Windows Azure Mobile Services - The Perfect Partner
1. Windows Azure Mobile Services:
The Perfect Partner
Michael S. Collier
@MichaelCollier
CodeMash – January 9, 2014
2. Michael S. Collier
• Principal Cloud Architect, Aditi
• michaelc@aditi.com
• @MichaelCollier
• www.MichaelSCollier.com
3. UPCOMING WINDOWS AZURE EVENTS
DevUnleashed
Saturday, February 8th
Microsoft – Columbus
Michael Collier, Samidip Basu, Jared Faris, or Mike Wood
Global Windows Azure Boot Camp
Saturday, March 29th
http://global.windowsazurebootcamp.com
Michael Collier, Brian Sherwin, or Mike Wood
CloudDevelop
Friday, August 15th 2014
Ohio Union – The Ohio State University
www.CloudDevelop.org / @CloudDevConf
Michael Collier or Jared Faris
4. CLOUD / MOBILE USER GROUPS
Central Ohio Cloud Computing
User Group
Windows Developer User Group
Windows Azure, AWS, Google, etc
3rd Monday of each month
2nd Monday of each month
6pm – 8pm
6pm – 8pm
TechColumbus
Improving Enterprises, Columbus
http://thewindowsdeveloperusergroup.com/
www.coccug.org
@WindowsDevUG
@coccug
Samidip Basu
Michael Collier
Windows Store & Windows Phone
5. Agenda
•
•
•
•
•
•
What is it? / Getting Started
Data Storage Options
Server Scripts / Business Logic
Push Notifications
User Authentication
Diagnostics / Monitoring
• Q&A
6
6. Mobile Backend-as-a-Service (MBaaS)
Additional Services
Scheduled Tasks
Unstructured Storage
Messaging
Structured Storage
Identity
Windows Azure Mobile Services
Windows Azure Mobile Services
7. What is Windows Azure Mobile Services
Image courtesy of Windows Azure Training Kit
http://aka.ms/mobileservices
8. Client Support
Windows Phone
Windows Store
Android
iOS
HTML5
Xamarin.iOS
Xamarin.Android
Sencha
Image courtesy of http://msdn.microsoft.com/en-us/library/windowsazure/jj554228
10. Shhh . . . It’s a Secret
Application Key
NOT A SECURITY TOKEN/CONTROL
Hint that user is coming from your app (reduce chance of
misuse)
Private until you publish the app
Master Key
All powerful
Do NOT distribute with your application
Use from server-side logic you control
11. Unstructured Data Storage
Leverage Windows Azure Storage or Service Bus
Tables: schemaless entity storage; NoSQL
Blobs: storage for any binary object (files . . . whatever you want)
Queues: simple messaging (push/pop)
Access via Windows Azure module for node.js
var azure = require('azure');
var tableService = azure.createTableService(‘<storage account>',‘<storage
key>', 'table.core.windows.net');
tableService.insertEntity(‘<table>’, entity, function(error) { });
12. Structured Data Storage
Leverage strengths of Windows Azure SQL Database
New or Existing Database
Reporting, TSQL support, existing tools, etc.
Manage your way (portal, REST API, SSMS, etc.)
Partition applications by schema
mycoupons.Users
speakers.Users
Dynamic Schema Support (on/off)
13. Default System Columns
Column
Type
Description
id
string
__createdAt
date
Any unique string
If not provided, server will create a unique value (GUID)
Set when item is inserted
__updatedAt
date
__version
timestamp
Set anytime there is an update to the item.
Updated via database trigger.
Unique value updated anytime there is a change to the item
Read-only value
•
•
Columns starting with ‘__’ (two underscores) will be rejected.
System columns not returned by default. Set ‘__systemProperties’ on request or
‘systemProperties’ in server
•
azure mobile table create --integerId [service_name] [table_name]
More info at http://blogs.msdn.com/b/carlosfigueira/archive/2013/11/23/new-tables-in-azure-mobile-services-string-id-system-properties-and-optimistic-concurrency.aspx
16
14. Data Access
REST API
OData Interface
GET, POST, PATCH, DELETE
https://<service>.azure-mobile.net/tables/<table_name>/{<item_id>}
Authorization
X-ZUM0-{APPLICATION | AUTH | MASTER}
Send JSON in request body
Receive JSON as response
16. Server-Side Business Logic
• Never trust the client!
• Handled via JavaScript scripts on the server
• Intercept CRUD operations and apply your logic
Scripting
function(item, user, request)
{
…..
