SlideShare una empresa de Scribd logo

AdWords API & OAuth 2.0, Advanced

M
marcwan
TecnologíaEmpresariales
1 de 31
Descargar para leer sin conexión
Google Inc - All Rights Reserved
AdWords API - Using OAuth 2.0 Advanced usage Ray Tsang, Google, Inc. Danial Klimkin, Google, Inc.
Agenda ● Hopefully you are already using OAuth 2.0! ● Issue with unoptimized OAuth 2.0 requests ● Solutions ● Resources
Google Inc. - All Rights Reserved Refresher OAuth 2.0????
Google Inc. - All Rights Reserved ClientLogin is going away You must migrate to OAuth 2.0 ASAP ClientLogin is Going Away!
Google Inc. - All Rights Reserved Secure ○ Users enter their username/password in secure Google login page ○ Third-party application won’t receive nor store the password ○ Reduced impact if OAuth 2.0 access is compromised More Control ○ Restrict access via “scopes” ○ User can revoke access at will Standards driven ○ RFC 6749 ○ Used by many large service providers, including Google Why OAuth 2.0?
Google Inc. - All Rights Reserved Already using OAuth 2.0? Great to hear! Watch out for some common issues
Google Inc. - All Rights Reserved Access Token Expiration Anticipate the possibility that a granted token might no longer work ○ The access token has expired (expires_in value) ○ The user has revoked access ○ The account has exceeded a certain number of active token for the same application
Google Inc. - All Rights Reserved The refresh token expired if unused for six months. 25 refresh token limit per user per application ○ When exceeded, oldest refresh token is quietly invalidated ○ no user-visible warning - your application need to handle this You should only need one refresh token per user Refresh Token Expiration
Google Inc. - All Rights Reserved When an access token has expired or revoked: AuthenticationError.OAUTH_TOKEN_INVALID Cause: access token expired Resolution: get a new access token with the refresh token AuthenticationError.INVALID_GRANT_ERROR Cause: access revoked Resolution: re-authorize via the authorization URL (the consent screen) Common Errors
Google Inc. - All Rights Reserved Revoking Access
Google Inc. - All Rights Reserved Rate Limits There is a rate limit for obtaining the access token QPS may change over time based on different conditions Beware in multi-threaded and/or multi-server environment Be ready for it in Production!
Google Inc. - All Rights Reserved Multithreaded Environment Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token!
Google Inc. - All Rights Reserved Multi-Server / Multi-Process Environment Client Application . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token! Client Application Client Application
Google Inc. - All Rights Reserved Client ApplicationClient Application Put Them Together Client Application Thread 1 Thread 2 Thread N . . .
Google Inc. - All Rights Reserved What’s Your Platform Like? .Net
Google Inc. - All Rights Reserved Sharing the access token Sharing is caring
Google Inc. - All Rights Reserved Share the token and the expiration time Access token Calculated expiration time 12 6 39 T1 expires_in Te
Google Inc. - All Rights Reserved Multithreaded platforms can share data among threads Must be thread-safe Use the singleton pattern Use a Singleton Credential object in Java can be shared
Google Inc. - All Rights Reserved Minimize Access Token Requests Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I’ll re-use the Credential I’ll re-use the Credential
Google Inc. - All Rights Reserved Minimize the number of initial access token requests is half the problem When access token expires - minimize refresh requests! Handling Expiration Credential object in Java handles expiration
Google Inc. - All Rights Reserved Use a shared storage ○ In-memory: Memcached, Infinispan, Ehcache, ... ○ Persistent: RDBMS, MongoDB, … Store securely! Don’t forget to check for expirations Use Shared storage
Google Inc. - All Rights Reserved Using a Shared Storage Client Application . . . Client Application Shared Storage 1. Check if unexpired access token is already in the shared storage Client Application 2. If expired, use the refresh token to get an access token 3. Write the credential back to the shared storage 4. Check if unexpired access token is already in the shared storage
Google Inc. - All Rights Reserved Worst case scenario: All processes simultaneously read expired access token from the shared storage ● Avoid race conditions ● Eagerly refresh stored credentials before it expires ○ e.g., If access token expires in 1 hr, refresh in 45 minutes Proactive Refresh Make sure server clocks are in sync (use NTP)
Google Inc. - All Rights Reserved Proactive Refresh Client Application Shared Storage Check if unexpired access token is already in the shared storage Periodic Refresher 1. Use the refresh token to get a new access token 2. Write the credential back to the shared storage
Google Inc. - All Rights Reserved Centralize OAuth 2.0 access token management ○ Retrieval ○ Refresh ○ Storage Service-oriented approach OAuth 2.0 Token Management Server Example - OAuth 2.0 Key Cache
Google Inc. - All Rights Reserved Using a Token Management Server Client Application Token Mgmt Server 1. I need the access token 2. Here you go! O ops! Expired, let m e fetch another one.
Google Inc. - All Rights Reserved Refresh token and access token = Credentials Store them securely! Last Note - Security!
Google Inc. - All Rights Reserved Resources Download links AdWords API OAuth 2.0 Guide Optimizing OAuth 2.0 Requests for AdWords API Google OAuth 2.0 Documentation
Google Inc. - All Rights Reserved Questions?
Google Inc. - All Rights Reserved

