In this project students will choose two API's and create a mashup that uses them synchronously. Once the code is completed students will then present their projects in a short recoded screencast walking through their code and demoing the final result.
You will need to complete the HTTP and API playlist and most of assessment 4 to understand how to write code to utilize the HTTP and HTTPS protocols on Node.js
Some notable examples from previous semesters includes:
A successful project will have at minimum four phases in code execution:
When a end user visits the home page, our server send them a form to fill out.
When a end user submits the form, use the captured data to send the first API request.
Upon receiving the response from the first API request, your server will parse the response and generate a request to the second API.
You have to be careful here: the user cannot be the driver of this secondary request, if they have to interact with the page at all, this is considered two separate requests and not two synchronous requests. In the GitHub Jobs x Todoist mashup upon receiving a response from GitHub our application immediate contacts Todoist for the next phase.
Upon receiving the response from the second API request, your server will parse the response and finally send results back to the end user.
The project requires two API's to be chosen, one of which MUST have some form of authentication. The authentication model chosen will determine the maximum score that can be earned. The other chosen API does not need authentication.
These two API's MUST be queried synchronously without race conditions. Having two API's operate asynchronously will not be awarded any credit.
There will be score ceilings dependent on the authentication model chosen.
Each step increases project complexity, but there is a larger reward for those willing to take a risk with a more difficult work flow. (To gauge the difficulty the Spotify API in assessment 4 used Client Credential authorization workflow)
| Authentication | Maximum Score |
|---|---|
| API Key | 90% |
| OAuth 2.0 Client Credential | 100% |
| OAuth 2.0 Three Legged | 110% |
This score ceiling is based on the most difficult API you choose:
https://github.com/public-apis/public-apis
You should avoid OAuth 1.0 API's as we did not cover certificate signing this semester.
You are not restricted to just API's on this list.
NPM modules are banned
This project tasks you with writing an HTTP server to communicate with various API's. Some API's offer helper libraries to automate the authentication process. You cannot use these libraries. (You can still use those API's, but you must do so using only HTTP / HTTPS Node.js modules)
Some popular libraries that are banned from this assignment
If the library is available on nodejs.org you can use it, if it's on the npmjs.com website it's barred from this assignment.
Promise and Async/Away notation is banned
We have covered callback and observer pattern this semester, your solution must demonstrate understanding of these techniques.
No credit will be given to solutions that utilize either of these.
As this is meant to be an independent research project, API's used in current and future lecture videos and in previous assignments are not allowed. This list includes four API's:
https://developer.spotify.com/
Exception: Three legged OAuth endpoints are allowed for Spotify API as we only used Client Credential.
If you are having difficulty finding two related API's, it is fine to use two unrelated API's. In this scenario, students are still required to write their code in a synchronous fashion, and will instead pretend the first API request needs to be responded to, before the second can be sent. (Eg. I need to get the restaurant information, before I can request the weather data)
Submissions must be made with a Queens College supplied G Suite for Education account. Personal Google accounts will not be have access to the submission form. The link below will walk students through the process of setting up an account.
http://ctl.qc.cuny.edu/claim-qc-google-apps-account/
Student's who receive a permission error are not signed in to the correct account. The link below should help with switching accounts.
https://accounts.google.com/AccountChooser
I've also created a test form only visible with your QC account:
https://forms.gle/VL1bF6GuDCb5tTf1A
if you can see the form you are good. You don't need to submit the form, I won't be looking at the results
First check this list to see which pairing of API's your fellow classmates have chosen (this will be updated daily)
https://docs.google.com/spreadsheets/d/1dA5rS42tZxQLxLHQTAIkB5l6Yr6ar7Ak04EENvPkIZ4/edit?usp=sharing
You cannot use the exact same pair as someone else, but you can change one of them to a different API and it will be considered a different pairing.
Don't rush to lock in your API without thoroughly testing it. The public API list currently has 650 different API's meaning there are 650C2 = 210,925 possible pairings. It's very unlikely for two students choose the exact same pair of APIs at random.
There's little need to rush this process and it can be harmful if you lock yourself into an API that you later find incredibly difficult to use.
During this phase you should be looking through and setting up accounts with various API's to find a pair that you want to create your project with. Make sure to try using each API before deciding on your API, as some API's are much harder to use than others. Use an HTTP debugger like Insomnia or Postman to try to authenticate and make queries.
I would recommend first looking into API's that interest you, having contextual knowledge about a particular hobby can make working with the API much easier. (E.g. A Hearthstone player would understand the intricate details of the Hearthstone API better than non-players)
During this phase you should:
My assistance will be limited for this project, in contrast to the Spotify API, I do not have intimate knowledge of your chosen APIs, if you find that you are having trouble using the API, don't choose it!
Once testing is completed you will submit your API choice here:
Within 24 hours of submitting the form (likely much sooner) , you will receive an email notifying you of your choices either be approved or rejected. API pair choice is assigned on a first come first serve.
In the case where someone submits the exact same pair of APIs as you, you will need to change one or more of the API's and resubmit.
Once approved you may move to the next phase.
The deliverables you will be required to submit:
Code and any assets needed to run the project. If there are any additional setup requirements please include that information in a file readme.txt
A formalized Sequence Diagram describing a (non-cached) use of your application including all calls to each API
Additional factors that will effect your grade:
Is your application resilient to unexpected input? (It should deliver 404 in most of these cases)
Do you utilize caching?
Sequence Diagram
If you have multiple similar requests, like when downloading multiple images, a single arrow with a remark is sufficient
Finally students will record a screencast presenting their project similar to my lecture videos. (Record your screen while explaining how your code works)
A screencast will consist of:
1) Description of the project:
2) Going through the sequence diagram
3) Going through the code:
4) Run the program
5) Answer the following questions:
15 minutes is ideal. Try to keep your screencast under 20 minutes, this is not a requirement (I've received much longer screencasts, this is also fine)
There is no minimum time requirement, if you think you can hit all the requirements quickly feel free to submit a shorter screencast.
Don't worry too much about the quality of the recording as long as the bullet points are hit and you demonstrate understanding of your code, the video does not need to be professionally recorded and edited.
There are no specific requirements, you can use any screen recording software that you want including:
Open Broadcast Software (OBS)
YouTube Live streaming
Either upload the video file to the form below or upload an unlisted recording to YouTube and include the link in your submission.
I must be able to watch your video and read your code.
If you are concerned, after submission, you can send me an email and I will confirm receipt of files and quickly test to make sure everything is viewable on my end (I will not grade them, only test the integrity of the files to make sure nothing is corrupt)
Your screencast is worth 100% of your grade.
No partial credit will be given to students stuck in earlier phases.
Be careful of scope creep, keep the project simple. The usefulness of your project is not a factor in it's grading. Your code will be graded on your programs functionality, reliability, caching, and whether all the requirements are hit.
All code including submissions from previous semesters are passed through Stanford Moss to check for plagiarism.
Save all files and sequence diagram into a directory CS355-FP-######## replacing # with your Student ID
https://docs.google.com/forms/d/e/1FAIpQLSciZ-2wxGnKafQShC3whq3nIaYQWryzgjEnctEKYazZ-xHlqA/viewform
December 15th 23:59:59