VehicleBuilder("1500cc", 4).setAirbags(4).build();
Vehicle bike = new Vehicle.VehicleBuilder("250cc", 2).build();
System.out.println(car.getEngine());
System.out.println(car.getWheel());
System.out.println(car.getAirbags());
System.out.println(bike.getEngine());
System.out.println(bike.getWheel());
System.out.println(bike.getAirbags());
}
}
package builder;
class Vehicle {
//required parameter
private String engine;
private int wheel;
//optional parameter
private int airbags;
public String getEngine() {
return this.engine;
}
public int getWheel() {
return this.wheel;
}
public int getAirbags() {
return this.airbags;
}
private Vehicle(VehicleBuilder builder) {
this.engine = builder.engine;
this.wheel = builder.wheel;
this.airbags = builder.airbags;
}
public static class VehicleBuilder {
private String engine;
private int wheel;
private int airbags;
public VehicleBuilder(String engine, int wheel) {
this.engine = engine;
this.wheel = wheel;
}
public VehicleBuilder setAirbags(int airbags) {
this.airbags = airbags;
return this;
}
public Vehicle build() {
return new Vehicle(this);
}
}
}
public class BuilderPatternExample {
public static void main(String[] args) {
Vehicle car = new Vehicle.VehicleBuilder("1500cc", 4).setAirbags(4).build();
Vehicle bike = new Vehicle.VehicleBuilder("250cc", 2).build();
System.out.println(car.getEngine());
System.out.println(car.getWheel());
System.out.println(car.getAirbags());
System.out.println(bike.getEngine());
System.out.println(bike.getWheel());
System.out.println(bike.getAirbags());
}
}