Recomendados

Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analytics
marcwan
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)
marcwan
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratu
marcwan
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap
Ervin Weber
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0
marcwan
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)
marcwan
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)
marcwan
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)
marcwan
 

Recomendados

Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analytics
marcwan
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)
marcwan
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratu
marcwan
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap
Ervin Weber
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0
marcwan
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)
marcwan
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)
marcwan
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)
marcwan
 
OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0
marcwan
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your Users
CommonsWare
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Omar Fathy
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
Oliver Pfaff
 
Accessing Google Cloud APIs
Accessing Google Cloud APIsAccessing Google Cloud APIs
Accessing Google Cloud APIs
wesley chun
 
GCCP Session 2.pptx
GCCP Session 2.pptxGCCP Session 2.pptx
GCCP Session 2.pptx
DSCIITPatna
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
AppSolid by SEWORKS
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
Intuit Developer
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebula Project
 
Using GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsUsing GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane Solutions
Sally Laouacheria
 
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamSecrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
OWASP Delhi
 
Troubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxTroubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptx
Yury Leonychev
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721
Haeseung Lee
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 
GDSC Study Jam Session 1
GDSC Study Jam Session 1GDSC Study Jam Session 1
GDSC Study Jam Session 1
SahithiGurlinka
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentesters
Inon Shkedy
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
Equal Experts
 
Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...
James DeLuccia IV
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent Convento
DEVCON
 
Create a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADECreate a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADE
Rocket Software
 
Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)
marcwan
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords API
marcwan
 

Más contenido relacionado

Similar a AdWords API & OAuth 2.0, Advanced

OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0
marcwan
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 

Similar a AdWords API & OAuth 2.0, Advanced (20)

OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your Users
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
Accessing Google Cloud APIs
Accessing Google Cloud APIsAccessing Google Cloud APIs
Accessing Google Cloud APIs
 
GCCP Session 2.pptx
GCCP Session 2.pptxGCCP Session 2.pptx
GCCP Session 2.pptx
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
Using GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsUsing GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane Solutions
 
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamSecrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
 
Troubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxTroubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptx
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
 
GDSC Study Jam Session 1
GDSC Study Jam Session 1GDSC Study Jam Session 1
GDSC Study Jam Session 1
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentesters
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
 
Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent Convento
 
Create a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADECreate a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADE
 

Más de marcwan

Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords API
marcwan
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)
marcwan
 
07. feeds update
07. feeds update07. feeds update
07. feeds update
marcwan
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scripting
marcwan
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Update
marcwan
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords API
marcwan
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402
marcwan
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Options
marcwan
 

Más de marcwan (20)

Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords API
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)
 
07. feeds update
07. feeds update07. feeds update
07. feeds update
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scripting
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Update
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords API
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Options
 
OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)
 
End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)
 
Api update rundown (Spanish)
Api update rundown (Spanish)Api update rundown (Spanish)
Api update rundown (Spanish)
 
AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)
 
Mobile landing pages (Spanish)
Mobile landing pages (Spanish)Mobile landing pages (Spanish)
Mobile landing pages (Spanish)
 
Rate limits and performance
Rate limits and performanceRate limits and performance
Rate limits and performance
 
OAuth 2.0 refresher
OAuth 2.0 refresherOAuth 2.0 refresher
OAuth 2.0 refresher
 
Mobile landing pages
Mobile landing pagesMobile landing pages
Mobile landing pages
 
End to-end how to build a platform
End to-end how to build a platformEnd to-end how to build a platform
End to-end how to build a platform
 
AwReporting Tool
AwReporting ToolAwReporting Tool
AwReporting Tool
 
Api update rundown
Api update rundownApi update rundown
Api update rundown
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