}
User authentication
Payload verification
Pre-Storage
Pre-Scripting
node.js
Dynamic schematization
Final checks
17. node.js
Known objects and modules
apns
azure
console
crypto
gcm
mpns
mssql
push
query
request
response
service
sendgrid
statusCodes
table
user
util
var SendGrid = require('sendgrid').SendGrid;
var sendgrid = new SendGrid(‘<account>', ‘<password>');
sendgrid.send({
to: userItem.EmailAddress,
from: 'notifications@mytodoitem.azure-mobile.net',
subject: 'New ToDoItem Added!!',
text: 'A new MyToDoItem was added: ' + item.text},
function(success, message)
{
// If the email failed to send, log it as an error.
if (!success) {
console.error('SendGrid Error! ' + message);
}
});
18. Source Control
• Enable via a Git repository
• Portal
• azure mobile preview enable SourceControl <service>
• Automatically pushed to the mobile service
Service
api
shared
scheduler
tables
21
19. node.js – Add your own modules
• Enable source control
• npm install [module-name]
• git add .
• git commit –m ‚added stuff‛
• Use in server scripts
22
service
• Go to ./service folder
api
node_modules
shared
scheduler
tables
20. Custom API
• HTTP request - GET, POST, PUT, PATCH, DELETE
https://<service_name>.azure-mobile.net/api/<api_name>
• Request / response object implemented by express.js
exports.post = function(request, response) {
// Use "request.service" to access features of your mobile service, e.g.:
// var tables = request.service.tables;
// var push = request.service.push;
response.send(200, "Hello World");
};
More details at http://blogs.msdn.com/b/carlosfigueira/archive/2013/06/14/custom-apis-in-azure-mobile-services.aspx
23
21. Scheduled Jobs
• Scheduled or on-demand
• Scenarios
•
•
•
•
Archive / Backup data (i.e. SQL Database)
Purge stale records (i.e. Push Notification channels)
Query external systems and store locally
Whatever you can think of
• Initially disabled
24
22. Application Settings
function sendEmail(item)
{
// alternative: process.env.SendGridUsername
var config = require('mobileservice-config');
var sendgrid =
new SendGrid(config.appSettings.SendGridUsername,
config.appSettings.SendGridPassword);
sendgrid.send({
to: 'michael.collier@live.com',
from: 'notifications@codemash-todo.azure-mobile.net',
subject: 'You have work to do!!',
text: 'A new task was added: ' + item
},
table operation
25
exports.get = function (request, response) {
var config = request.service.config;
var isDebug = config.appSettings.isDebug === 'true';
if (isDebug) {
console.log('request url: ', request.url);
console.log('request headers: ', request.headers);
console.log('request query: ', request.query);
}
custom API operation
25. Push Notifications
Obtain Windows, Apple, or GCM push notification credentials
Windows: WNS client secret and package SID from Windows dev portal.
Apple: Get a cert and create a profile from iOS Provisioning Portal
Google: Get API key from Google API console
Enter appropriate notification credentials into the WAMS portal.
Ability to send Tile, Toast, Badge, and Raw notifications (Windows)
push.wns.* / push.apns.send (token, {alert, sound})
Node.js module to create push notifications
Handles authentication against WNS, GCM, or APNS
26. Notification Hubs
May be ideal for working with multiple mobile clients.
Large number of clients & notifications.
More information at http://msdn.microsoft.com/en-us/library/windowsazure/jj927170.aspx
29
29. Authentication
Microsoft Account – Use the Live SDK
Tight integration with Windows Live services
Client side authentication
Facebook Android SDK info at http://blogs.msdn.com/b/carlosfigueira/archive/2014/01/08/using-the-facebook-android-sdk-for-logging-in-to-azure-mobile-services.aspx
30. Authorization
Table & API authorization
Everyone: any request by anyone is accepted.
Anyone with Application Key: app key distributed w/ the app (default)
Authenticated Users: users that have been authenticated
Scripts and Admins: registered scripts or requests via the master key
Your application can add whatever other authorization
is needed.
31. Authorization
Server script to match against your table (role-based
access, specific user, etc.)
Match against user.userId
35. Developer Analytics / New Relic
•
•
•
•
38
Add NewRelic via Windows Azure Store
Enable source control feature
npm install newrelic
Add and commit files
38. Pricing and SLA
BASIC
FREE 1
STANDARD
Price 2
Free
(up to 10 services / month)
$25 / month
per unit
$199 / month
per unit
API Calls 2
500K
1.5M per unit
15M per unit
Active Devices 3
500
Unlimited
Unlimited
Scale
N/A
Up to 6 units
Up to 10 units
Scheduled jobs
(Preview)
1 job, 1 execution per hour
10 jobs
50,000 executions
10 jobs
500,000 executions
SQL Database 5
(required)
20 MB included,
Standard rates apply for additional
capacity
20 MB included,
Standard rates apply for additional
capacity
20 MB included,
Standard rates apply for additional
capacity
SLA
N/A
99.9%
99.9%
N/A
N/A
Suspension of Service
No admin action or user access for
more than 90 days
30 days notice
More details at http://www.windowsazure.com/en-us/pricing/details/mobile-services/
40. Resources
• Windows Azure Mobile Services
• http://aka.ms/mobileservices
• Mobile Services Concepts
• http://msdn.microsoft.com/en-us/library/windowsazure/jj591475.aspx
• SDK and Samples available on GitHub
• https://github.com/WindowsAzure/azure-mobile-services
• Inside Windows Azure Mobile Services
• http://channel9.msdn.com/posts/Kirill-Gavrylyuk-and-Josh-Twist-InsideWindows-Azure-Mobile-Services