AdWords API & OAuth 2.0, Advanced

  • 1. Google Inc - All Rights Reserved
  • 2. AdWords API - Using OAuth 2.0 Advanced usage Ray Tsang, Google, Inc. Danial Klimkin, Google, Inc.
  • 3. Agenda ● Hopefully you are already using OAuth 2.0! ● Issue with unoptimized OAuth 2.0 requests ● Solutions ● Resources
  • 4. Google Inc. - All Rights Reserved Refresher OAuth 2.0????
  • 5. Google Inc. - All Rights Reserved ClientLogin is going away You must migrate to OAuth 2.0 ASAP ClientLogin is Going Away!
  • 6. Google Inc. - All Rights Reserved Secure ○ Users enter their username/password in secure Google login page ○ Third-party application won’t receive nor store the password ○ Reduced impact if OAuth 2.0 access is compromised More Control ○ Restrict access via “scopes” ○ User can revoke access at will Standards driven ○ RFC 6749 ○ Used by many large service providers, including Google Why OAuth 2.0?
  • 7. Google Inc. - All Rights Reserved Already using OAuth 2.0? Great to hear! Watch out for some common issues
  • 8. Google Inc. - All Rights Reserved Access Token Expiration Anticipate the possibility that a granted token might no longer work ○ The access token has expired (expires_in value) ○ The user has revoked access ○ The account has exceeded a certain number of active token for the same application
  • 9. Google Inc. - All Rights Reserved The refresh token expired if unused for six months. 25 refresh token limit per user per application ○ When exceeded, oldest refresh token is quietly invalidated ○ no user-visible warning - your application need to handle this You should only need one refresh token per user Refresh Token Expiration
  • 10. Google Inc. - All Rights Reserved When an access token has expired or revoked: AuthenticationError.OAUTH_TOKEN_INVALID Cause: access token expired Resolution: get a new access token with the refresh token AuthenticationError.INVALID_GRANT_ERROR Cause: access revoked Resolution: re-authorize via the authorization URL (the consent screen) Common Errors
  • 11. Google Inc. - All Rights Reserved Revoking Access
  • 12. Google Inc. - All Rights Reserved Rate Limits There is a rate limit for obtaining the access token QPS may change over time based on different conditions Beware in multi-threaded and/or multi-server environment Be ready for it in Production!
  • 13. Google Inc. - All Rights Reserved Multithreaded Environment Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token!
  • 14. Google Inc. - All Rights Reserved Multi-Server / Multi-Process Environment Client Application . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token! Client Application Client Application
  • 15. Google Inc. - All Rights Reserved Client ApplicationClient Application Put Them Together Client Application Thread 1 Thread 2 Thread N . . .
  • 16. Google Inc. - All Rights Reserved What’s Your Platform Like? .Net
  • 17. Google Inc. - All Rights Reserved Sharing the access token Sharing is caring
  • 18. Google Inc. - All Rights Reserved Share the token and the expiration time Access token Calculated expiration time 12 6 39 T1 expires_in Te
  • 19. Google Inc. - All Rights Reserved Multithreaded platforms can share data among threads Must be thread-safe Use the singleton pattern Use a Singleton Credential object in Java can be shared
  • 20. Google Inc. - All Rights Reserved Minimize Access Token Requests Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I’ll re-use the Credential I’ll re-use the Credential
  • 21. Google Inc. - All Rights Reserved Minimize the number of initial access token requests is half the problem When access token expires - minimize refresh requests! Handling Expiration Credential object in Java handles expiration
  • 22. Google Inc. - All Rights Reserved Use a shared storage ○ In-memory: Memcached, Infinispan, Ehcache, ... ○ Persistent: RDBMS, MongoDB, … Store securely! Don’t forget to check for expirations Use Shared storage
  • 23. Google Inc. - All Rights Reserved Using a Shared Storage Client Application . . . Client Application Shared Storage 1. Check if unexpired access token is already in the shared storage Client Application 2. If expired, use the refresh token to get an access token 3. Write the credential back to the shared storage 4. Check if unexpired access token is already in the shared storage
  • 24. Google Inc. - All Rights Reserved Worst case scenario: All processes simultaneously read expired access token from the shared storage ● Avoid race conditions ● Eagerly refresh stored credentials before it expires ○ e.g., If access token expires in 1 hr, refresh in 45 minutes Proactive Refresh Make sure server clocks are in sync (use NTP)
  • 25. Google Inc. - All Rights Reserved Proactive Refresh Client Application Shared Storage Check if unexpired access token is already in the shared storage Periodic Refresher 1. Use the refresh token to get a new access token 2. Write the credential back to the shared storage
  • 26. Google Inc. - All Rights Reserved Centralize OAuth 2.0 access token management ○ Retrieval ○ Refresh ○ Storage Service-oriented approach OAuth 2.0 Token Management Server Example - OAuth 2.0 Key Cache
  • 27. Google Inc. - All Rights Reserved Using a Token Management Server Client Application Token Mgmt Server 1. I need the access token 2. Here you go! O ops! Expired, let m e fetch another one.
  • 28. Google Inc. - All Rights Reserved Refresh token and access token = Credentials Store them securely! Last Note - Security!
  • 29. Google Inc. - All Rights Reserved Resources Download links AdWords API OAuth 2.0 Guide Optimizing OAuth 2.0 Requests for AdWords API Google OAuth 2.0 Documentation
  • 30. Google Inc. - All Rights Reserved Questions?
  • 31. Google Inc. - All Rights Reserved