• Josh Twist’s Blog
• http://www.thejoyofcode.com
• Carlos Figueira’s Blog
• http://blogs.msdn.com/b/carlosfigueira/
42. Thank You!
• Michael S. Collier
• Principal Cloud Architect, Aditi
Next: “More Cache with Less Cash” –
1:45pm on Friday (Indigo Bay)
• michaelc@aditi.com
• @MichaelCollier
• www.MichaelSCollier.com
Hinweis der Redaktion
Principal Cloud ArchitectWindows Azure MVPHelp customers nationwide with their Windows Azure projects. This can include architectural design sessions, training, development, evangelism, etc.Reach me via email, Twitter, or my blog.
Scenarios – scale, global distribution, focus on app not the infrastructurePlaying Field – infrastructure that would be too expensive to build/maintain; Anybody with great idea can make the next killer app
Build out services individually – lots of extra workNot something many mobile app developers want to do – want to FOCUS ON THE APPMessaging – Push Notifications and Service BusUnstructured Storage (tables, blobs, queues)
Getting StartedDemo the New Mobile Service Create a new Windows 8 application experience in the portalVery fast provisioningBuilt on Windows Azure Web Sites
How to secure the web service available by Mobile Services?Two ways – Application Key and Master Key
Knowing some of the basics of security is important, because we’ve got some important things to secure – like our data.Let’s talk about data.* Ability to access Windows Azure Service Bus too.
Relatively recent update to WAMS which introduced new system columns.Help with concurrency and provide more flexibility in the value of the key/id used.http://blogs.msdn.com/b/carlosfigueira/archive/2013/11/23/new-tables-in-azure-mobile-services-string-id-system-properties-and-optimistic-concurrency.aspx
X-ZUMO-APPLICATION – The application key of the mobile service.X-ZUMO-AUTH - The service-generated authentication token for an authenticated user. You must specify a token for an authenticated user when required to access the table operation.X-ZUMO-MASTER - The service master key.
It’s Your DataShow data in management portal and SQL Management Studio
Now that we have data in our service, let’s see how we can work with it. Could be our business logic or some basic data validation aside from what’s in the client.Pre-Scripting- User authentication (populates the ‘user’ object)- Single JSON object (no array)Pre-Storage- Final validation layer: no complex objects- Capture and log errors
Service: Root of the mobile service-specific repository.api: Contains custom API script files (api_name.js) and JSON permission files (api_name.json).shared: Contains shared script files, such as the Apple Push Notification Service (APNS) feedback script (feedback.js).scheduler: Contains scheduled job script files (job_name.js)tables: Contains table operation script files (table_name.js) and JSON permission files (table_name.json). Legacy script files are stored in the formattablename.operation.js.
Expose custom business logic that does not map to a CRUD operation or a scheduled jobCurrently only node.js - .NET support coming soonhttp://msdn.microsoft.com/en-us/library/windowsazure/dn280974.aspx
Scheduled jobs in Mobile Services allow us to execute business logic . . . On a schedule. http://msdn.microsoft.com/en-us/library/windowsazure/dn167694.aspx
Once we have our business logic in the server scripts, how do we store application settings?Storing secrets – username, password, API keys, etc.Share code – not secretsCondition code executionhttp://blogs.msdn.com/b/carlosfigueira/archive/2013/12/09/application-settings-in-azure-mobile-services.aspx
Show creating a custom APIEnable Git support
Let’s talk a little about how to notify users via Push Notifications.
Now that we’ve got data added to our app, business logic in place, a custom API, and a scheduled task, let’s talk about how to authenticate the users.OAuthRenders the OAuth web interface for the selected provider.
While on the topic of authentication, there is another Preview feature that can help in making the user experience a little nicer.Users – enables you to retrieve more of the authenticated users profile without making a separate API call to the identity provider.http://blogs.msdn.com/b/carlosfigueira/archive/2013/12/16/enhanced-users-feature-in-azure-mobile-services.aspx
User AuthenticationShow hooking up GoogleShow User enhancements preview feature
Autoscale resets every UTC morningAutoscale when > 90% of API quota per unit
1 Quotas for the Mobile Services Free tier apply at the subscription level.2 Billing and the quotas for API calls are prorated daily.3 Active devices refers to the daily number of physical devices and emulators that make at least one call to or receive a push notification from your mobile service.4 The scheduled jobs feature is currently in preview. The Free tier is limited to one job and one execution per hour. Basic and Standard tiers include 50k and 500k job executions, respectively, and can accommodate up to 10 jobs.5 One 20MB Azure SQL Database is available per subscription for the first twelve months of use; standard rates apply thereafter.
Windows Azure National ArchitectWindows Azure MVPHelp customers nationwide with their Windows Azure projects. This can include architectural design sessions, training, development, evangelism, etc.Reach me via email, Twitter, or my blog.